I'm installing a modern GoCD (16.7) on an Ubuntu machine. openjdk-8 (jre and jdk). The agents (on localhost) fail to connect to the server:
[Sat Jul 30 05:58:47 UTC 2016] Starting Go Agent Bootstrapper with command:
/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java
-jar /usr/share/go-agent3/agent-bootstrapper.jar
-serverUrl https://127.0.0.1:8154/go/
...
java.lang.Exception: Couldn't access Go Server with base url:
https://127.0.0.1:8154/go/admin/agent-launcher.jar:
java.net.SocketException: Broken pipe
at com.thoughtworks.go.agent.launcher.ServerCall.invoke(ServerCall.java:78)
and
2016-07-30 06:00:48,790 [main ] ERROR go.agent.launcher.ServerBinaryDownloader:118
- Couldn't update admin/agent-launcher.jar. Sleeping for 1m.
Error: java.lang.Exception: Couldn't access Go Server with base url:
https://127.0.0.1:8154/go/admin/agent-launcher.jar:
java.net.SocketException: Broken pipe
(I manually wrapped those lines for readability)
The server is actually accessible. For instance:
$ curl --silent --insecure https://127.0.0.1:8154/go/ | head -2
<!-- *************************GO-LICENSE-START******************************
* Copyright 2014 ThoughtWorks, Inc.
Yes, I'm using --insecure, but gocd ships with a self-signed cert. It's standard practice. Some of the things I've seen said "oh, you are blocking your port" but this is to localhost.
Are your GOCD server and agent using identical versions of Java? We have found they must be the same because the certificates have to match. See chatter
Related
When I use the recommended rdesktop to connect to Windows EC2 host I see from Archlinux:
$ rdesktop 54.254.180.73
ATTENTION! The server uses and invalid security certificate which can not be trusted for
the following identified reasons(s);
1. Certificate issuer is not trusted by this system.
Issuer: CN=EC2AMAZ-I5MV8JK
Review the following certificate info before you trust it to be added as an exception.
If you do not trust the certificate the connection atempt will be aborted:
Subject: CN=EC2AMAZ-I5MV8JK
Issuer: CN=EC2AMAZ-I5MV8JK
Valid From: Thu Mar 5 16:06:01 2020
To: Fri Sep 4 16:06:01 2020
Certificate fingerprints:
sha1: 98f1e92f9b9a3b57f4b2a23177f1bbe1a9afeb2c
sha256: 8e9f1a2e5497c972b56b8300f6e2ec3f59c8903103984cb5456a237c9a7b2d45
Do you trust this certificate (yes/no)? yes
Failed to initialize NLA, do you have correct Kerberos TGT initialized ?
Failed to connect, CredSSP required by server (check if server has disabled old TLS versions, if yes use -V option).
I'm not sure where to go from here. Especially when rdesktop doesn't appear maintained.
Any tips to connect to a Windows host?
Instead of rdesktop, the FreeRDP: A Remote Desktop Protocol Implementation seems to better accommodate this CredSSP required by server issue.
xfreerdp /u:"Administrator" /v:ec2-3-1-49-118.ap-southeast-1.compute.amazonaws.com
I'm just using WSO2 micro intregrator and having issue with CLI tools, mi: Unable to connect to host
i run the WSO2 Micro Integrator on a VM using command :
$micro-integrator.bat -DenableManagementApi
and i wanna Get information about one or more Carbon Apps using :
$mi show carbonapp --verbose
[INFO] Executed ManagementCLI (mi) on Thu, 25 Jul 2019 14:59:47 +07
[INFO] Show Carbon app called
[INFO] URL: https://localhost:9165/management/applications
$mi: Unable to connect to host
mi init --verbose
[INFO] Executed ManagementCLI (mi) on Thu, 25 Jul 2019 15:01:52 +07
[INFO] Init called
Enter following parameters to configure the cli
Host name(default localhost): localhost
Port number(default 9164): 9165
CLI configuration is successful
i expect Get information about one or more Carbon Apps
Can you check the port ManagementApi is running. By default it is 9164 since you have mentioned as 9165, is MI started with offset 11 ( default offset 10 )? Else you may find the offset in carbon.xml.
Following logs will be printed in console when MI is started with Management Api
[2019-07-28 21:05:05,318] [micro-integrator] INFO - PassThroughListeningIOReactorManager Pass-through EI_INTERNAL_HTTPS_INBOUND_ENDPOINT Listener started on 0.0.0.0:9164
Here "9164" is the port of it. Please make sure that it is started and the port it is started is same as what you define in init.
I am getting these errors from MailEnable, the OS is CentOS. The errors are from /var/log/maillog as suggested by #OlegNeumyvakin.
Sep 8 03:33:12 localhost journal: plesk sendmail[38416]: handlers_stderr:$
Sep 8 03:33:12 localhost journal: plesk sendmail[38416]: SKIP during call$
Sep 8 03:33:12 localhost postfix/pickup[35664]: 66B7B21F2D4F: uid=0 from=$
Sep 8 03:33:12 localhost postfix/cleanup[38422]: 66B7B21F2D4F: message-id$
Sep 8 03:33:12 localhost postfix/qmgr[9634]: 66B7B21F2D4F: from=<root#loc$
The email cannot send nor receive anything. I am trying to get it to work since it is for a site and it needs to send/receive emails.
You can check your virtual address by command:
postmap -q mail#example.tld hash:/var/spool/postfix/plesk/virtual
virtual.db is Berkeley DB file
you can check it content with Berkeley DB dump util:
# db5.1_dump -p /var/spool/postfix/plesk/virtual.db
VERSION=3
format=print
type=hash
h_nelem=4103
db_pagesize=4096
HEADER=END
drweb#example.tld\00
drweb#localhost.localdomain\00
kluser#example.tld\00
kluser#localhost.localdomain\00
mail1#example.tld\00
mail1#example.tld\00
postmaster#example.tld\00
postmaster#localhost.localdomain\00
root#dexample.tld\00
root#localhost.localdomain\00
anonymous#example.tld\00
anonymous#localhost.localdomain\00
mailer-daemon#example.tld\00
mailer-daemon#localhost.localdomain\00
DATA=END
you can install this util with yum install libdb-utils
Also in case you have issues with sending mail you can check limitations on outgoing email messages at Tools & settings > Mail Server Settings and if you have enabled them Tools & settings > Outgoing Mail Control
I'm a student from korea
first, i'm sorry about my low level english :)
I'm make a web service using AWS + nginx + django
I connect to AWS instance(ubuntu) using SSH protocol
Welcome to Ubuntu 14.04.4 LTS (GNU/Linux 3.13.0-74-generic x86_64)
* Documentation: https://help.ubuntu.com/
System information as of Sat Apr 30 07:03:51 UTC 2016
System load: 0.0 Processes: 105
Usage of /: 23.8% of 7.74GB Users logged in: 0
Memory usage: 14% IP address for eth0: 172.31.17.137
Swap usage: 0%
Graph this data and manage this system at:
https://landscape.canonical.com/
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
21 packages can be updated.
17 updates are security updates.
Last login: Sat Apr 30 07:03:52 2016 from 210.103.124.253
pyenv-virtualenv: no virtualenv has been activated.
and
manage.py runserver --settings=abc.settings.production
So everyone can access my web service!
but.... after 30miniute
the SSL connection is broken itself....
export this message
packet_write_wait: Connection to 52.69.xxx.xxx: Broken pipe
and nobody can't access my web service...
so... my web site can't access when my computer was power off, none SSL connection...
I want everyone can access my web service 24/7
please give me a method thank you :)
When you want to run a command that continues after your current shell terminates, you should use the nohup command to launch it.
That causes the process to be detached from its initial parent shell so it is not killed when the parent terminates.
I'm trying to deploy my Flask app using uWSGI, but I can't seem to do it without sudo.
Here is my start script:
#!/bin/bash
set -v
set -e
cd /var/hpit/hpit_services
/var/hpit/hpit_services/env/bin/uwsgi --http [::]:80 --master --module wsgi --callable app --processes 4 --daemonize ../log/uwsgi.log --pidfile ../server_pid_file.pid
echo server started
Here is what I get in the logs:
*** Starting uWSGI 2.0.9 (64bit) on [Mon Jan 26 15:53:26 2015] ***
compiled with version: 4.8.2 on 23 January 2015 20:35:44
os: Linux-3.18.1-x86_64-linode50 #1 SMP Tue Jan 6 12:14:10 EST 2015
nodename: <<blocked out>>
machine: x86_64
clock source: unix
detected number of CPU cores: 2
current working directory: /var/hpit/hpit_services
writing pidfile to ../server_pid_file.pid
detected binary path: /var/hpit/hpit_services/env/bin/uwsgi
!!! no internal routing support, rebuild with pcre support !!!
your processes number limit is 7962
your memory page size is 4096 bytes
detected max file descriptor number: 1024
lock engine: pthread robust mutexes
thunder lock: disabled (you can enable it with --thunder-lock)
bind(): Permission denied [core/socket.c line 764]
Core/socket.c line 764 has this:
if (bind(serverfd, (struct sockaddr *) &uws_addr, addr_len) != 0) {
if (errno == EADDRINUSE) {
uwsgi_log("probably another instance of uWSGI is running on the same address (%s).\n", socket_name);
}
uwsgi_error("bind()");
uwsgi_nuclear_blast();
return -1;
}
But I don't have instances of uWSGI running. This seems to be a permissions issue. My permissions for /var/hpit, /var/hpit/hpit_services (the location of the app) and /var/hpit/log are bsauer:www-data. My user us bsauer.
If I append sudo -E to the line in my start script that calls the uWSGI binary, it seems to start fine, but I read that a server should not be started as sudo. I inherited this sysadmin role at work and am a little new to all of this.
Here are my hunches/musings:
I know that uWSGI can start as one user and drop into another user role, but I don't really understand this process, so perhaps that's the problem.
uWSGI is trying to access something on the system I'm not aware of
Thanks for your help, I can provide more details if necessary.
EDIT
Oddly, my /var/hpit/log/uwsgi.log file is owned by bsauer:bsauer, not bsauer:www-data or www-data:www-data as I would have expected...
EDIT2
Ok, from looking at http://projects.unbit.it/uwsgi/wiki/Example at the bottom of the page, it looks like the problem is running on port 80. I changed it to 8080, but its still running as bsauer, which I don't think I want.
This is what I came up with as far as I understand it, if anyone wants to put this is clearer sysadmin language I'll be happy to edit.
The solution had nothing to do with the logs after all. The problem was that port 80, the default HTTP port, is protected by the system, and only root can bind to that port. Without sudo, it won't let you bind. Binding to another port, like port 8080, worked fine.
I wanted to bind to port 80 but still run the server as www-data, so I ended up following the very bottom of this page: http://projects.unbit.it/uwsgi/wiki/Example . Basically, the socket to port 80 is shared, and uWSGI can access it first as sudo, and then drop down into www-data to run the server.
I still had to use sudo -E before calling the uWSGI binary, because it needs root permissions to change uWSGI's user and group ID, but it's ok because the end result is the server then runs in the very restricted www-data user.
In the end, my server start line was:
sudo -E /var/hpit/hpit_services/env/bin/uwsgi --shared-socket [::]:80 --http =0 --uid 33 --gid 33 --master --module wsgi --callable app --processes 4 --daemonize ../log/uwsgi.log --pidfile ../server_pid_file.pid