I'm attempting to install WSO2 GREG in a docker container using docker-toolbox (Kitematic and boot2docker) on my Macbook Pro.
The application is up and running just fine but it does some redirects during login that the networking layers in Kitematic->boot2docker seem to confuse.
Here are the details:
My guest systems IP is 192.168.99.100. Accessing the application via that IP works just fine.
When I attempt to login, the app redirects my browser to a URL using the containers IP (172.17.0.2) rather than the guest's IP (192.168.99.100). Unfortunately, the container IP is not accessible to my host computer and the redirect fails with a page not accessible.
I've updated the configuration file for the app to point to the Guest OS's IP in what I believe is the relevant configuration file (repository/conf/identity/sso-idp-config.xml).
I have updated the carbon.xml file to reference the Guest IP (192.168.99.100) but the application still seems to start on the containers IP.
[2016-01-28 18:43:36,737] INFO {org.wso2.carbon.ui.internal.CarbonUIServiceComponent} - Governance Center Publisher Default Context : https://172.17.0.2:9449/publisher
So I think there are two possible answers I'm looking for:
How can I configure GREG to startup and reference the guest IP rather than the container's IP?
How can I configure boot2docker or my local machine to forward requests on the containers IP as requests to the guest VM?
I'm not sure about GREG, but in IS and AM that happens if you are not defining a particular IP/Hostname in <HostName> and <MgtHostName> in repository/conf/carbon.xml (they are commented out by default)
Related
DataPusher is not working with my CKAN 2.8 install. I have DataPusher and CKAN on the same VPS (an Amazon EC2 instance). I cannot curl /api/3/action/resource_show from within the instance, but I can from outside it at the same IP address I can access the CKAN web gui from. I am using the default port settings/followed the official CKAN documentation for setting up CKAN and DataPusher/DataStore.
Upon checking the error logs (specifically datapusher.error.log in /var/log/apache2) the latest message is:
ConnectionError: HTTPConnectionPool(host='{ckan.site_url value, in this case the public IP of the instance}', port=80): Max retries exceeded with url: /api/3/action/resource_show (Caused by NewConnectionError('<requests.packages.urllib3.connection.HTTPConnection object at 0x7f3bb0151490>: Failed to establish a new connection: [Errno 110] Connection timed out',))
I had a similar issue but I used a different approach to solve it.
The system looks up DNS names in the /etc/hosts file before it goes to the external DNS server. I simply pointed my hostname (from the URL) to the local IP address like so:
172.16.22.2 ckan.installation.url
This way, the server connects to itself when it needs to reach ckan.installation.url and users connect to ckan.installation.url (public facing IP) when they need to access the site.
Ultimately the issue is that with an AWS EC2 VPS, your Ubuntu instance is not aware of its public-facing IP address, which is probably what you're using to reach the CKAN web gui hosted on said VPS.
Ideally the CKAN API can be hit internally but I have been unable to do so with localhost/127.0.0.1 in place of the VPS's external/public-facing IP address. The issue with setting the ckan site_url to localhost is that is what you will be directed to from the CKAN web gui when attempting to use DataPusher (e.g. manually initiating upload of a resource to the DataStore). Your computer obviously won't know localhost refers to the CKAN dev server... So in short, the ckan site_url value must be something accessible by both DataPusher and people/devices on the public Internet (assuming you want your CKAN instance to be publicly-accessible).
The solution here is to open port 80 to the public IP address of the AWS EC2 instance in the inbound rules of the instance's security group. In other words, you are letting the instance hit itself at port 80. Seem inefficient, but I don't have an alternative at the moment. It's better than nothing!
I installed FREEIPA on ubuntu 16 and set the hostname and update the /etc/hosts file as well, and Installed FREEIPA successfully but could not able to access "https://ipa.example.com" on the browser.
Note:-
This VM is on the Google Platform and part of private DNS
error:-DNS_PROBE_FINISHED_NXDOMAIN
If you're using freeipa you are probably going to authenticate multiple machines against it.
Modifying /etc/hosts is a temporary solution that's not going to work on large environment: you need a dns server to answer when a server asks for ipa.example.com moreover you need dns to manage priority between multiple ipa servers if need high availability and resilience.
I'm trying to install a WSO2 EMM server on Amazon EC2 Instance, but have a problem with it. EC2 instance have 2 IP addresses - one of them is internal Amazon address like 172.32.x.x, another is external real IP.
If I try to setup carbon.xml file with real IP (or domain), I have a problem with thrift server, which can't open port 10500 at a real IP. If I use internal IP running of server is fine, but in application I can't reach identity server (because it's a gray IP, of course).
I tried some tricks with using /etc/hosts file, for example, setup 0.0.0.0 as my domain. In this case server is running without errors, and a can see that port 10500 is open using netstat, but web application is not redirect to identity server.
May be there are any solutions of this problem?
I have to update EMM server to version 1.1.0 and all is working now.
Thanks all!
In the carbon.xml, change the HostName and MgtHostName to the real IP and start the server.
For example if the real IP is 172.32.x.x then HostName and MgtHostName in the carbon.xml should change to:
<HostName>172.32.x.x</HostName>
<MgtHostName>172.32.x.x</MgtHostName>
Basically, my internal IP is masked by an external IP of my internet service provider. So, my internal IP can only be accessed inside my intranet. I want to let users outside the intranet to access my Dev server as well which is hosted on 0.0.0.0:8000 on my system. How do I do that?
Check out localtunnel on github, it does exactly what you're asking.
https://github.com/progrium/localtunnel
If you are willing to go that far you can use Reverse SSH Tunnel:
open a free micro linux instance on Amazon's AWS and create a reverse SSH tunnel to redirect port 80 on the server to your machine.
This is a cool solution for testing purposes and low traffic usage...
You can read more about it here:
http://www.techrepublic.com/article/setting-up-a-reverse-ssh-tunnel/5779944
I’m developing a small application that interacts with a web service which authorizes access based on the client IP. When developing on my local machine at home, I am not allow to access the web service, unless I request an authorization for the random IP that i get from my ISP.
My question: Is there an easy way to get around this problem, since I cannot have a fixed IP at home? Proxy, vpn, etc... through a webserver with an authorized IP? How?
Thanks in advance :)
I assume this is your problem: You can only connect to remote_system from Authorized_IP system.
If you can ssh to Authorized_IP from your home PC, you can setup a ssh tunnel that forward connection to port 8080 of Authorized_IP to the port 80 of the remote_system with ssh command. If you run Linux on the Authorized_IP system, it is very simple. Windows is more complex with Cygwin sshd, it is possible.
http://www.google.com/search?q=ssh+tunnel
To answer your question directly: Dynamic DNS. For testing, point your web service at a hostname that your get from a dynamic DNS provider such as http://dyndns.org. Then download a tool that automatically updates your DNS entry with your dynamically assigned IP address.
But more to the point, why can't you just use your localhost (127.0.0.1) as your IP address for developing, debugging, testing?