I have tried to connect to vagrant MongoDB outside of vagrant. However, every time failed.
I have tried as followings.
Change /etc/mongodb.conf as
bind = 0.0.0.0
port = 27017
sudo service mongodb restart
MongoDB shell version v3.6.3
vagrant file like this
config.vm.network "forwarded_port", guest: 80, host: 80
config.vm.network "forwarded_port", guest: 443, host: 1206
config.vm.network "forwarded_port", guest: 5050, host: 5050
config.vm.network "forwarded_port", guest: 27017, host: 27017
Related
I have the following pod setup:
apiVersion: v1
kind: Pod
metadata:
name: proxy-test
namespace: test
spec:
containers:
- name: container-a
image: <Image>
imagePullPolicy: Always
ports:
- name: http-port
containerPort: 8083
- name: container-proxy
image: <Image>
ports:
- name: server
containerPort: 7487
protocol: TCP
- name: container-b
image: <Image>
I exec into container-b and execute following curl request:
curl --proxy localhost:7487 -X POST http://localhost:8083/
Due to some reason, http://localhost:8083/ is directly getting called and proxy is ignored. Can someone explain why this can happen ?
Environment
I replicated the scenario on kubeadm and GCP GKE kubernetes clusters to see if there is any difference - no, they behave the same, so I assume AWS EKS should behave the same too.
I created a pod with 3 containers within:
apiVersion: v1
kind: Pod
metadata:
name: proxy-pod
spec:
containers:
- image: ubuntu # client where connection will go from
name: ubuntu
command: ['bash', '-c', 'while true ; do sleep 60; done']
- name: proxy-container # proxy - that's obvious
image: ubuntu
command: ['bash', '-c', 'while true ; do sleep 60; done']
- name: server # regular nginx server which listens to port 80
image: nginx
For this test stand I installed squid proxy on proxy-container (what is squid and how to install it). By default it listens to port 3128.
As well as curl was installed on ubuntu - client container. (net-tools package as a bonus, it has netstat).
Tests
Note!
I used 127.0.0.1 instead of localhost because squid has some resolving questions, didn't find an easy/fast solution.
curl is used with -v flag for verbosity.
We have proxy on 3128 and nginx on 80 within the pod:
# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN -
tcp6 0 0 :::80 :::* LISTEN -
curl directly:
# curl 127.0.0.1 -vI
* Trying 127.0.0.1:80... # connection goes directly to port 80 which is expected
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 80 (#0)
> HEAD / HTTP/1.1
> Host: 127.0.0.1
> User-Agent: curl/7.68.0
> Accept: */*
curl via proxy:
# curl --proxy 127.0.0.1:3128 127.0.0.1:80 -vI
* Trying 127.0.0.1:3128... # connecting to proxy!
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 3128 (#0) # connected to proxy
> HEAD http://127.0.0.1:80/ HTTP/1.1 # going further to nginx on `80`
> Host: 127.0.0.1
> User-Agent: curl/7.68.0
> Accept: */*
squid logs:
# cat /var/log/squid/access.log
1635161756.048 1 127.0.0.1 TCP_MISS/200 958 GET http://127.0.0.1/ - HIER_DIRECT/127.0.0.1 text/html
1635163617.361 0 127.0.0.1 TCP_MEM_HIT/200 352 HEAD http://127.0.0.1/ - HIER_NONE/- text/html
NO_PROXY
NO_PROXY environment variable might be set up, however by default it's empty.
I added it manually:
# export NO_PROXY=127.0.0.1
# printenv | grep -i proxy
NO_PROXY=127.0.0.1
Now curl request via proxy will look like:
# curl --proxy 127.0.0.1:3128 127.0.0.1 -vI
* Uses proxy env variable NO_PROXY == '127.0.0.1' # curl detects NO_PROXY envvar
* Trying 127.0.0.1:80... # and ignores the proxy, connection goes directly
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 80 (#0)
> HEAD / HTTP/1.1
> Host: 127.0.0.1
> User-Agent: curl/7.68.0
> Accept: */*
It's possible to override NO_PROXY envvar while executing curl command with --noproxy flag.
--noproxy no-proxy-list
Comma-separated list of hosts which do not use a proxy, if one is specified. The only wildcard is a single *
character, which matches all hosts, and effectively disables the
proxy. Each name in this list is matched as either a domain which
contains the hostname, or the hostname itself. For example, local.com
would match local.com, local.com:80, and www.local.com, but not
www.notlocal.com. (Added in 7.19.4).
Example:
# curl --proxy 127.0.0.1:3128 --noproxy "" 127.0.0.1 -vI
* Trying 127.0.0.1:3128... # connecting to proxy as it was supposed to
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 3128 (#0) # connection to proxy is established
> HEAD http://127.0.0.1/ HTTP/1.1 # connection to nginx on port 80
> Host: 127.0.0.1
> User-Agent: curl/7.68.0
> Accept: */*
This proves that proxy works! with localhost.
Another option is something incorrectly configured in proxy which is used in the question. You can get this pod and install squid and curl into both containers and try yourself.
Something wrong happens when I'm trying to setup mongod.conf for connection from remote server.
When I paste my server ip address Mongo doesn't allow connection from it.
# network interfaces
net:
port: 27017
bindIp: 111.111.11.111 #my server ip
When I allow connection from any server, mongo allows to connect from my server.
net:
port: 27017
bindIp: 0.0.0.0
I want to have an access to Mongo from localhost and from my server. I'm trying to paste these ip's both but Mongo allow connection from localhost only.
net:
port: 27017
bindIp: 127.0.0.1 111.111.11.111
What's wrong and how to use bindIp ?
According to documentation the value is a string, i.e. a single value.
Try following:
Use only 111.111.11.111, localhost may work by default anyway.
Try these ones:
net:
port: 27017
bindIp:
- 127.0.0.1
- 111.111.11.111
net:
port: 27017
bindIp: 127.0.0.1,111.111.11.111
net:
port: 27017
bindIp: [127.0.0.1,111.111.11.111]
Otherwise use a firewall, either an external one or the internal firewall of your operating system.
I thought there has to be the IP address of the remote server. It's not right. There can be ip addresses of the network interfaces of the current machine.
Looking for here:
ifconfig -a | grep "inet"
I have a vagrant box. I am already forwarding one port which looked like this
config.vm.network "forwarded_port", guest: 80, host: 8181
This works well but I want to forward another port and I added the following line below:
config.vm.network "forwarded_port", guest: 8080, host: 5555
I have an apache server listening at port 80 in the guest and I set up a python server to listen at 8080 in the guest too. In my host I visit 127.0.0.1:8181 and it works but if I visit 127.0.0.1:5555, I get this page is not working.
If it helps This is my network configuration in vagrant.
config.vm.network "forwarded_port", guest: 80, host: 8181
config.vm.network "forwarded_port", guest: 8080, host: 5555
config.vm.network "private_network", ip: 192.168.33.111
I have tried to add host_ip: "127.0.0.1" but it didn't change anything. I used vagrant reload after modifying my vagrantfile.
What am I getting wrong here?
I followed information provided here: https://www.vagrantup.com/docs/networking/forwarded_ports.html
It looks like you have the ports reversed. Change the 5555 line to this:
config.vm.network "forwarded_port", guest: 5555, host: 8080
Alternatively, you can just forward the same port:
config.vm.network "forwarded_port", guest: 5555, host: 5555
Ok I was able to resolve this problem. You have to do ifconfig and grab your ip addres from inet section.
Use this address instead of localhost or 127.0.0.1 with any port you want to listen to if available. For me my ip was 10.0.2.15 and I listened at port 8080 and visited 127.0.0.1:5555 and it worked.
I am running Mongodb on AWS windows instance, I changed my config setting as following:
net:
port: 30000
bindIp: 0.0.0.0
As far as my knowledge, Server should get started on port 30000, it can listen request from other ip as well
However, on restarting mongod, it is still running on localhost and listening to port 27017
I have the same problem with you. What I did is a workaround it. I start the service with specifying the port and ip.
mongod --auth --port 30000 --dbpath /data/db --bind_ip_all
Downloaded and tried a couple of different versions from puphpet.com just to be sure. Here is the mongo part of code from puphpet config.yaml:
mongodb:
install: '1'
settings:
auth: 1
port: '27017'
databases:
kxuqYQ6plcMS:
name: awesome
user: admin
password: '1234'
IMPORTANT ! I can run mongo in git shell, and mongod service is running, but cannot access it from outside.
mongodb conf :
bind_ip = 0.0.0.0
port = 27017
auth = 1
I've tried commenting the bind_ip, without success. During Robomongo connection i also tried with ssh, specifying
SSH_adress = 127.0.0.1:22
username = vagrant
password = vagrant
and also authentication, but that does not matter since it cannot connect
The same was happening to me.
I added the following lines at the end of the Vagrantfile:
Vagrant.configure("2") do |config|
config.vm.network "forwarded_port", guest: 3000, host: 3000
config.vm.network "forwarded_port", guest: 27017, host: 27017
end
And changed in /etc/mongodb.conf bind_ip to 0.0.0.0
bind_ip = 0.0.0.0
Restarted mongodb and after that I could connect to it through the host and Robomongo
I think the issue is probably that you did not add the Mongo port to the firewall section. The port is accessible from inside the VM, but anything outside of it needs to be cleared by iptables.
Just add to the firewall section within your config.yaml