I have installed my web application on 2 Windows based VMs of GCE.My application runs on 8080 port.
Steps followed for Netwrok Load Balancer :
1) I created health checks for 8080 port.
2) Added both my VMs and helathchecks to target pool.
3) In forwarding rule I created a rule for 8080 port for that particular Target Pool.
After this go to Target Pools and check the health of the VMs
Here a red symbol is shown against both the instances and message shown as "instance is unhealthy for ".
I have added port 8080 in Firewall rules.
If any one can help, if I am doing anything wrong or there is some other way to setup the Load Balancer.
I believe this issue is not related to the fact that you are listening in port 8080. Health check will pass as long as your instances are able to communicate with the Metaserver (169.254.169.254 [1]) and response with a valid HTTP page.
You must be sure you have allowed communication on port 8080 on the Google Firewall and on your Windows firewall instance [2]. As a debugging you can try to ping the Metaserver and capturing IP packages to confirm if there is a 3 way handshake between the Metaserver and your GCE instance. Additionally you might want to try to do the setup with the same instances on port 80 to confirm if it is actually related to the port.
[1] https://cloud.google.com/compute/docs/metadata
[2] https://cloud.google.com/compute/docs/networking
Related
I am very new for F5-LTM configuration.Any help related to below requirement will be vary much appreciated.
I have my application on Weblogic-11g server running on managed server at port number : 8001.
Now as my user count has increased i have created one more managed server at port number : 9001
Previously all my request were coming on http://ip_address:8001/login.html
now still i want all request should come from same but they redirect to both http://ip_address:8001/login.html and http://ip_address:9001/login.html
Note : i would also like to inform that in my application i have many other servlet also running so i want request forwarding based on http://ip_address:port_number/servlet
Any body who know How i can achieve my above request forwarding configuration in F5-LTM.
Thanks Again.
I have my application on Weblogic-11g server running on managed server
at port number : 8001. Now as my user count has increased i have
created one more managed server at port number : 9001
I don't think you need a different port and redirection.
You can still run the app on your second server on port 8001. Then you can add both the server under one virtual pool which will be under a virtual IP. Then the user can go to the app by using http://virtualIP:8001/login.html.
When a request is received by the virtual IP it can load balance the request between the two servers which are running the app on the same port 8001.
This is a good documentation in case are interested :
https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-basics-11-6-0.html
trying a quick experiment with ACI to see if I can use it to host iperf3 for some on demand network performance testing. The docker image is https://hub.docker.com/r/netgio/iperf3server/
I can get the container up and running but when I try to connect to it the iperf client gives me the error "iperf3: error - control socket has closed unexpectedly"
I was hoping this would be a simple, single port, single instance use case. are there any specifics related to socket connectivity into ACI instances that would affect this?
EDIT:
iPerf3 defaults to TCP port 5201 so to ensure ACI port mappings are working as expected I created an nginx docker image configured to listen on port 5201 and deployed to ACI. This worked as expected (I could access the default home page at http://:5201). So the issue seems to be specific to whatever iPerf3 is doing with its sockets.
Note the error happens almost immediately at launch of the client iperf3 process.
Azure is experiencing an outage right now. You're probably being impacted.
http://downdetector.com/status/windows-azure
I am working on an angular app using the angular cli to set things up. Running the ng serve command spawns a server at this address <my_ec2_host_name>:4200. When I try to access the page on the browser it doesn't work (connection timed out error). I believe this is because of security reasons so I added the following rule to my security groups for the ec2 instance:
Port 4200 should now be accessible but I still can't get the page to load. Can someone think of how to get this to work?
Start angular with below command.
ng serve --host=0.0.0.0 --disable-host-check
it will disable host check and allow to access with IP
You can set up the host option like this:
ng serve -host 0.0.0.0
The steps you are doing are correct for opening a port via Security Groups in the EC2 console. Make sure you are modifying the correct security group, and make sure that your changes have been saved.
Your container may have additional firewalls in place, so you will want to check the OS documentation. For Example, RHEL uses iptables as a further security measure: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-IPTables.html.
That looks correct. Are you sure that your server is running and listening for connections?
You should ssh to that server and verify that the page can be loaded locally. Eg:
curl http://<YOUR HOST IP ADDRESS>:4200
eg: curl http://54.164.10.123:4200
You should be careful to use the public ip address (eg: IPv4 Public IP when you're in the EC2 console). I've run into problems in the past where I've got a server listening on one IP address (often localhost) and not the public ip address.
Also maybe a problem: Is your host inside a VPC of some sort?
I can't access my Webstrom localhost on port 63342 from mobile.
I opened the port in Windows firewall and ESET (but port online checkers say me that the port still close).
I checked option "Can accept external connections" in Webstorm (but it caused message that Built-in HTTP server on that port disabled).
But when I check 192.168.0.48:63342 in mobile chrome - it still not available.
Please help.
I'd suggest using a different port (8080, 8090) if you need to access the server from another host. External connections to 63342 are not supported for security reasons.
Here are instruction for connecting to WebStorm internal web server from a different host:
- on a remote host, make sure to install JetBrains IDE Support extension into Chrome
- in extension options (chrome-extension://hmhgeddbohgjknpmjagkdomcpobmllji/options.html), specify the IP and port of the target machine
- on a target computer, start WebStorm, make sure that the port specified in Settings/JavaScript/Debugger is the same as above and 'Can accept external connections' is on. Open your project and run your application
Changing the port number to something else than 63342, does work. However I had some difficulties changing the debug port number. If you have the Chrome plugin, changing the debug port number from Webstorm's settings will not override the plugin's default debug port. Thus, you should right click on the plugin, click "Options", change port number and hit apply. At the same time, you should enable external connections in Webstorm's settings: "Settings/JavaScript/Debugger". Then you can access your web app from your smartphone by specifying the IP and port address of the app.
I'm using the Managed VM functionality to run a WebSocket server that I'd like to expose to the Internet on any port (preferably port 80) through a URL like: mvm.mydomain.com
I'm not having much success yet.
Here are the relevant parts of various files I'm using to accomplish this:
Dockerfile:
EXPOSE 8080 8081
At the end of the Dockerfile, a Python app is started: it responds to health checks on port 8080 (I can verify this works) and responds to WebSocket requests on port 8081.
app.yaml:
module: mvm
version: 1
runtime: custom
vm: true
api_version: 1
network:
forwarded_ports: ["8081"]
I deploy this app to the cloud using:
$ gcloud preview app deploy .
In the cloud console, I make sure TCP ports 8080 and 8081 are accepted for incoming traffic. I also observe the IP address assigned to the GCE instance (mvm:1) is: x.y.z.z.
$ curl http://x.y.z.z:8080/_ah/health
$ curl http://mvm.my-app-id.appspot.com/_ah/health
Repond both with 200 OK.
Connecting the WebSocket server using some JavaScript works as well:
new WebSocket('ws://x.y.z.z:8081');
So far so good. Except this didn't work (timeout):
new WebSocket('ws://mvm.my-app-id.appspot.com:8081');
I'd like to know why the above WebSocket command doesn't work.
Perhaps something I don't understand in the GAE/GCE port forwarding interaction?
If this could be made to work somehow, I envision the following would be the last steps to finish it.
dispatch.yaml:
dispatch:
# Send all websocket traffic to the ManagedVM module.
- url: "mvm.mydomain.com/*"
module: mvm
I also setup the GAE custom domain CNAME at mvm.mydomain.com.
Connecting the WebSocket server using JavaScript should then work like:
new WebSocket('ws://mvm.mydomain.com:8081');
It may very well be that port forwarding from appspot.com isn't performed, given that prior to the (relatively recent) release of managed VMs, the only traffic that went to appspot.com was on port 80 or 443. I'd suggest using the IP-of-instance method you found to work.
If you don't find that fully satisfying, you should go to the public issue tracker for app engine and post a feature request to have the appspot.com router detect whether a request is heading for a module that corresponds to a managed VM and attempt the port forwarding in that case.
The thing is, putting the raw port on the end of the domain like that means that your browser will use the port you specified as a connection parameter to appspot.com, not as a query param, so appspot.com will have to listen on all ports and redirect if valid. This could be insecure/inefficient, so maybe the port number could be a query param or part of the domain string, similar to how version and module can be specified...
At any rate, given the way in which ports work, I would highly doubt, if your very simple example caused a fail, that app engine's appspot.com domain was even set up to handle port forwarding to managed VM containers at all at present.