Unable to make remote desktop after the scale set creation - powershell

I have successfully created a scale set using (https://github.com/Azure/azure-quickstart-templates/tree/master/201-vmss-windows-customimage) with one instance from the my custom image:
The custom image has microsoft server data center DS1 V2 and node.js installed in and a copy of my application.
From the new portal I can see the IP of the VM.
I have also successfully started it from the powershell.
However the RDP on that IP with port 3389 or 50000, 50001 are not working.
I tried to add some inboud rules but the situation is same (may inboud rules not correct).
Please can you let me know the steps required after the scale set is created in order to make a RDP ?

You won't be able to connect to the IP of the VM from outside the VNET as each VM has an internal IP address. You need to connect to the public IP of the load balancer (you probably meant that implicitly but being precise just in case).
You will also need to create inbound NAT rules to map a port range on the load balancer public IP address to port 3389 on the backend, and double check that RDP was enabled on the source image before uploading it.
Take a look at this template for an example of inbound NAT rules.. https://github.com/Azure/azure-quickstart-templates/blob/master/201-vmss-windows-nat/azuredeploy.json

Related

Why can't App Engine connect to Compute Engine VM instance?

I have a VM instance (e2-micro) on GCP running with postgres. I added my own external ip address to pg_hba.conf so I can connect to the database on my local machine. Next to that I have a nodeJS application which I want to connect to that database. Locally that works, the application can connect to the database on the VM instance. But when I deploy the app to GCP I get a 500 Server Error when I try to visit the page in the browser.
These are the things I already did/tried:
Created a Firewall rule to allow connections on my own external ip address
Created a VPC connector and added that connector to my app.yaml
Made sure everything is in the same project and region (europe-west1)
If I allow all ip addresses on my VM instance with 0.0.0.0/0 then App Engine can connect, so my guess is that I'm doing something wrong the connector? I use 10.8.0.0/28 as ip range while the internal ip address of the VM instance is 10.132.0.2, is that an issue? I tried an ip range with 10.0.0.0 but that also didn't work.
First check if your app uses a /28 IP address range (see the documentation):
When you create a connector, you also assign it an IP range. Traffic
sent through the connector into your VPC network will originate from
an address in this range. The IP range must be a CIDR /28 range that
is not already reserved in your VPC network.
When you create a VPC connector a proper firewall rulle is also created to allow traffic:
An implicit firewall rule with priority 1000 is created on your VPC
network to allow ingress from the connector's IP range to all
destinations in the network.
As you wrote yourself when you create a rule that allows traffic from any IP it works (your app can connect). So - look for the rule that allows traffic from the IP range that your app is in - if it's not there create it.
Or - you can connect your app to your DB over public IP's - in such case you also have to create a proper rule that will allow the traffic from the app to DB.
Second - check the IP of the DB that app uses.
My guess is that you didn't change the IP of the DB (that app uses) and it tries to connect not via VPC connector but via external IP and that's why it cannot (and works only when you create a firewall rule).
This answer pointed me in the right direction: https://stackoverflow.com/a/64161504/3323605.
I needed to deploy my app with
gcloud beta app deploy
since the VPC connector method was on beta. Also, I tried to connect to the external IP in my app.yaml but that needed to be the internal IP ofcourse.

How to access my local [WAMP] webserver from outside the LAN?

I am trying to access my local [WAMP] webserver from any remote devide. I am so far able to access it from a device inside the LAN, but fail to do so from outside it. As far as i know, port forwarding is how we achieve this. But currently unable to do that correctly.
Present error when trying to connect :
Some of the articles which i have followed so far are:
general-port-forwarding-guide
how-can-i-access-my-server-from-outside-of-my-lan
how-to-expose-a-local-development-server-to-the-internet
The main steps which i follow are as follows:
Make sure server is accessible inside LAN.
Open router's port forwarding settings and port forward the set static ip address (in step 1). Set port 80 and 8080 for communicating.
Access the server via my public ip (can check public ip and if forwarded port is accessible from here)
This is a temporary solution for testing purposes only with 8 hour server connection duration time limit (and a limited no. of server connections):
access_local_server_remotely_for-Development-And-Testing-Only and here is a video guide about how to use it.

How to monitor virtual IP with zabbix?

in some cluster environments, there are pair servers that are HA 2 by 2. for example i have server1 with IP 22.1.1.1 and server2 with IP 22.1.1.2.
server1 is giving service and server2 is standby. there is this virtual IP 22.1.1.3 that other servers connect to it to get services from server1 and server2.
now i need to monitor this virtual IP to see if it is up and other servers outside its VLAN can connect to it. how i can do this in zabbix?
i don't have an actual physical server to create in zabbix according to this question. i tried to create one but i got errors. also this question is asked 3 years ago. is there any new features i can use to solve this problem?
You can create a host with agent ip 22.1.1.3 and monitor it in agentless mode.
You can ping it (icmpping), connect to a tcp port that you know it's open (net.tcp.service) or, in case of a web service, do a http call with the http agent and react accordingly.
Just create the correct items/templates according to the simple check and http agent documentation.
You do not need a physical server to create a host.
You can create a host with the target IP address and use various items against it - based on your question, you do not need agent items, but some other (remote) type.

How do I host my script in a Google Cloud server?

So I have created something small which is a image-rehost where I wish to use Python script where I have a URL such as https://i.imgur.com/VBPNX9p.jpg but with my rehost it would be
https://ip:port/abc123def456
so whenever I access that page it would give me the url that I posted here.
However the issue I am having is that I have no clue how to actually host the server that I made by node-js. Right now I just used the external IP with port of 5000. When I tried to send the image through my home ip by using the
https://external_ip:5000/abc123
the server doesn't recognize anything and nothing is being sent to the server which I in that case think I have setup something wrong.
I am using Google cloud server and I would wish to know how I can host my own server in the google cloud?
As you are having trouble adding a firewall rule, I'm going to suggest make sure port 5000 is open and not 8888.
To open the firewall rule for port 5000 in Google Cloud Platform follow these steps.
1) Navigate to VPC Network > Firewall rules > Create firewall rule.
2) In the 'Create a firewall rule' page, select these settings:
Name - choose a name for this firewall rule
Network - select the name of the network your instance belongs to, most probably
'default' unless you've configured a custom network.
Direction of traffic - 'Ingress'.
Action on match - 'Allow'.
Targets - 'All instances in the network'.
Source filter - 'IP ranges'.
Source IP ranges - '0.0.0.0/0'.
Second source filter - 'None'.
Specified protocols and ports - 'tcp:5000' or 'udp:5000' depending on whether the protocol you are using uses tcp or udp.
3) Hit 'Create'.
This will create a rule allowing traffic on port 5000 to all instances in your network from all IP address sources.
My advice would be to see if these settings work, and then once confirming this, lock down the settings by specifying a specific IP address or range of IP addresses in the 'Source IP ranges' text box, and adding a target tag to you instance and specifying 'Specified target tags' so the port is only open to the instance.
If this doesn't work, you may have a firewall rule turned on within the instance, which you would need to configure (or turn it off).
For more detailed information about setting firewall rules please see here.
For running Node.sj on GCE VM I will suggest you use the Bitnami Node.js package on GCP Marketplace which includes the latest version of Node.js, Apache, Python, and Redis. Using a pre-configured Node.js environment gets you up and running quickly because everything works out of the box. Manually configuring an environment can be a difficult and time-consuming hurdle to developing an application.
Also if you wish to do URL redirection you can use URL map feature provided with Google Cloud HTTP load balancer. This feature allows you to direct traffic to different instances based on the incoming URL. For example, you can send requests for http://www.example.com/audio to one backend service, which contains instances configured to deliver audio files, and requests for http://www.example.com/video to another backend service, which contains instances configured to deliver video files. You find steps to configure and more information here.

Public access container in QNAP NAS server

I have running node.js app in my docker container in Container Station in my QNAP NAS. It's working on my local network on the port I have specified.
Typically I would set reverse proxy pointing fe. my-domain.com/my-app :80 => :<local-port>
On NAS I have static IP provided, I have even a domain for public access (my-server.myqnapcloud.com) and I'd like to set up somehow my server to be visible outside. It doesn't have to be QNAP domain, I can set my own domain pointing to QNAP local address, but still I'm not able to forward local port to another in server scope.
What is the best way to setup such enviroment? It seems to be much easier without NAS at all...
If i'm not wrong, your QNAP server is over the router. If so, you have to change some settings...
Steps to do:
Open a Container Station and find the instance of your container.
Go to "Settings" then "Advanced settings" and find LAN bookmark (sieć)
There must be a grid: "Port Routing" with 2 columns: "Host" and "Container".
"Container" - a port on which container is listening incoming internal connections
"Host" - a port on which QNAP server is listening incoming external connections. You have to remeber this value!
Close Container Station and open myQNAPcloud application
If you don't see the service which is responsible for port forwarding, you have to add appropriate service.
After that you have to execute changes in a router.
Note:
I've struggled with the configuration of PostgreSQL database installed on container. Finally, i was able to achieve that. Here is detailed description: How to enable remote connections to your PostgreSQL server (in Container Station) on QNAP NAT server over the router
Hope this help.