Spinnaker accessing UI from localhost using ssh-tunnel - ssh

I've installed spinnaker in kubernetes cluster, halyard is running in ubuntu machine.
To access spinnaker UI from my laptop as localhost:9000, I ran hal deploy connect on ubuntu and created ssh tunnel in putty for ports 9000, 8084, 8087 which is in my laptop to ubuntu system where halyard is running.
hal deploy connect
+ Get current deployment
Success
+ Connect to Spinnaker deployment.
Success
Forwarding from 127.0.0.1:8084 -> 8084
Forwarding from [::1]:8084 -> 8084
Forwarding from 127.0.0.1:9000 -> 9000
Forwarding from [::1]:9000 -> 9000
But spinnaker is not connecting, and ssh even logs says - connection is refused...
however 've tried to running other application directly on ubuntu, created ssh tunnel for that and through localhost:portNumber in my laptop is working fine..
please advise.. thanks..

Please take a look on: helm-chart, spinnaker-deployment.
Temporary workaround (until this is fixed) you can add:
spec:
...
- --runtime-config=apps/v1beta1=true,apps/v1beta2=true,extensions/v1beta1/daemonsets=true,extensions/v1beta1/deployments=true,extensions/v1beta1/replicasets=true,extensions/v1beta1/networkpolicies=true,extensions/v1beta1/podsecuritypolicies=true
... to /etc/kubernetes/manifests/kube-apiserver.yaml
At the end restart kubelet.
Make sure you followed every steps from this tutorial.

Related

Gitlab change ssh port (ubuntu 22.04 LTS, gitlab-ce 15.8.1)

I'm running my own gitlab server on Oracle Cloud
and its Domain handled by Cloudflare
But my gitlab ssh cloning doesn't work at all.
(as far as I can remember, HTTP 413 curl 22 The requested URL returned error: 413)
(And It also happened port 22 network unreachable error)
I think other process hold 22 port, so I tried to change gitlab ssh port to other port.
Changed gitlab.rb (gitlab_shell_ssh_port to other)
Open Oracle Cloud VCN port,
Open Ubuntu Firewall(ufw allow and also tried iptables)
And Add other port on sshd (/etc/ssh/ssh_config)
disable cloudflare DNS Proxy to DNS only.
but It doesn't work and even port is inaccessible.
more than that nothing listen on that port.
what should I do more on this?

Port forwarding EMR Zepplin through SSH

I'm trying to establish a secure connection to my emr server on AWS.
I have successfully connected through putty to it. However I would like to use zeppelin through the SSH tunnel.
Does the following look correct to forward the port 8890 from the EMR host to my local machines 8890 so that traffic is encrypted? Im on a windows machine.
Thanks,
Tim
Destination is in respect to the SSH Server. Providing Localhost:8890 will mean 8890 of the machine on which SSH server is running.

No response from running Tomcat: does not start, does nothing

I'm using Ansible to spin up a new Amazon EC2 install, and then I install Java and Tomcat (via the yum module). After placing the war for sample project from the Apache website in the webapps directory, I go and run the the command (below), nothing happens. It returns with response, no error. I've checked both the IP and port 8080 and Tomcat is not running.
[centos#sonar-test webapps]$ sudo systemctl start tomcat
[centos#sonar-test webapps]$ sudo systemctl start tomcat
[centos#sonar-test webapps]$
For reference, I was following this tutorial as well:
https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-7-on-centos-7-via-yum
From your comment on my question running curl in your ec2 instance
When I curl I get a large html document with various apache-esque things on it
It means Tomcat is installed and running.
If you don't access it, its because of your security group rules
In your ec2 console, select the Security Groups option. Edit the rules that is associated with your ec2 instance (the one running Tomcat) and permits inbound connections to port 8080 (so you can make request to your Tomcat server) and port 80 if you're running Apache (or nginx/another web server). If you're not sure about security, you can restrict the inbound traffic to come only from your IP so you can test but no-one else can make request.

HTTP access on GCE instance after firewall rule added

I'm trying to get Apache working on a GCE instance.
Following GCE's Quickstart guide, I did the following:
Created instance "my-instance" in "my-project" (CentOS image)
Installed httpd, verified it's running
Added the following firewall rule:
gcutil addfirewall http2 --description="Incoming http allowed." --allowed="tcp:http"
and did the same for HTTPS and ICMP
Verified through gce gui that these rules were added to default network
I can ping my instance's IP address but I can't get an HTTP response. I've tried through the browser, from a curl command - no dice. And it works fine when on localhost so I know Apache is returning the index.html page.
When I use curl from a remote host, the error is:
curl: (7) Failed connect to (instance ip addr):80; Connection refused
Thoughts?
I did some experiments to replicate this. In short, I believe HTTP port 80 may be blocked by iptables firewall rules on the local Centos instance. This appears to be the default behavior.
I have a GCE firewall rule setup to allow port 80 traffic to all instances. I created a centos based image via the Cloud Console (which is indeed using the v1 API). Logged in via SSH and started a web server on port 80. I was not able to hit the web server from my laptop. However I was also not able to hit it from another instance in my project. This lead me to suspect a firewall local to the instance rather than Compute Engine's firewall.
I ran this command (which drops the default reject of all ports for testing - this is unsafe to do for machines which are directly exposed to the internet):
$ sudo iptables -D INPUT -j REJECT --reject-with icmp-host-prohibited
After running that, I was able to hit my webserver from both another instance and my laptop. Note that this change is lost after restarting the instance. I don't know the correct procedure for changing the default firewall rules on Centos.
Please try a similar experiment on your instances, especially try to hit the web server from another Compute Engine instance, since service level firewalls do not block traffic between instances on the same network.

Installing httpd-2.4.3 in RHEL 5.3

I have installed httpd-2.4.3 on RHEL 5.3. I followed the basic installation which later then it runs on
/usr/local/bin/apachectl restart -f /usr/local/conf/httpd.conf
I can access locally (just use telnet localhost 80) , but i cannot access from remote using my browser or telnet port 80 from other server.
adding port 80 to IPtables, - done
httpd services is running - checked
Thanks for the reply.
Check your /etc/selinux/config is enable or not.