I'm trying to install Artifactory on CentOS 8. While the installation proceeds reasonably, the configuration ends up binding to IPV6 rather than IPV4 interfaces. This of course seems to make it inaccessible on the IPV4 network. I've tried putting an IPV4 address in var/etc/system.yaml as described in: jfrog artifactory could not validate router error
without effect.
I've tried disabling the IPV6 interface, but that doesn't seem to be suffient.
Any hints would be most welcome.
Per https://jfrog.com/knowledge-base/artifactory-how-to-force-artifactory-to-run-with-ipv4-only-on-an-dual-stack-kubernete-cluster/
Add:
shared:
extraJavaOpts: "-Djava.net.preferIPv4Stack=true"
to system.yaml.
Related
Are there any know issues with running the org.apache.ignite.spi.discovery.tcp.ipfinder.kubernetes.TcpDiscoveryKubernetesIpFinder a purely IPv6 environment? I looked here and it mentions there may be issues with clusters becoming detached but does not offer any specifics. Any information would be appreciated, thanks.
I'm not aware of any IPv6 problems per se, so if your network is configured correctly I would expect it to work.
The problem we typically see when IPv6 is enabled is that it's possible to route to the IPv4 address but not the IPv6 address -- which is why setting preferIPv4Stack works.
My Setup/Goal:
I'm running a specific version of Debian 10 on my rpi 4b and have nextcloudpi installed on top. This results in the need for another (virtual) interface because nextcloudpi runs on apache2, port 80 (as well as pi-hole).
I could have changed the apache port 80 but I want another interface/IP for my pihole/unbound setup. I could have also achieved it by using docker but it failed (either because IPv6 and macvlan are sometimes a bit buggy within docker or because my brain is a bit buggy).
However, I've installed Pihole successfully using IPv4 and IPv6 (local unicast fd00) of my macvlan. I have told apache to only use my physical interface IP, bound lighttpd to the other IPv4 of my Macvlan, and configured pihole to use the IPv4 and IPv6 local unicast of my Macvlan (setupvars.conf).
Central issue:
My central question: How do I configure unbound correctly to use the Macvlan interface? Do I have to change the default config at all?
Assuming my macvlan IPv4 looks like: 192.168.178.123/24,
what would my interface line look like?
Would I just need to add
interface: 192.168.178.123#5335
interface: my corresponding local unicast address of my Macvlan#5335 (fd00....)
???
Some further questions regarding Macvlan:
My Macvlan has also a global unicast address and I'm not sure about it since I remember a post which told me that macvlan with a global unicast address might be a security risk? In case this is true: how do I disable the global address for my Macvlan?
The important line if my interfaces.d file is:
pre-up ip link add name macvlan1 link eth0:1 address 02:3E:A6:22:01:05 type macvlan
Do I have to add "mode bridge"? What does it exactly do? I've read some information about networks and bridge mode in general but I'm still not sure whether to use or not?
So would it be
.... type macvlan mode bridge
?
Thank you much for your help!
I was successful by using the run command.
docker run --name=unbound --net=macvlan_network --ip=xxx.xxx.xx.x --restart=unless-stopped --detach=true mvance/unbound-rpi
I can't seem to find any documentation that explains how to configure nftables to allow unix sockets for passthrough. I've got a CentOS 8 box running an LDAP server, and local commands like ldapsearch/ldapwhoami fail unless I disable nftables or manually direct it at the loopback IP address. Any step in the right direction is greatly appreciated.
I have setup a CentOS VM to test Hadoop. I set a network interface in NAT mode with a paravirtualized network type interface. Port redirection for SSH (TCP 22) works without issues. However some other ports do not seem to fully work (9870, 8042, 9864). I can see some "action" happening. Let me give an example for port 9870.
These are my rules (remember I said the SSH rule works without issues):
RulesX TCP 127.0.0.1 59870 10.0.3.15 9870
When I try to access http://127.0.0.1:59870 I get automatically redirected to https://127.0.0.1:59870 but eventually I get a ERR_TIMED_OUT error.
Tracing the traffic on the VM, I can see the traffic coming in but I cannot see any response back (I have one single network interface):
I am not sure what else to look at.
Any idea is highly welcome. Thank you!
More than likely, you need to open the non-standard ports on Centos firewall.
Open firewall port on CentOS 7
My team needs to see a web page I have built that I am hosting temporarily on my local windows 10 laptop using Wildfly 11.
I have changed the configuration standalone.xml from commented value to this
<interface name="public">
<!-- <inet-address value="${jboss.bind.address:127.0.0.1}"/>-->
<inet-address value="${jboss.bind.address:xx.xx.xxx.xxx}"/>
</interface>
Where xxx is equal to my ip address as determined from my internet provider's control page. I can ping that address from any of my local machines and my co-workers can also ping the address.
However, when I go to run with this value in the xml, I get the error:
Failed to start service org.wildfly.network.interface.public: org.jboss.msc.service.StartException in service org.wildfly.network.interface.public: WFLYSRV0082: failed to resolve interface public
What else do I need to do to enable access to the port? Thank you in advance for your help.
If your "xx.xx.xxx.xxx" is not the IP number of an interface on your machine, then you won't be able to bind to it. You can only bind to an interface that is actually present on the host. Typically the IP number of your machine, as seen from the public Internet, will not be the same as an IP number on the machine itself. You need to bind your HTTP server to the machine's real IP number (not localhost, 127.0.0.1, but the IP corresponding to some real network connection -- Ethernet, Wifi, whatever) and you need to configure your Internet router to forward packets addressed to port 8080 to the IP number of your wildfly host.
I would think that, if your co-workers are on the same site as you, they would have access to your machine without going through the public Internet. In that case, all you need to do is to bind the port to the (non-localhost) IP number of your machine, and have your colleagues use that IP number. You might also need to configure any firewall you have -- either on your wildfly host or your router -- to allow access to port 8080.
I would recommend that you run Wildfly on the command line with something like:
bin\standalone.bat -b 0.0.0.0
This will have Wildfly bind to all available interfaces. For testing this should be safe - it should be ok to bind to more than on interface. You will not need any changes in standalone.xml.