I have setup XEN on SLES12 and created few virtual machines. Using virsh I am able to connect to libvirt from linux but not from windows. I was trying:
# connect xen://hostname
# connect xen://hostname/system
# connect xen+tcp://hostname
# connect xen+tcp://hostname/system
I have recieved following error messages:
# connect xen+tcp://hostname 'Unable to connect to server at 'hostname:16509': Unknown error 107'
# connect xen://hostname 'error: Cannot read CA certificate '/usr/i686-w64-mingw32/sys-root/mingw/etc/pki/CA/cacert.pem': No such file or directory'
Other commands stated above produce same errors. I runned netstat and I cannot find port number 16509. I assume that when I connect from linux it uses different port(?) as there is no problem with that. the only difference is that from linux I use ssh connection:
# connect xen+ssh://root#hostname
Any ideas will be appriciated
It’s likely that your libvirtd is not listening to the TCP port. You must have –listen option while running the libvirtd.
Check following link
Additionally you may need to modify /etc/libvirt/libvirtd.conf
listen_tls = 0 #it's enabled by default. To disable it, set it to be zero
listen_tcp = 1
tcp_port="16509"
listen_addr="192.168.45.22"
# tcp_auth = "sasl"
auth_tcp = "none"
# /usr/sbin/libvirtd –listen
Use command libvirtd -d
It will create libvirtd deamon
and then use libvirtd --listen to make libvirtd listen on TCP port.
Related
I have been following this tutorial for a moment but I don't know why it isn't working:
https://github.com/anapsix/zabbix-haproxy/blob/master/README.md
To make a long story short:
I have a Zabbix server on Amazon EC2 and I want to monitor a HAproxy server which is inside my network. The HAProxy Server has a Zabbix Agent working on it.
The tutorial explain how to setup a script for the zabbix-agent to explore what's behind it (what's the haproxy is load-balancing) and send it back to the Zabbix Server.
However everything is working fine but nothing shows up on the Zabbix server, no host are discovered despite the zabbix agent and server are communicating.
1 - I did place the userparameter_haproxy.conf into /etc/zabbix/zabbix_agentd.d/ and
set it in the zabbix_agend.conf file.
2 - I did place the haproxy_discovery.sh into /usr/local/bin/ and gave it the +x rights
3 - I did import haproxy_zbx_template.xml
4 - Configure HAProxy control socket: I assume there is my mistake.
5- The scripts are working because I get result when I execute this commands:
zabbix_agentd -t haproxy.list.discovery[FRONTEND]
zabbix_agentd -t haproxy.list.discovery[BACKEND]
zabbix_agentd -t haproxy.list.discovery[SERVERS]
6 - I added the host with HAproxy on it to the right template
7 - I can wait forever nothing is showing up, no new hosts.
I think the step 4 is where I am doing wrong. In the tutorial they say:
Configure HAProxy to listen on /var/run/haproxy/info.sock or set
custom socket path in checks (set {$HAPROXY_SOCK} template macro to
your custom socket path) or update userparameter_haproxy.conf and
haproxy_discovery.sh with your socket path
I did make the haproxy.cfg file listen to the file /var/lib/haproxy/stats
and set a custom socket path in the template macro.
Additionnal info:
Version of Zabbix: 3.4
Zabbix Server: RHEL 7.4
Zabbix Agent: Centos 7.2
No errors when I restart zabbix-agent
No errors in haproxy.log
UPDATE: I did add Zabbix to the root group.
Now, in Zabbix server logs I can see this message:
changed: Value "which: no nc in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin)
2" of type "string" is not suitable for value type "Numeric (unsigned)"
And I'm lost again.
UPDATE: I was missing netcat, I installed it on the zabbix server and client.
UPDATE: It's working
According to your update, I guess netcat (nc) is not installed on your system.
Install it and try again
My Go application makes TLS connections via tls.Dial() to exchange data.
It works fine when run from the host:
But the outgoing connection doesn't seem to work when the app is run from a Docker container. The app hangs indefinitely.
Note 1: Same behavior with using docker run -p $(docker-machine ip):2500:2500 ...
Note 2: VM doesn't have extra port forwarding settings other than the default settings that came with docker-machine's default VM.
Docker image build with Dockerfile:
FROM golang:latest
RUN mkdir -p "$GOPATH/src/path/to/app"
# Install dependencies
RUN go get github.com/path/to/dep
VOLUME "$GOPATH/src/path/to/app"
EXPOSE 2500
WORKDIR "$GOPATH/src/path/to/app"
CMD ["go", "run", "main.go"]
Host is OS X running docker-machine.
Question
How can I make the TCP outgoing connection to work?
You are either using boot2docker or docker-machine (since you are running docker on OSX). If you are using boot2docker, you have to forward the ports on VirtualBox as well as docker, have a look at this blog post:
https://fogstack.wordpress.com/2014/02/09/docker-on-osx-port-forwarding/
If you are using docker-machine, you have to connect to the docker-machine assigned ip, not localhost, have a look at this post:
https://github.com/docker/machine/issues/710
I see now that you are using docker-machine specifically, so the post about docker-machine should answer your question.
Edit: I misunderstood the question. You are trying to make an outgoing connection on a forwarded port. That is not correct. By default docker can make outgoing connections on any port. The port forwarding is for incoming connections only. Please try again without specifying any ports to forward. My suspicion is that you are trying to make an outgoing connection on the incoming (forwarded) port.
I've just had exactly the same problem. Was unable to connect out at all.
Restarted the container, and suddenly outgoing connections worked fine. It's possible that the container survived an update of docker?
Currently using Docker version 18.09.3, build 774a1f4
I'm new to linux server. I install mongodb on centos 6.3. And I run the mongodb server in this command:
mongod -config /etc/mongodb.conf &
And i'm sure that I have make bind_ip to listen all ip:
# mongodb.conf
# Where to store the data.
dbpath=/var/lib/mongodb
#where to log
logpath=/var/log/mongodb/mongodb.log
logappend=true
rest = true
bind_ip = 0.0.0.0
port = 27017
But, I cannot make mongodb remote access either. my server ip is 192.168.2.24,and I run mongo in my local pc to access this mongodb, it show me this error:
Error: couldn't connect to server 192.168.2.24:2701
7 (192.168.2.24), connection attempt failed at src/mongo/shell/mongo.js:148
exception: connect failed
But, I can access this mongodb in server where mongodb install using this command:
mongo --host 192.168.2.24
So, I think it may success to make mongo remote access, but maybe something wrong with linux server,maybe firewall? So,I try to use the command to check the port whether open for remote access:
iptables -L -n | grep 27017
nothing is returned, then I add port to iptalbes using this command:
iptables -A INPUT -p tcp --dport 27017 -j ACCEPT
iptables -A OUTPUT -p tcp --source-port 27017 -m state --state ESTABLISHED -j ACCEPT
and save the iptables & restart it:
iptables-save | sudo tee /etc/sysconfig/iptables
service iptables restart
I can see port of 27017 is added to iptables list, but it still not work at all. I think it may not success in opening the port of 27017. How should I do for it? I'm new to linux server,by the way my linux server pc is offline. So it can't use the command about "yum". please give me solution in detail. Thanks so much.
It seems like the firewall is not configured correctly.
Disclaimer: Fiddling with firewall settings has security implications. DO NOT USE THE FOLLOWING PROCEDURE ON PRODUCTION SYSTEMS UNLESS YOU KNOW WHAT YOU ARE DOING!!! If in the slightest doubt, get back to a sysadmin or DBA.
The problem
Put simply, a firewall limits the access to services like MongoDB running on the protected machine by unauthorized parties.
CentOS only allows access to ssh by default. We need to configure the firewall so that you can access the MongoDB service.
The solution
We will install a small tool provided by CentOS < 7 (version 7 provides different means), which simplifies the use of iptables, which in turn configures netfilter, the framework of the Linux kernel allowing manipulation of network packets – thus providing firewall functionality (amongst other cool things).
Then, we will use said tool to configure the firewall functionality so that MongoDB is accessible from everywhere. I can't give you a more secure configuration, since I do not know your network setup. Again, use this procedure on production systems at your own risk. You have been warned!
Installation of system-config-firewall-tui
First, you have to log into your CentOS box as root, which allows installation and deinstallation of packages and change system-wide configurations.
Then, you need to issue (the dollar sign denotes the shell prompt)
$ yum -y install system-config-firewall-tui
The result should look something like this
Configuration of the firewall
Next, you need to start the tool we just installed
$ system-config-firewall-tui
which will create a small command line GUI:
Do not simply disable the firewall!.
Press Tab or →| respectively, until the "Customize" button is highlighted. Now press ↵. In the next screen, highlight "Forward" and press ↵. You now should be in a screen called "Other Ports",
in which you highlight "Add" and press↵. This brings you to a screen "Port and Protocol" which you fill like shown below
The configuration explained: MongoDB uses TCP for communicating with the clients and it listens on port 27017 by default for a standalone instance. Note that you might need to change the port according to the referenced list in case you do not run a standalone instance or replica set.
The next step is to highlight "OK" and press ↵, which will seemingly clear the inputs. However, the configuration we just made is saved. So we will press "Cancel" and return to the "Other Ports" screen, which should now look like this:
Now, we press "Close" and return to the main screen of "system-config-firewall-tui". Here, we press "Ok" and the tool asks you if you really want to apply those the changes you just made. Take the time to really think about that. ;)
Pressing "Yes" will now modify the firewall rules executed by the Linux kernel.
We can verify that by issuing
$ iptables -L -n | grep 27017
which should result in the output below:
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:27017
Now you should be able to connect to your MongoDB server.
Hi I have the following problem with redis,
I have installed redis on Ubuntu 12.10 with
sudo apt-get install redis-server
However, then comes the start of the message server
[6793] February 6 21:46:54 # Warning: no config file specified, using the default config. In order to specify a config file use 'redis-server / path / to / redis.conf'
[6793] 6 February 6379 21:46:54 # Opening port: bind: Address already in use
What can I do that the server starts?
You should stop the current instance by using the following command.
/etc/init.d/redis-server stop
The default port for Redis, 6793, is already being used, so you'll need to find out what is using that port.
You can check by running: lsof -i :6793
You'll then need to either kill whatever is using that port or specify a different port for Redis using a config file.
pidof redis-server can get you the process id of redis-server;
OR lsof -i:6379 can get you the process id of the running instance with the default listening port 6379.
I would recommend you to check the log file for the troubleshooting possible errors.
Usually located at /var/log/redis/redis.log
I want to remote debug the nodejs program in Eclipse. I start the node script with the debug option.
$node debug script.js
But I can't connect to the node in Eclispe. When I netstat the node's TCP port. I found that node only listen 127.0.0.1 in debug mode. So I can't connect it from different computer.
But I can't find any startup options that can change to listen to any address.
Anyone know to make it listen to any address to remote debug in other computer?
if anyone else stumble upon this: you can set the node debug to any address as you set the port
node --debug=169.168.1.2:5858 app.js
if that would be the ip of your remote machine or even better to every machine
node --debug=0.0.0.0:5858 app.js
but please be aware that the 2nd option should only be used if you are debugging in your own private network as you open it up for everyone
This is what I do in linux Debian:
install balancer
sudo apt-get install balance -y
then create a route in balancer to reroute your 5858 port to 5859
balance 5859 127.0.0.1:5858
start your app
node --debug app.js
now you can access it from everywhere on port 5859
I'm looking into V8 code that goes through deps/v8/src/debug-agent.* down to deps/v8/src/platform-posix.cpp (for linux) to POSIXSocket::Bind method and it can't seem to have any option about this (unless I'm missing something).
I bet you either hack it and recompile node or you'll need to build a small proxy beside your node process.
Here's a great tut on debugging nodejs from eclipse. Note at the bottom there is a script the author uses to forward localhost:5858 to the remote server's 127.0.0.1. You could also just use an SSH tunnel.
So, to summarize:
start your script with node --debug app.js
configure eclipse as if you were debugging locally
use the node_g script or configure an SSH tunnel
go on vacation now that your code is bug-free
to debug nodejs remotely over SSH session do:
1. install balance on Linux: https://balance.inlab.net/overview/
2. run the command: balance -df 8585 127.0.0.1:5858 > /tmp/balance.out 2>&1 &
3. ssh to your remote Linux box (tunnel will be created 8585 > 5858 > nodejs)
4. run your node script on server: node --debug-brk --nolazy ./myNodeApp.js
5. kick off debug session in WebStorm alt-d to port 8585
now you are remote debugging securely over SSH session