I want to connect relay to sentry.io via proxy service/application.
Please help me in this I am not able to find any way to put proxy between relay and sentry.
Config.yml
relay:
mode: managed
upstream: “https://sentry.io/”
host: 0.0.0.0
port: 3000
tls_port: ~
tls_identity_path: ~
tls_identity_password: ~
Where I have to set the proxy in relay?
You can replace the upstream location to your proxy service/application and there you need to have another relay which can upload the data to sentry.io
Warn : This will just forward the messages, so configure your first relay in proxy mode.
Related
I'm having some problems to establish a websocket connection to a running ddev container.
Trying wo etablish the connection per JS for example with wss://websocket.ddev.site:3000 ends always up with connection failed.
Websocket PHP library used: Ratchet (http://socketo.me/)
I tried to set the ext. container port in an own docker-compose.yaml or web_extra_exposed_ports in config.yaml but nothig worked so far.
I have managed to run a Websocket connection.
Therefore, I did an entry in config.yaml of DDEV with following Content:
web_extra_exposed_ports:
- name: ratchet
container_port: 3000
http_port: 3000
https_port: 3001
After DDEV restart, it is now possible to establish a Websocket connections with:
HTTP: 'ws://websocket.ddev.site:3000'
HTTPS: 'wss://websocket.ddev.site:3001'
My working example was build with the tutorial on http://socketo.me/docs/hello-world calling above URL with Browser console.
Hi i would like to expose my elasticsearch cluster in kubernetes created using ECK (https://www.elastic.co/guide/en/cloud-on-k8s/current/index.html) so it can be accessed externally.
I have a requriement to setup Functionbeat to ship aws lambda cloudwatch logs to elastcsearch.
Please see Step 2: Connect to the Elastic Stack https://www.elastic.co/guide/en/beats/functionbeat/current/functionbeat-installation-configuration.html
Attempt:
I have an elastic load balancer that has haproxy running on it which i use to expose other k8 services externally such as frontends. Ive attempted to modify this to also allow me to expose elasticsearch.
haproxy
frontend elasticsearch
bind *:9200
acl host_data_elasticsearch hdr(host) -i elasticsearch.acme.com
use_backend elasticsearchApp if host_data_elasticsearch
backend elasticsearchApp
server data-es data-es-es-http:9200 check rise 1 ssl verify none
Im attempting to see if i can connect using the following curl command:
curl -u "elastic:$ELASTIC_PASSWORD" -k "https://elasticsearch.acme.com:9200"
However i get the following error:
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
In the browser if i navigate to the url i get
This site can’t provide a secure connection
elasticsearch.acme.com sent an invalid response.
ERR_SSL_PROTOCOL_ERROR
Posting answer as community wiki based on #Joao Morais comment:
you added ssl to the server line which instructs haproxy to perform a ssl offload and you didn't add the ssl stuff in the frontend. it seems you should either remove the ssl+verify from the server, add ssl to the front or query a plain http request.
Additional information:
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number indicates that you are trying to reach website that is not secure.
To access it you should replace https: with http: in your curl command so it will look like this:
curl -u "elastic:$ELASTIC_PASSWORD" -k "http://elasticsearch.acme.com:9200"
I have setup of Elastic with APM server on single machine. I've configured APM java agent to push traces to APM server on localhost. Everything works fine with localhost configuration on Windows.
Now, I'm looking to run apm java agent for application running on different machine on the same network. That is apm java agent on linux & apm server running on windows machine.
Default APM-server listen to localhost. I tried to change setting on apm-server.yml file with -
apm-server:
# Defines the host and port the server is listening on. use "unix:/path/to.sock" to listen on a unix domain socket.
host: "hot-ip:8200"
default is:
host:"localhost:8200".
After making apm-server.yml change, process explorer show apm-server.exe process listening to IP- host-ip port- 8200 protocol- TCP.
But, still http://host-ip:8200 is not accessible from other machine on network. While on the same machine (windows) http://localhost:8200 & http://host-ip:8200 works fine & give below response.
{
build_date: "2019-05-23T12:58:36Z",
build_sha: "410bf33fa1b67fa5bd02a388de17d0e30ec031da",
version: "7.1.1",
}
Thanks for help.
To listen on 0.0.0.0 try:
host: ":8200"
Is a firewall blocking the traffic (like Window's built-in one)?
10.9.21.91 is the IP that hosts are trying to reach? Just to be sure you could bind to host: "0.0.0.0:8200", which would cover all possible interfaces.
Replace "localhost:8200" with "0.0.0.0:8200" in apm-server.yml
How can allow only local requests for elasticsearch?
So command like:
curl -XGET 'http://localhost:9200/twitter/_settings'
can only be running on localhost and request like:
curl -XGET 'http://mydomain.com:9200/twitter/_settings'
would get rejected?
Because, from what i see, elasticsearch allows it by default.
EDIT:
According to http://www.elasticsearch.org/guide/reference/modules/network.html
you can manage bind_host parameter to allow hosts. And by default, it is set to anyLocalAddress
For elasticsearch prior to v2.0.0, if you want both http transport and internal elasticsearch transport to listen only on localhost simply add the following line to elasticsearch.yml file.
network.host: "127.0.0.1"
If you want only http transport to listen on localhost add the following line instead.
http.host: "127.0.0.1"
Starting from v2.0 elasticsearch is listening only on localhost by default. So, no additional configuration is needed.
If your final goal is to deny any requests from outside the host machine, the most reliable way would be to modify the host's iptables so that it denies any incoming requests to the service ports used by ElasticSearch (9200-9300).
If the end goal is to make sure that everyone refers to the service using an exclusive DNS, you're better off achieving this with an HTTP server that can proxy requests such as HTTPd or nginx.
I use this parameter:
http.host: "127.0.0.1"
This parameter not accept http requests for external request.
When I check using Apache > Service > Test Port 80, then it shows
Your port 80 is actually used by :
Server: Microsoft-HTTPAPI/2.0
How can I disable this. Tried every possible way, even via registry, and stopping World Wide Web Publishing.
I don't think that's possible. When you type "localhost" into the browser, it resolves that to "127.0.0.1", and fills in the default port of 80. If nothing is listening there, it won't connect. It can't resolve "localhost" to "127.0.0.1:8080". If you can't use port 80, you have to specify the port you want. Use a bookmark if it makes it easier for you.
This is basically redirecting 127.0.0.1:80 to 127.0.0.1:8080
Win7 has no iptables equivalent. Writing a server that does what you want (listens on a port, copies everything to/from another) should be easy enough. You can find one at this URL: http://www.quantumg.net/portforward.php
$> netsh
$> interface portproxy
$> add v4tov4 listenport=xxx connectaddress=127.0.0.1 connectport=yyy protocol=tcp
[or]
port forwarding in windows
Suggestion: If your Apache is under your WIn10
Under Win Settings:
- Proxy - Manual proxy setup - Use a proxy server - Turn On
- Type under Manual proxy server http=127.0.0.1:8080;https=127.0.0.1:8080
- Press the Save button
and tell me if it is working.