I am trying to run and OpenLDAP container on Bluemix using IBM Containers. I am using cloudesire/openldap and sucessfully run the contianer on my local linux machine. I tried to run in my Bluemix account using IBM Container.
I am unable to test it using ldapsearch or telnet using port 389. I managed to run some other container and telnet them sucessfully, but not with Open LDAP container.
Is port 389 blocked by the Bluemix router? How proxy the port?
Port 389 is currently blocked for IBM Containers running on Bluemix.
Please open a support ticket with IBM Bluemix Support and request this port to be exposed:
https://developer.ibm.com/bluemix/support/#support
Related
I am using Spring Boot admin version 2.6.9 and using
spring.boot.admin.client.instance.prefer-ip=true
to register to admin server via an IP address. Now since I am running my apps inside Docker containers, the admin server receives Docker IP addresses and not the public IP addresses
of the applications.
I have tried changing management.address, but that does not work.
I can not use the Docker network to connect to these machines and I can not change the server.address property. I have tried the below properties as well, but they don’t show anything on the admin server apart from online status.
spring.boot.admin.client.instance.service-url=http://11.0.134.202:9999
spring.boot.admin.client.instance.management-url=http://11.212.134.202:9999
I got it working using
spring.boot.admin.client.instance.prefer-ip=true
spring.boot.admin.client.instance.service-url=http://127.0.0.1:9999
spring.boot.admin.client.instance.management-url=http://127.0.0.1:9999/actuator
I'd like to know in detail how to connect google compute engine virtual machine instance and app engine.
I've set up a virtual machine instance on Google compute engine, and my Postgres server is running there, following this tutorial: https://cloud.google.com/community/tutorials/setting-up-postgres
I've deployed my flask app under the same project on Google Cloud Platform, creating an app engine instance.
I searched on how to connect compute engine and app engine together, and it seems it should be possible through a VPC connector: connect Google App Engine and Google Compute Engine
This is what my VPC connector looks like:
Serverless VPC access
Name Network Region IP address range Min. throughput Max. throughput
connector-name default europe-west2 10.8.0.0/28 200 300
On my compute engine, I have my VM instance like so:
Name Zone Internal IP External IP
some-name europe-west2-c 10.154.0.2 (nic0) 34.89.113.193
On my flask app, I'm trying to connect to my remote DB like so:
db = PostgresqlExtDatabase(
"some-name", # databse name
user="postgres",
password="some-password",
host="10.154.0.2", # remote host internal ip
port=5432,
)
db.connect()
This is my app.yaml for the vpc access part, I've followed this reference: https://cloud.google.com/appengine/docs/standard/python/connecting-vpc#configuring
vpc_access_connector:
name: projects/some-name/locations/europe-west2/connectors/connector-name
If I understood correctly, if the VPC connector is present, I should just be able to connect using the internal IP address of my VM instance(this case, 10.154.0.2)?
The problem is, when the app is deployed for production, It is still complaining that it cannot connect:
2020-09-26 12:54:51 default[20200926t134815] Is the server running on host "10.154.0.2" and accepting
2020-09-26 12:54:51 default[20200926t134815] TCP/IP connections on port 5432?
If it's connected internally I assume I don't have to add that internal IP to firewall rules, although I did try that as well. As for firewall rules, I have allowed my local machine's IP address so I can connect to the remote Postgres server via PgAdmin.
I've actually tried External IP(34.89.113.193) as well although that doesn't make sense to me.
I'm a bit of a noob on networks and backend stuff in general, any help would be much appreciated.
UPDATED 1
This is my firewall rules:
Direction
Ingress, Egress
Action on match
Allow
Source filters
IP ranges
92.40.176.9/32
78.146.103.141/32
10.154.0.2
Protocols and ports
tcp:5432
Image for reference: Screenshot for the list of firewall rules
It turns out the firewall / postgres configurations were all ok, but because this VPC connector method was on beta, I needed to run:
gcloud beta app deploy
instead of the usual
gcloud app deploy.
This command then updated gcloud Beta Commands and prompted me to enable API:
API [appengine.googleapis.com] not enabled on project [742932836941]. Would you like to enable and retry (this will take a few minutes)? (y/N)?
After enabling this everything worked fine.
Per the information provided seems like both VPC firewall rules and the connector are well configured.
However, based on the messages
2020-09-26 12:54:51 default[20200926t134815] Is the server running on host "10.154.0.2" and accepting
2020-09-26 12:54:51 default[20200926t134815] TCP/IP connections on port 5432?
Seems like the VM or server using 10.154.0.2 is not accepting requests on port 5432 or the port has not been opened, you can use this site to do a port scan.
Based on the guide you followed to create PostgreSQL you are using Ubuntu as OS, therefore I suggest you open the port in ubuntu and see if the issue persists.
I have built a working IBM api connect service (loopback) that provides local mySQL data to/from an angular website. I now want to move this service to an Ubuntu web server (appache) so that I can open up the website to external traffic. I have moved installed api connect onto the server and moved the project files across.
But I don't understand how to run the project so that it is available externally. When I run API connect the api is available on a local port address: Web server listening at: http://127.0.0.1:9000.
But in my webpage (angularjs) I can't call this as it tries to connect on the client machine, not server.
Has anyone done this before and if so, can you offer any advice?
You should configure your Apache as a reverse proxy, so that it forwards requests from your public ip address at port 80 (or 443 if you want SSL) to localhost:9000. See https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html or https://www.nginx.com/resources/admin-guide/reverse-proxy/ if you'd like to try out Nginx.
I'm trying to configure a Postgresql pod on OpenShift 3 for external access and I'm unable to expose it to the outside world. I have created a route, but it is not responding to TCP on port 5423 whenever I try to connect to the host over the internet.
The message I get is: "Is the server running on host "xxxxxxx.1d35.starter-us-east-1.openshiftapps.com" (xx.xx.xx.xx) and accepting TCP/IP connections on port 5432?"
Routes can only be used to expose HTTP/HTTPS servers, or when using TLS pass through the service is terminating the secure connection and the client for the services support SNI over TLS.
For a database such as PostgreSQL you can though temporarily expose it to your local machine by using the oc port-forward command. You can find an interactive tutorial for how to use port forwarding in the OpenShift interactive learning portal at:
https://learn.openshift.com/
In OpenShift Online there is no way to expose a database service such as PostgreSQL permanently outside of the cluster. This is because exposing it would require admin access, which you don't have with OpenShift Online.
I'm having trouble completing a web deploy from VS2013 as I posted in VS to Azure Publish failure: Socket Error 10054
Apparently web deploy uses port 8172, which I cannot telnet to at the moment despite rules being present in my windows firewall allowing the port through.
I am using the commands telnet localhost 8172 and telnet 192.168.0.1 8172 and it says it cannot connect to the host on port 8172.
I'm not sure this is the issue because I can complete a web deploy to Azure in my other projects? But in any event I'm confused as to why I cannot telnet to the port.
Is my syntax wrong?
JK
If you're using Azure you need to open up a port in the 'Network group' settings.
If you're using CloudFlare or some other kind of proxy, make sure to connect with the IP address of the VM or the MS supplied domain name and not your 'website domain name'. CloudFlare won't proxy through any old random port.