I'm trying to gather some statistic from our web applications. We're hosting our applications on Azure. It's usually Web App resource which is containing one or many web jobs.
For monitoring tools I'm using:
statsD.JustEat nuget package (C# client which is sending statistics using UDP)
telegraf - hosted on Ubuntu virtual machine, gathers data and each x seconds write them to influxDb. Is listening on 8125 port.
That's the overview:
overview diagram
The problem I'm having: when application is hosted as Web Job in Azure, I'm not able to send any UPD package to telegraf. I'm also not able to get any exception or any log telling me what happened.
I was trying to send some statistic:
for host (Public Ip of my virtual machine):8125 port
for host (Private Ip of my virtual machine):8125 port
With those scenario:
Console app - external network - public Ip -> works perfectly !
Web Job (connected to VNET) - public Ip -> doesn't work ! (that's most surprising)
Web Job (connected to VNET) - private Ip -> doesn't work !
Web Job (disconnected to VNET) - public Ip -> doesn't work !
Does Azure have some limitations ? The vnet has also Inbound an Outbound rules to free 8125 port (see overview).
Do you have any ideas why this should be failing or do you know any tools which I could use, just to investigate this more ?
Thanks for help !
Related
We have created 2 x VMs (both with the same spec - Windows 2012 R2, 2 x cores, 12Gb, 1 static IP).
I have deployed our tomcat application to one server and the app responds on both localhost and the internal ip address of the VM e.g.
http://localhost:90/integrationmanager
http://10.150.4.11:90/integrationmanager
So that all works normally on that server.
On the the second server, the app responds ok on localhost but it does not respond on the internal IP address of 10.150.4.8
http://localhost:90/integrationmanager
but this fails http://10.150.4.8:90/integrationmanager
The tomcat server.xml is the same for both servers so it is not an app config issue. since the test is being done direct on the local server it is not a VPC firewall issue as the request is not going off-box.
I have switched back to an ephemeral address from a static and that made no difference.
Windows Firewall is disabled on both private and public networks, it is not a member of a domain so that is not applicable.
Any ideas ? I am considering blowing away the VM and starting again
it turns out that McAfeee (which has its own firewall) had been installed on the server which had the issue. Now disabled and all is working ok.
I have built a working IBM api connect service (loopback) that provides local mySQL data to/from an angular website. I now want to move this service to an Ubuntu web server (appache) so that I can open up the website to external traffic. I have moved installed api connect onto the server and moved the project files across.
But I don't understand how to run the project so that it is available externally. When I run API connect the api is available on a local port address: Web server listening at: http://127.0.0.1:9000.
But in my webpage (angularjs) I can't call this as it tries to connect on the client machine, not server.
Has anyone done this before and if so, can you offer any advice?
You should configure your Apache as a reverse proxy, so that it forwards requests from your public ip address at port 80 (or 443 if you want SSL) to localhost:9000. See https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html or https://www.nginx.com/resources/admin-guide/reverse-proxy/ if you'd like to try out Nginx.
I am using Appache Tomcat to host webpages that can be accessed by authenticated users and a UDP socket has been opened on port 14550 in which devices sends a stream of communication messages. The system is working fine in the local network. I tried to host the this in Openshift and later found that Openshift does not allow external UDP communication. Now I am considering Amazon EC2 instance, new VM in Azure or in GCP. I would like to know that will there be any issue in using the sockets from my application. Thank you in advance.
No, on AWS EC2 everything is allowed, you just need to configure your Security Group to allow specific web traffic, UDP traffic can also be allowed their.
I was also looking for possible workaround for this issue, but it's quite easy irrespective of what platform language you are using to develop socket program on AWS EC2, as am using Node.js nginx in my case, this should work for all supporting platforms.
Configure Security Group
In the AWS console, open the EC2 tab.
Select the relevant region and click on Security Group.
You should have an default security group if you
have launched an Elastic Beanstalk instance in that region for your
app.
click on Actions button at top, and select Edit inbound rules.
here in Type column select All UDP, or you can set some Custom UDP
rule as well to listen at your socket port.
And there just enter port of your UDP server Ex: 2020.
And that's it!
Note: If something is not working, check the "Events" tab in the Beanstalk application / environments and find out what went wrong.
I had developed a socket on python that is work fine on physical machines , as I communicate with specific port number that is hard coded in my program (Python) that is 9070.Whenever execute this python socket on azure virtual machine or cloud service with worker role , cannot communicate with this socket.I am new to networking, i'll really appreciated if someone lead me to right point .
The error I found on client side is
TCP connection time out
If I am understanding your question correctly, you need to open up an endpoint to that port on your VM. You can find instructions here: Set up endpoints on a Virtual Machine
Is it possible for me to run a webserver on my computer (shared ip) and access it remotely using my ip + subnet or at least some way that doesn't involve having the IT guys make changes to the machine(s) currently running our virtual servers and/or routing our subnet?
Rationale:
I'm on a computer at work, and I'm making changes to a plugin for Google Website Optimizer. I want GWO to be able to access localhost (i.e. my development environment) so that I don't have to deploy every change to the production server while I'm feeling out the system. (lots of changes; tedious deployment takes up most of the time)
I can't just supply my IP to GWO because that points to our production server (all of our computers at work are on the same IP). If I could construct a URI that points just to my computer, then I suppose I could let GWO view a page on my development environment and interact therewith.
Not only would achieving this purpose be helpful in present circumstances, but it would aid me immensely in that I could let my boss look at what I've got in dev, from his own machine, at his leisure, without deploying changes to production.
I'm not familiar with the Google Website Optimizer, or how/where a plugin for it that you might write would be executed. So I'm going to summarize what I understand about your problem (including some guesses) and go from there, please correct me if I'm wrong.
Your company has one public IP address.
Your workstation and all the hosts on your network are source NAT'ed to the internet.
Port 80 (http) on your public IP address is destination NAT'ed to your production webserver which is hosted as a virtual machine.
You have a development webserver that is hosted on your workstation.
You have reservations about involving your "IT guys" to making routing or system admin changes.
You want your development environment to be accessible from the internet.
First up (assuming everything above is correct):
access it remotely using my ip + subnet - No. Not possible.
Second up:
I could let my boss look at what I've got in dev - Easy, get him to point his browser at your workstation's IP address on your internal network.
Possible solutions for remotely accessible:
Talk to your "IT guys" about getting your dev environment made externally accessible.
Use name-based virtual hosts on your production webserver. Requires setting up a DNS record for the dev site (e.g. dev.your-company) and pointing it to your company's IP address. If SSL is in use this is harder to achieve. You could then:
Proxy requests for a different site name to your workstation (readily achievable with apache).. or
Host your development environment on your production server
Proxy a particular URL path to your workstation. (e.g. /dev/)
Get an unused port (e.g. 8080) on your public IP destination NAT'ed to port 80 on your workstation. Your dev environment URL might then be http://www.your-company:8080/