My setup is an infinispan 8.1.2 server running on AWS using a distributed cache. For local development, I would like to be able to connect to the instance on AWS, but the server will only start using either 0.0.0.0 or the AWS private IP address. Since JGroups does not work with the 0.0.0.0 address it seems my only option would be to use the AWS private IP. But this address is not accessible remotely!
Has anyone else run infinispan server and tried to connect from a different subnet?
Not sure if this helps but anyway...
You do have a public IP address on AWS, which you can query with some HTTP command (check the docs).
Now, if you can add a NATting rule which forwards traffic between the private and public address, you could use external_addr and external_port in TCP to bind to the private address, but send traffic to the public address.
This would allow you to access a JGroups node from another subnet, or even the internet. You probably have to modify your security policy and expose the externally accessible ports. YMMV
Related
I am new to Amazon Web service. I created an Ubuntu 16 instance with AWS. Installed Apache and restarted the service. But still I am unable to figure out how to access the start page from a browser. Which IP address should I use? Public ip or elastic ip? Also do I need to change any configuration file? Thanks.
You need to use the public IP address, depending on your usecase you can even use an elastic IP address.
However you need to configure your security groups in order to access the web page.
Go to your security groups
Select the relevant security group
Add inbound rule to port 80 (TCP)
Then you will be able to access the page. Please refer this guide for more information.
You can use public ip / public DNS. These both will change upon restart of an instance. Elastic IP is useful when you want your IP address to be persistent. e.g. To make an entry in your domain DNS records.
Make sure your default site is pointing to correct directory as you are going to access using IP address.
If your instance is in VPC then it must be in public subnet. (subnet with Internet Gateway route attached)
I have created a Virtual Machine in Bluemix. I have installed NGINX web server on it. To access the web application that is deployed on NGINX, should I use a public IP address (for e.g. http://123.456.78.9) or is there a domain name associated with the instance (something like http://abcxyz.bluemix.net)?
When you launch any VM in cloud by default they should be not accessible from public internet unless you attach a public ip address to them.
Once you have attached a public ip address to your instance and configured the firewalls to allow incoming connections (http, ssh etc) you can update your DNS server to redirect traffic there.
AWS create a public FQDN at the time of launching the ec2 instances as
ec2-nn-nn-nn-nn-region-compute.com (where nn are ip address bits), not sure any similar thing with bluemix but it is less likely to have abcxyz.bluemix.
I have a Google Cloud Container Engine cluster with 2 Pods, master and slave. Each of them runs RabbitMQ instance, that supposed to be joined into one cluster.
Ports exposed from Dockers aren't available from other machine, but could be accessed only through a Service. That's not a problem, I could establish a service for each instance (one-to-one, service-to-pod), and point each Pod to opposite service IP.
The problem that RabbitMQ uses more that one port for communications. That means that service IP should open all this ports from underlying Pod. But I cannot specify list of shared port for a Service, and if I create a new service for each port each of them will have own IP.
Is there any way to expose list of ports from same Docker/Pod on same internal IP address using Container Engine cluster? maybe some special routing configuration?
Your question is similar to this question, and unfortunately has the same response: Kubernetes / Google Container Engine does not currently have a way to expose a range of ports for a service at the current time. There is an open issue in GitHub to address this use case.
I have created a web application in glassfish and I can access it on my LAN.
How can I access the web application from a remote location over internet?
I do not have static IP.
Please reply.
Thanks.
Steps :
Creating virtual DNS(Domain name server) Server on your machine.
Port Forwarding.
Reference https://cookbook.fortinet.com/port-forwarding-60/
Remote Desktop Connection enabling.
Creating Inbound Rules. Reference :
https://www.howtogeek.com/112564/how-to-create-advanced-firewall-rules-in-the-windows-firewall/
Creating account on www.noip.com and create custom host and download DUC (Dynamic Update Client) Software.
Some more steps may have it depends on your LAN Router and firewall configuration.Use http://ifconfig.me/ to get your public ip.
Access from outside your machine should be configured by default. You may check if it is so in admin console, at Configurations->server-config->Network config->Listenters. There should be one listening on the desired port (like 8080) and be bound to 0.0.0.0 address.
To easily access something behind a dynamic ip you need something like http://www.noip.com/ or http://www.dnsomatic.com/ (I took these from my router's control panel)
I did this recently,
first you need to use port forwarding on your router, access it by typing your default gateway path, mine was 192.168.0.1 then go to "advanced settings -> Port forwarding". Simply enter the details that are asked for, I set mine to HTTP using port 8080, yours might be different. Protocol is TCP. The IP address it asks for is your local address.
For quick testing you can disable the firewall on your machine and then you can search on google for your Public IP address by typing "what is my IP".
Then type your ip into the browser and the port number "ipAddress:portNumber"
You should see the glassfish welcome screen if it is successful.
After that you might want to enable your firewall again but then you have to add an inbound rules to allow the port to be used:
Setting Windows inbound rules
Then you still have one last step to perform, allowing glassfish to access the resources on your machine: Adding glassfish to allowed programs
Follow the instructions on adding java.exe only.
I've migrated a website to Amazon ec2 that hooks into a service we are using that is installed on another server (not on Amazon). Access to the API for that service is IP-restricted and done by sending XML data using *http_build_query* & *stream_context_create* in PHP.
If I want to connect to the service from a new server, I need to ask the vendor to add the new IP first. I did that by sending the Elastic IP to them, but it doesn't work.
While trying to debug, I noticed that the output for $_SERVER['SERVER_ADDR'] is the private IP of the ec2 instance.
I assume that the server on the other side is receiving the same data, so it tries to authenticate the private IP.
I've asked the vendor to allow access from the private IP as well – it's not implemented yet, so I'm not sure if that solves the problem, but as far as I understand the way their API works, it will then try to parse data back to the IP it was contacted from, which shouldn't be possible because the server is outside the Amazon cloud.
I might miss something really obvious here. I added a command to rc.local (running CENT OS on my ec2 instance) that associates the elastic IP to the server upon startup by using ec2-associate-address, and this seemed to help make a MySQL connection to another outside server working, but no luck with the above mentioned API.
To rule out one thing - the API is accessed through HTTPS, with ports 80 and 443 (and a mysql port) enabled in security groups and tested. The domain and SSL are running fine.
Any hint highly appreciated - I searched a lot already, but couldn't find anything useful so far.
It sounds like both IPs (private and elastic) are active in your VM. Check by running ifconfig -a. If that's what's happening then the IP that gets used for external traffic will depend on the remote address and your VM's routing table. It could even vary from one connection to the next.
If that's what's going on then the quickest fix would be to ifconfig down the interface that has the private address. That should leave only the elastic address for all external connections. If that resolves the problem then you can script something that downs the private IP automatically after the elastic IP has been made active, or if the elastic IP will be permanently assigned to this VM and you really don't need the private IP then you can permanently disassociate the private IP from this VM.