I have a group of hosts registered in the inventory with a non standard ssh port. I would like for ansible to try this port, if ssh fails then try port 22, change the port and continue with the playbook. I have googled and there are several articles about this, but not really doing what I want it to do.
I am trying to figure out a way to register if the ssh port is UNREACHABLE, but cant seem to find a way to do this.
If I can get this done then the rest should be easy just put my tasks in a block with the always tag set.
Related
So i would like to run a playbook via ansible on a host get the ip of that host and then add it to the haproxy.cfg.
I have managed to get the ip from the the host by using ansible_default_ipv4.address": "192.168.159.44 but i dont think this is the correct way to do this.
I want to basically add this line
server dnsnameofserver IP:80 check fall 3 rise 2 cookie uniquecookie
Where the IP and DNS name is collected from the server.
So the workflow im thinking is running a playbook on a webserver and that collects the info and then it sends that information to the haproxy server.
Is this even possible?
Getting the IP from ansible facts is proper way.You can create two host groups one webserver and another haproxy server. You can then use delegate_to haproxy server to run the haproxy command.
Thanks in advance.
I have setup a server in which I intend to host a couple of applications but something weird is happening, I have bought a couple of domains which I have all mapped to the same ip address, but now when trying to ssh to that server only one of the domains goes through, the rest don't.
Someone please explain why this is happening and what I could have probably done wrong
Am I correct that you are attempting to connect to the different domains via different saved configurations in your SSH terminal app. If so, check that you have connected each of those configurations to the appropriate private key. And of course check any other settings you may have needed in those configurations.
For example, make sure that if the host name for the working one is <username>#<domainOne> then the others are not simply <domainTwo.com>. (Errors like this can be hidden in some SSH terminals if the domain is very long.)
This is probably incredibly simple and I'm just missing one step. The problem I was (originally) trying to solve was how to get a statically allocated hostname, one that would not change with each restart. I've done the following steps:
I have a domain registered on GoDaddy, and it points to my EIP. I use it to connect over SSH (putty) to my EC2 instance, so I know that part is working. I've opened ports 9080, 9060, 9043, and 9443 as well as SSH and FTP ports. And I've installed and started the software that uses those ports, and that stuff normally just works on a local RHEL install, so I think what's different here is the custom domain name.
I've added my EIP and fully qualified host name to my /etc/hosts file.
I've added my fully qualified host name to my /etc/hostname file and modified the /etc/rc.local script to set the hostname properly on a restart, and that works. If I execute the command hostname, it returns my fully qualified hostname, so that looks ok.
I cannot ping my server, but I think that's ok, because probably amazon blocks pings. So I don't think that's a symptom of anything.
I cannot open a to http://myserver.mydomain:9080/, which normally just works. Here it just times out.
If I do a wget http://myserver.mydomain:9080 from inside the EC2 instance, it returns failed: No Route To Host
But if I do a wget against localhost instead of the fully qualified name I get what I expect as a response.
So.... routing tables? Do those need to change? And if so how?
You probably don't want to do what you did. Everything in EC2 is NAT'd. Meaning that the IP assigned to your instance is a private/internal ip and the public IP is mapped to it by the routing system.
So internally, you want everything to resolve to the private IP, or you will get charged for traffic as it has to get routed to the edge and then route back in. Using the public DNS name will resolve correctly from the default DNS servers.
If you are using RHEL, you will need to make sure both the security group and the internal firewall (iptables) have ports opened. You could just disable the internal firewall since its a bit redundant with the security groups. On the other hand, it can provide some options security groups do not if you need them.
I am fairly new at EC2 technology so I think I am missing some points. So I set up an instance which is running and had created two key pairs. I choose the instance, choose "Connect" and the site gives me instructions about that. I follow them and when I execute the ssh command returns that "network is unreachable". Can you help me please?
Okay a few things to check:
Make sure you have the correct ports on your security group open to either your personal IP or to the world, depending on your security requirements. For example: Port Range 22, IP 0.0.0.0/0 (World) xx.xx.xx.xx/32 (personal IP)
Next I would make sure you are executing the command correctly.If 1 does not work can you post the command?
Another thing to check, although based off your error this probably isn't it, is that your have the proper permissions on your private key. chmod 600 mykey
If you're using Amazon Linux the username is ec2-user, which you can then run sudo from.
I'm working on an application that connects to URLs, and it responds differently depending on whether or not an address resolves in DNS. I need to find a way to simulate DNS Hijacking so that I can test that my application handles it correctly.
Anybody know a way to do that?
Set up a DNS Server on a second pc and use this as your referenced DNS. Then you can shutdown it for sometime or modify the answers to try your handling behavior. If you dont have a second machine you can also set it up in a virtual machine.
Just add the "hijacked" hosts into your hosts file. In Linux, this should be in /etc/hosts; in Windows, %SYSTEMDIR%\drivers\etc\hosts..
The entries are in the format ip.addr.ess.here hostname1 hostname2 (there should already be entries for localhost, so add others to match your taste)
When you're done, remove (or comment out) from the hosts file again.