I need to spin up a TURN/STUN server in Cloud. I feel it a pretty common use case and there are hundreds of related posts in the internet. After several days of failed attempt, I still failed to spin it up.
Here is my current step. I keep it simple to be reproduced (only take ~10mins). I've no idea which part could go wrong.
1. Launch an (Amazon Linux 2.0 , t2.micro) host
allow ALL traffic in SecurityGroup (only for quick test, remember to
delete the rule)
put it in public Subnet in default VPC grant it
public IP address.
2. ssh into the host run following commands
sudo yum -y update
sudo amazon-linux-extras install epel
sudo yum -y install coturn
3. start server
export PRIVATE_IP=172.31.28.133
export PUBLIC_IP=34.222.45.31
sudo turnserver -n --listening-port 3478 --listening-ip ${PRIVATE_IP} \
--relay-ip ${PRIVATE_IP} --external-ip ${PUBLIC_IP} \
--allow-loopback-peers --no-auth --no-tlsv1 --no-tlsv1_1 \
--log-file /tmp/turnserver.log --simple-log --fingerprint \
--min-port=49152 --max-port=65535 --verbose --no-cli
Now we will be able to see server up and running in 3478 port (default turn server port)
But this server is not running functional, there are a few problems with it:
ssh the host in new tab, run curl localhost:3478, it will respond: curl: (56) Recv failure: Connection reset by peer (Expect to see default "TURN Server" html page)
from random machine (not within the VPC), run curl <EC2ExternalIpAddress>:3478, it has no response, not even Recv failure message
trickle ICE shows "TURN server not reachable"
What could be problem with it?
Related
I'm using Jenkins to automate the deploy of a virtual appliance. The first step is to build a standard CentOS 7 minimal vm in KVM. I wrote a short bash script to do this task which works when running locally on the KVM machine:
#!/bin/bash
#Variables
diskpath="/var/lib/libvirt/images/"
buildname=$(date +"%m-%d-%y-%H-%M")
vmextension=".dsk"
#Change to images directory
cd /var/lib/libvirt/images/
#Deploy VM with with kickstart file
sudo virt-install \
--name=$buildname \
--nographics \
--hvm \
--virt-type=kvm \
--file=$diskpath$buildname$vmextension \
--file-size=20 \
--nonsparse \
--vcpu=2 \
--ram=2048 \
--network bridge=br0 \
--os-type=linux \
--os-variant=generic \
--location=http://0.0.0.0/iso/ \
--initrd-inject /var/lib/libvirt/images/autobuild-ks.cfg \
--extra-args="ks=http://0.0.0.0/ks/autobuild-ks.cfg console=ttyS0"
(IP address i have changed for the purposes of security)
The ISO and the kickstart file are stored on another server and they can both be accessed via http for the purposes of making this script work. To be clear, the script does work.
The problem I have is, when I put this script into Jenkins as a build step, the script works; however, it hangs at the end after the OS has been installed and the kvm guest begins the shutdown process.
here is the kickstart file:
#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
# Use Network installation media
url --url=http://0.0.0.0/iso
# Use graphical install
#graphical
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=sda
# Keyboard layouts
keyboard --vckeymap=gb --xlayouts='gb'
# System language
lang en_GB.UTF-8
# Network information
network --bootproto=dhcp --device=ens160 --ipv6=auto --activate
network --hostname=hostname.domain.com
# Root password
rootpw --iscrypted
taken_encryption_output_out_for_the_purposes_of_security
#Shutdown after installation
shutdown
# System services
services --enabled="chronyd"
# System timezone
timezone Europe/London --isUtc
# System bootloader configuration
bootloader --append=" crashkernel=auto" --location=mbr --boot-
drive=sda
autopart --type=lvm
# Partition clearing information
clearpart --none --initlabel
%packages
#^minimal
#core
chrony
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=50 --notstrict --nochanges --
notempty
pwpolicy user --minlen=6 --minquality=50 --notstrict --nochanges --
notempty
pwpolicy luks --minlen=6 --minquality=50 --notstrict --nochanges --
notempty
%end
I suspect it's something to do with the shutdown option in the Kickstart file but unsure. When I ssh to the kvm server, I can see my newly created vm so the script does work but Jenkins hangs.
[root#sut-kvm01 ~]# virsh list --all
Id Name State
----------------------------------------------------
- 09-22-17-16-21 shut off
So far I have tried shutdown, reboot and obviously halt is default in the kickstart file and they have not worked for me either.
Any ideas how I can get the build to complete successfully? If it hangs, I can't move on to what will be build step number 2.
Help please :-)
Ok so I managed to figure out what the issue was. The issue was nothing to do with Jenkins or the script but rather to do with the kickstart file. In a nutshell, I was editing the wrong kickstart file. The file i was editing was the default kickstart file in the /root/ directory but that is not the same file that was being injected into memory by the script so the changes I made were having no effect.
Note to self - just because the script works, does not mean the answer to the problem isn't written in the script.
I am developing a nodejs client for a business network. I install the network version 100 . after I make some changes I redeployed it however the changes did not effect at least the nodejs client still logs it is connected to version 100. I increment the version 101 restart the nodejs still got 100 in the log.
what is the procedure to update the network?
deploy command
composer network deploy -a network.bna -p hlfv1 -i PeerAdmin -s anything
oepn connection
this.bizNetworkConnection.connect(this.CONNECTION_PROFILE_NAME, this.businessNetworkIdentifier, participantId, participantPwd)
log network identifier
LOG.info('KYC:', 'businessNetworkDefinition obtained', this.businessNetworkDefinition.getIdentifier());
I think you need composer network update to update the version of an already deployed network.
I have been following this tutorial to try and setup a single node mesosphere cluster from their
official tutorial:
http://mesosphere.com/docs/getting-started/developer/single-node-install/
I followed all the commands without any issues, and I also added the ports 5050 and 8080 to my security group. When I try to access the console for mesos/marathon, I get a "Internet Explorer cannot display the webpage" message.
They also recommend checking it the following way:
MASTER=$(mesos-resolve `cat /etc/mesos/zk`)
mesos-execute --master=$MASTER --name="cluster-test" --command="sleep 5"
But that comes up with an error:
WARNING: Logging before InitGoogleLogging() is written to STDERR
F0106 17:03:08.126703 20993 process.cpp:1561] Failed to initialize, gethostbyname2: Unknown host
*** Check failure stack trace: ***
I am not really sure how to troubleshoot this either, and there are not many tutorials I could find on how to install mesos on ubuntu.
I checked the contents of the zk file, seems to be the default value.
$ cat /etc/mesos/zk
zk://localhost:2181/mesos
I would really appreciate any clues on how to go about this one.
Edit: The process is definitely running too - just an fyi:
root 31545 8.5 5.9 187464 35604 ? Ssl 17:28 0:00 /usr/local/sbin/mesos-slave --master=zk://localhost:2181/mesos --log_dir=/var/log/mesos
root 31563 28.5 2.1 116304 12856 ? Rs 17:28 0:00 /usr/local/sbin/mesos-master --zk=zk://localhost:2181/mesos --port=5050 --log_dir=/var/log/mesos --quorum=1 --wo
Mesos uses gethostbyname2 to resolve hostnames to IPs. The first thing I would recommend, is to try "ping localhost" and "ping hostname", and verify that there are no strange settings in /etc/hosts. If you're doing a multi-node cluster, I'd recommend that hostname map to the public IP address (not 127.0.x.1).
If that doesn't help, you can try setting the --ip and --hostname flags when starting mesos-master and mesos-slave, to bypass the gethostbyname2 resolution. These can also be set by writing to the file-based parameters, e.g. /etc/mesos/mesos-master/ip
For additional troubleshooting, try running wget http://localhost:5050 (or curl -L) from the mesos master, to verify that it is locally visible. Also try wget http://<public_ip>:5050 to verify that the web server is up and serving to the public IP. Depending on how your (EC2?) node is setup, you may need to expose/forward the port, or connect to a VPN.
Thanks Adam. I ran the wget and curl commands, and nothing was actually listening on port 8080 or 5050. I did open those ports in the ec2. A simple reboot did the trick however, once I ssh'ed into the ec2 instance after the reboot, both mesos and marathon were running and both ports are now showing after I ran
netstat -ntln.
I am trying to connect to Amazon EC2 via:
ssh -i ~/.ssh/YOUR_KEYPAIR_FILE.pem ec2-user#YOUR_IP_ADDRESS
The terminal takes 1 or 2 mins and then prints:
ssh: connect to host XXX port 22: Operation timed out
Any ideas?
Login to AWS
Go to the Instances section
Click on the security group associated with your EC2 instance
Down the bottom click on the inbound tab and then click edit
Create this rule
TYPE SSH
PROTOCOL TCP
PORT RANGE 22
SOURCE Anywhere
You should now be able to connect to the instance on port 22 via ssh with your key.
You need to open port 22 in your security group. All ports are closed by default.
Can you try changing permissions to YOUR_KEYPAIR_FILE.pem like this
chmod 600 YOUR_KEYPAIR_FILE.pem
Then shoot the command
ssh -i YOUR_KEYPAIR_FILE.pem ec2-user#YOUR_IP_ADDRESS
I had a similar problem. I checked all my networking time and time again from the ec2 instance all the way through the VPC and out to the internet. Security groups were allowing all sources through ports 22 and 80. My NACL was allowing the right permissions. I knew AWS was all ok yet everytime I went to try ssh into an instance I would still get an operation timeout, indicating that problem must be with my local machine instead.
First to check that the ssh port was open I ran the following:
ssh localhost
This worked fine!
Afte doing some research on the net, in the end it all boiled down to java and my terminal not recognising that java was installed on my machine.
Supporting Document:
AWS Documentation
No Java means that your .pem will not be recognised
Start by running the follwing:
java -version
If you get no hits then install relevant java SDK for your OS and once installed run
which java
You should get something like this:
/usr/bin/java
Now we can try connect to an instance again and hopefully you should have success this time!
ssh -v -i ~/Downloads/labamikey.pem ec2-user#ec2-34-200-217-2.compute-
__| __|_ )
_| ( / Amazon Linux AMI
___|\___|___|
[ec2-user#ip-10-0-0-54 ~]$
I just figured how to connect to my webhost with PuTTy .
But how to I connect to my localhost? I put
Servername: localhost
port: 22 (I've tried 80 too)
And it gives me an error "failed to connect"
How do I connect?
If you are using Cygwin on your local host, you can connect to Cygwin's sshd (SSH Daemon).
3 easy commands to install the sshd as a service: (always there when you startup the machine)
$ ssh-host-config -y # enable sshd. "-y" answers yes to all queries.
$ cygrunsrv --start sshd # start it as an autostart Windows service
$ ssh localhost # try to recursively log in via ssh
Taken from: http://nfnaaron.posterous.com/tag/puttycyg#Section2
(The second approach)
=> You get the entire ssh infrastructure: public key authentication, ssh-agent, etc...
Ensure that you have running a SSH server (such as openssh-server) running on localhost and not just a web server (such as apache). Also ensure, that localhost is really mapping to 127.0.0.0/8
The solution in the answer above won't work unless you have installed Cygwin with the OpenSSH package selected - you have to do this manually during the installation process (see option a below).
Depending on the intended purpose of your connection you can try one of the options below, option (b) being much easier to install but lacking the *nix shell capabilities.
a. You can install a Cygwin shell with ssh server, this site (http://ist.uwaterloo.ca/~kscully/CygwinSSHD_W2K3.html) has instructions for Windows Server but they work for other Windows too with may be some of the questions shown in the output on the page not appearing on non-server version of Windows. Also, where it says in the instructions to issue the command:
mount -s --change-cygdrive-prefix /
delete the -s option so that the command is
mount --change-cygdrive-prefix /
(at least this was the case for me on Windows 7).
b. PuTTy site suggests WinSSHD (http://www.bitvise.com/winsshd-download). It's an easy self-installer. Once it's up you have to click onthe StartSSHD link about 1/3rd of the screen down on the first page of the config window. Then you can connect your PuTTy to localhost. However, in my experience, it didn't provide any *nix command support, only the native Windows ones and I couldn't find anything in their user guide on this.
Hope this helps.
Just adding this answer in case anyone is still looking for a solution.
In your hostname (or IP address) section, enter localhost or 127.0.0.1
Leave the port to its default value 22
Click on open
Now a login shell will popup -
Log in as your username, your username is basically what you get when you type whoami in your Terminal.
In the password section, type the password that you use as your system's password.
The above steps should connect localhost with ssh(PuTTY)