I'm trying to evaluate spinnaker on AWS.
I followed the document to setup VPC in AWS. I'm able to run Spinnaker at http://localhost:9000, but when I click on the new application in the Spinnaker UI, I see this error on the terminal.
channel 7: open failed: connect failed: Connection refused.
I'm unable to create a new application.
It is possible that port 8084 is blocked. The Spinnaker UI(Deck) needs to be able to communicate with the API(Gate) over port 8084.
In AWS, try opening port 8084, same way you did for port 9000.
Related
I am trying to add a file to S3 bucket using NiFi. I have configured IAM role for authentication. Getting the error PutS3Object Failed to put StandardFlowFileRecord to Amazon S3 due to Unable to execute HTTP request: Connect to sts.amazonaws.com:443 failed: connect timed out com.amazonaws.SdkClientException.
My NiFi instance is installed on ec2 instance and from that ec2 instance I am able to transfer file to S3 bucket using aws cli.
This is an issue with your STS service, the "client" - nifi processor module uses and endpoint via public internet unless you have setup an VPC Endpoint for STS
#Tris
Assuming you have everything allowed and configured at firewall, access, and SSL Context Service, the timeout should be able to be resolved by increasing the timeout values in the processor. Sometimes the default settings are not sufficient.
I try to integrate a web app to a VNET. this is a brand new subscription.
According to : Integrate your app with an Azure virtual network
In the first step I wanted to check if the web app could reach out to VNET. The second step I want to connect the web app to SQL database through a Service Endpoint
I created a VNET with 2 subnets:
Jumpbox-subnet
integration-subnet
integration-subnet setting
There is service endpoint pointing to the integration-subnet. Also I integrated the app to the VNet, It's delegated the integration subnet.
I tried to connect to VM from App using tcpping 172.16.1.0 (jumpbox VM private address) from app console, but it failed.
I also app cannot connect to the sql database.
What are the missing pieces here, is a DNS server required to make this work?
Update (Resolved):
The question above was the key, It needs away to resolve the name with some sort DNS server.
tcpping default port is 80 and nothing was listening to that port in that box.
You could use the tool tcpping to test for TCP connectivity to a host and port combination.
The syntax is: tcpping.exe hostname [optional: port]
For example, run tcpping 172.19.1.10:3389
See troubleshooting app service networking for more details.
For more references, Here is an ARM example to deploy an app service with VNet integration and enable service endpoint Microsoft.Storage.
I have an AWS environment where
for each client, there is a dedicated ec2 windows instance.
There is NO active directory; each ec2 instance is like in its own workgroup.
Each instance is deployed on its own dedicated VPC, security group etc.
Clients use RDP to connect from their site to the ec2 instances whenever required over port 3389.
The clients' ip addresses are known upfront and we open port 3389 to allow RDP connection.
Now we want to introduce the RDP using SSL (port 443)
The typical guides from Amazon and other books walk thru setting up a RD Gateway in a SEPARATE ec2 instance and use that as the jump box.
https://docs.aws.amazon.com/quickstart/latest/rd-gateway/architecture.html#best-practices
This is all good except that,
I do not want to have an additional ec2 within each VPC.
(I understand that there are other options to have a centralized RD Gateway in its own vpc and then using VPC peering etc. But I don't want to go that route for various reasons).
So, my question is:
Is it possible to setup the RD gateway directly on the ec2 instance to
which I ultimately want to RDP into ? and use SSL(port 443) for
connecting thru RDP?
Thanks in advance.
I tried this out successfully. I created an EC2 windows 2016 server.
I installed RD gateway using the powershell command.
Install-WindowsFeature RDS-Gateway -IncludeManagementTools
Then I launched the RD gateway manager.
configured the CAP and RAP to allow my Remote Desktop Users to access any resource.
Used the ssl certificate which I created using certroot in linux.
From aws console, opened the port 443 in the security group to allow connections from my public to the ec2 instance. (No other ports were opened).
From my local computer, I setup a RDP connection such that:
The RD Gateway server setting had the RD gateway server name (ex. poc.mydomain.com)
This should match the ssl certificate.
The remote computer name was specified as "localhost" (implying that the same server needs to be connected to).
After providing the right credentials, I was connected the the ec2 instance using RDP.
I created an Azure Container Registre some days ago, and now it's impossible to login to this registry with docker login command. I always get this error message:
Error response from daemon: Get https://XXXXXXXXX.azurecr.io/v2/: dial tcp: lookup XXXXXXXXX.azurecr.io on [::1]:53: read udp [::1]:52627->[::1]:53: read: connection refused
Docker client may throw such error when it is unable to connect to the local Docker daemon properly. So, Restart/Reinstall-Docker should mostly fix that.
I had created the the keys for the google cloud instance and when I try to ssh into the instance. I'm unable to access it and getting an error: port 22: Operation timed out. This happens through both the desktop ssh client and also through the google cloud shell. I had created a project wide keys in the metadata section to access it.
Any insights on why I'm unable to connect will be highly helpful. The instance was created a day ago.
Couldn't figure out why I was not able to ssh into the server previously. But now there is a single click option to ssh into the google cloud instances. You may close this thread.