I have setup a basic infrastructure using chef. This includes a local chef server(ubuntu based), workstation and an ubuntu based server(to be used as the node). Please note that the entire infrastructure lies behind the firewall in my office network. And I have made necessary proxy settings for the servers to access the internet.
So here is the problem - When I try to bootstrap the node using -
knife bootstrap <node's ip> --sudo -x <username> -P <password> -N "<name>"
i get the following error
<node's ip> --2014-02-19 10:47:10-- https://www.opscode.com/chef/install.sh
<node's ip> Resolving www.opscode.com (www.opscode.com)... 184.106.28.91
<node's ip>1 Connecting to www.opscode.com (www.opscode.com)|184.106.28.91|:443... failed:Connection refused.
<node's ip> bash: line 83: chef-client: command not found
I was not able to find a solution to this. However I came across the knife[:bootstrap_proxy] = "http://username:password#proxyIP:port/" setting that can be added to knife.rb . I did this (by entering my office proxy details) and then the connection during bootstrap was successfull and the chef client was downloaded on the node. However this setting only defines the proxy that should be used by the node. So, this led to the http_proxy = "http://username:password#proxyIP:port/" being set in client.rb. But because I have already made all the proxy settings in my server, the chef client failed to launch. So I manually removed the http_proxy and https_proxy settings from client.rb and ran the command chef-client which was then successful.
I have two questions -
1) why did knife[:bootstrap_proxy] = "http://username:password#proxyIP:port/" work? because it only defines the proxy that should be used by the node.
2) Also, alll the proxy setting for the node has already been done. I do not want any proxy settings in client.rb. How do I achieve this?
Please help!
When it comes to your client.rb I'd suggest looking into https://github.com/opscode-cookbooks/chef-client
It's a wrapper script for client.rb(s).
Not sure about your knife[:bootstrap_proxy] though. Ideally that cookbook should take care of it. If you are still stumpped you can run chef-client -VV and knife -VV to see exactly what it's doing.
Related
telnet is necessary in order to maintain compatibility with older software in this case. I'm working with the Yocto Rocko 2.4.2 distribution. when I try to telnet to the board I'm getting the oh so detailed message "connection refused".
Using the method here and the options here I modified the busybox configuration per suggestion. When the board is booted up and logged in, if you execute: telnet, it spits out usage info and a quick directory check shows that telnet is installed to /usr/bin/telnet. My guess is that the telnet client is installed but the telnet server is not running?
I need to get telnetd to start manually at least so I know it will work with an init script in place. The second reference link there suggests that 'telnetd will not be started automatically though...' and that there will need to be an init script. How can I start telnetd manually for testing?
systemctl enable telnetd
returns: Unit telnetd.service could not be found
UPDATE
telnetd in located in /usr/sbin/telnetd. I was able to manually start the telnetd service for testing from there. After manually starting the service telnet login now works. looking into writing a systemd init script to auto start the telnetd service, so I suppose this issue is closed. unless anyone would like to offer up detailed telnet busybox configuration and setup steps as an answer to 'How to configure telnet service for yocto image'
update
Perhaps there is something more? I created a unit file that looks like this:
[Unit]
Description=auto start telnetd
[Service]
ExecStart=/usr/sbin/telnetd
[Install]
WantedBy=multi-user.target
on reboot, systemd indicates the process executed and succeeded:
systemctl status telnetd
.
.
.
Process: 466 ExecStart=/usr/sbin/telnetd (code=exited, status=0/SUCCESS)
.
.
.
The service is not running however. netstat -l does not list it and telnet login fails. Something I'm missing?
last update...i think
so following this post, I managed to get telnet.socket service to startup on reboot.
systemctl status telnet.socket
shows that it is running and listening on 23. Now however, when I try to remote in with telnet I'm getting
Connection closed by foreign host
Everything I've read so far has been talking about xinetd service (which I do not have...). What is confusing is that, if I just navigate to /usr/sbin/ and execute telnetd, the server is up and running and I can telnet into the board, so I do not believe I'm missing any utilities or services (like the above mentioned xinetd), but something is still not being configured correctly. any ideas?
I cannot connect to internet from pods. My kubernetes cluster is behind proxy.
I have already set /env/environment and /etc/systemd/system/docker.service.d/http_proxy.conf, and confirmed that environment variables(http_proxy, https_proxy, HTTP_PROXY, HTTPS_PROXY, no_proxy, NO_PROXY) are correct.
But in the pod, when I tried echo $http_proxy, answer is empty. I also tried curl -I https://rubygems.org but it returned curl: (6) Could not resolve host: rubygems.org.
So I think pod doesn't receive environment values correctly or there is something I forget to do what I should do. How should I do to solve it?
I tried to export http_proxy=http://xx.xx.xxx.xxx:xxxx; export https_proxy=....
After that, I tried again curl -I https://rubygems.org and I can received header with 200.
What I see is that you have wrong proxy.conf name.
As per official documention the name should be /etc/systemd/system/docker.service.d/http-proxy.confand not /etc/systemd/system/docker.service.d/http_proxy.conf.
Next you add proxies, reload daemon and restart docker, as mentioned in provided in comments another answer
/etc/systemd/system/docker.service.d/http_proxy.conf:
Content:
[Service]
Environment="HTTP_PROXY=http://x.x.x:xxxx"
Environment="HTTPS_PROXY=http://x.x.x.x:xxxx"
# systemctl daemon-reload
# systemctl restart docker
Or, as per #mk_ska answer you can
add http_proxy setting to your Docker machine in order to forward
packets from the nested Pod container through the target proxy server.
For Ubuntu based operating system:
Add export http_proxy='http://:' record to the file
/etc/default/docker
For Centos based operating system:
Add export http_proxy='http://:' record to the file
/etc/sysconfig/docker
Afterwards restart Docker service.
Above will set proxy for all containers what will be used by docker engine
I want to expose one blue zone api to external customers via secure-gateway, I am using docker as the client, but I always met below errors (the api server is in DST environment), can anyone help me on this? I have added the host name and port into ACL file, also, I tried adding --allow when I run docker, it will disable 'deny all'
[INFO] (Client ID d83dty5MIJA_rVI) Connection #2 is being established to ralbz001234.cloud.dst.ibm.com:8888
[2017-09-06 20:59:19.210] [ERROR] (Client ID d83dty5MIJA_rVI) Connection #1 to destination ralbz001234.cloud.dst.ibm.com:8888 had error: EHOSTUNREACH
When I add secure-gateway, the resource loacated filed, I choose On-Premises, is this correct?
EHOSTUNREACH is an issue with the underlying system not being able to find a route to the host you've provided. From the machine hosting the docker client, are you able to access the resource located at ralbz001234.cloud.dst.ibm.com:8888? If the host is able to connect, then you could try adding --net=host to the docker run command:
docker run --net=host -it ibmcom/secure-gateway-client <gatewayID> -t <security_token> --allow
If the host is unable to connect as well, then this post may shed more light on routing.
I have a Pi that runs hostapd and dhcpd on arch linux to create it's own land with the Pi's (routers) IP being 10.0.0.1. This uses the wlan0 interface and it only serves as a standalone router running a web server.
Once I connect to the Pi, I use 10.0.0.1 to display the web pages, but I want to use a hostname such as firepi. I have tried using dnsmasq, but I haven't been successful. Any help would be greatly appreciated especially if you can give me some detailed examples as I am a novice.
The purpose of this system is that I have created a web app that you can use to ignite fireworks over WiFi at a safe distance. I would just like the convenience of using a hostname instead of the IP address.
I must add that I will more than likely be using an iPhone to connect to the server, should this affect anything.
Not too sure how or why but this is what I did and it is successfully working now, so this is just for future users who may need a similar setup to mine.
First I installed hostapd and dhcpd and made sure they were working. Next I changed '/etc/hostname' to firepi and the '/etc/hosts' and added '10.0.0.1 firepi'. Then I installed dnsmasq, and set the interface to wlan0, and finally added '10.0.0.1 firepi' to '/etc/resolv.conf'.
After a full reboot, I joined the network on my iPhone, navigated to firepi and sure enough, it worked!
Thanks to the other users for their advice and tips.
You can use avahi on Arch as well to resolve your hostname:
sudo pacman -S avahi nss-mdns
Start the avahi daemon:
sudo systemctl enable avahi-daemon.service
sudo systemctl start avahi-daemon.service
Edit /etc/nsswitch.conf
sudo vim /etc/nsswitch.conf
Change the line:
hosts: files myhostname dns
to
hosts: files myhostname mdns_minimal [NOTFOUND=return] dns
Reboot
Note: don't forget to add .local to your hostname.
See also:
http://blog.pixxis.be/post/77285636682/resolve-hostname-with-arch-linux-on-a-raspberry-pi
If you just want to be able to use "firepi" as hostname to connect to it, you can simply add it to your /etc/hosts file using the syntax "IP host".
To make it as easy as possible, run this command as root:
echo "10.0.0.1 firepi" >> /etc/hosts
That'll do the trick.
Can you try avahi ?
sudo apt-get install avahi-daemon and
sudo apt-get install avahi-browse
I've successfully used that on Raspian. Unless you change the hostname using
sudo raspi-config you will access via raspberrypi.local
Note that if you plan to access the RPi from Windows you will need to install Bonjour Service first(if you have iTunes intalled, you might have those, run services.msc and check if the Bonjour Service is started)
Another note: On a friend's iphone I've installed a generic vnc client and had x11vnc running on the RPi and succesfully managed to connect to the RPi (since avahi-daemon was installed)
I want to remote debug the nodejs program in Eclipse. I start the node script with the debug option.
$node debug script.js
But I can't connect to the node in Eclispe. When I netstat the node's TCP port. I found that node only listen 127.0.0.1 in debug mode. So I can't connect it from different computer.
But I can't find any startup options that can change to listen to any address.
Anyone know to make it listen to any address to remote debug in other computer?
if anyone else stumble upon this: you can set the node debug to any address as you set the port
node --debug=169.168.1.2:5858 app.js
if that would be the ip of your remote machine or even better to every machine
node --debug=0.0.0.0:5858 app.js
but please be aware that the 2nd option should only be used if you are debugging in your own private network as you open it up for everyone
This is what I do in linux Debian:
install balancer
sudo apt-get install balance -y
then create a route in balancer to reroute your 5858 port to 5859
balance 5859 127.0.0.1:5858
start your app
node --debug app.js
now you can access it from everywhere on port 5859
I'm looking into V8 code that goes through deps/v8/src/debug-agent.* down to deps/v8/src/platform-posix.cpp (for linux) to POSIXSocket::Bind method and it can't seem to have any option about this (unless I'm missing something).
I bet you either hack it and recompile node or you'll need to build a small proxy beside your node process.
Here's a great tut on debugging nodejs from eclipse. Note at the bottom there is a script the author uses to forward localhost:5858 to the remote server's 127.0.0.1. You could also just use an SSH tunnel.
So, to summarize:
start your script with node --debug app.js
configure eclipse as if you were debugging locally
use the node_g script or configure an SSH tunnel
go on vacation now that your code is bug-free
to debug nodejs remotely over SSH session do:
1. install balance on Linux: https://balance.inlab.net/overview/
2. run the command: balance -df 8585 127.0.0.1:5858 > /tmp/balance.out 2>&1 &
3. ssh to your remote Linux box (tunnel will be created 8585 > 5858 > nodejs)
4. run your node script on server: node --debug-brk --nolazy ./myNodeApp.js
5. kick off debug session in WebStorm alt-d to port 8585
now you are remote debugging securely over SSH session