I am running Apache NiFi (version1.11.4) on my local machine say on port (8090).
It runs & is working good on my machine.
This is normal setup without registry/certificate/LDAPS/security.
I want to access this NiFi on other machine running with in the private Network.
For this i enabled this 8090 port on my machine's firewall (as inbound rule with TCP)
But not able to access NiFi remotely
I tested both the cases (with default port and custom post):
Case 1: on my local machine NiFi is running on port 8080, i setup firewall inbound rule also on port 8080 Other member should be able to access my NiFi instance remotely on port 8080.
nifi.web.http.host=MY_HOST_NAME
nifi.web.http.port=8080
Case 2: On server machine NiFI is running on port 8090, i setup firewall inbound rule also on port 8090 Other member should be able to access this NiFi instance remotely on port 8090.
nifi.web.http.host=MY_HOST_NAME
nifi.web.http.port=8090
nifi.properties file:
nifi.web.war.directory=./lib
nifi.web.http.host=MY_HOST_NAME
nifi.web.http.port=8080
nifi.web.http.network.interface.default=
nifi.web.https.host=
nifi.web.https.port=
nifi.web.https.network.interface.default=
nifi.web.jetty.working.directory=./work/jetty
nifi.web.jetty.threads=200
nifi.web.max.header.size=16 KB
nifi.web.proxy.context.path=
nifi.web.proxy.host=
Related
Say we have frontend and backend containers based on Docker Desktop (for Windows).
Backend container uses port 9001, and the frontend container listens to 9001.
The problem is that port 9001 is already in use by Windows 10 by the Intel driver, and it is impossible to run a container on this port:
Error response from daemon: Ports are not available: listen tcp 0.0.0.0:9001: bind: An attempt was made to access a socket in a way forbidden by its access permissions.
Could you please advise what is the way to handle this port if there is no ability to change it directly from application code?
A couple of ways:
When either using a docker run command, specify the host port to use, and set it to something other than 9001. i.e. -p 9002:9001 or Docker Compose, i.e.
ports:
- '9002:9001'
Then use port 9002 instead of 9001 when accessing the container from the host (Win 10).
Use Nginx and set up a reverse proxy, leave the host port empty when starting the container so no external post is opened on the host, and have the reverse proxy pass it over to the container's 9001 port.
I have setup of Elastic with APM server on single machine. I've configured APM java agent to push traces to APM server on localhost. Everything works fine with localhost configuration on Windows.
Now, I'm looking to run apm java agent for application running on different machine on the same network. That is apm java agent on linux & apm server running on windows machine.
Default APM-server listen to localhost. I tried to change setting on apm-server.yml file with -
apm-server:
# Defines the host and port the server is listening on. use "unix:/path/to.sock" to listen on a unix domain socket.
host: "hot-ip:8200"
default is:
host:"localhost:8200".
After making apm-server.yml change, process explorer show apm-server.exe process listening to IP- host-ip port- 8200 protocol- TCP.
But, still http://host-ip:8200 is not accessible from other machine on network. While on the same machine (windows) http://localhost:8200 & http://host-ip:8200 works fine & give below response.
{
build_date: "2019-05-23T12:58:36Z",
build_sha: "410bf33fa1b67fa5bd02a388de17d0e30ec031da",
version: "7.1.1",
}
Thanks for help.
To listen on 0.0.0.0 try:
host: ":8200"
Is a firewall blocking the traffic (like Window's built-in one)?
10.9.21.91 is the IP that hosts are trying to reach? Just to be sure you could bind to host: "0.0.0.0:8200", which would cover all possible interfaces.
Replace "localhost:8200" with "0.0.0.0:8200" in apm-server.yml
From my Spring Boot application deployed as a Docker container I need to be able to access the parent node (within a Swarm) by some kind of docker-exposed DNS name so that I can add it to a configuration file and was wondering if there was a DNS name exposed automatically by Docker for this purpose?
Another container that is scheduled on the same host running in "network_mode: host" is running Consul and advertising on port 8500 (real IP is 192.168.1.233).
If I run netstat on the Swarm node (ip 192.168.1.233) I can see it's listening on port 8500:
# netstat -anp | grep 8500
tcp6 0 0 :::8500 :::* LISTEN 25010/docker-proxy
I want to be able to define a connection string as configuration in the Spring Boot app on the swarm node to the local instance of Consul sheduled on the same physical host as the Spring Boot app.
If I refer to "localhost" within the Spring Boot container then there's nothing listening on the 8500 port, proven by running this after shelling into the Spring Boot container (using a sample Consul API call)
# wget http://localhost:8500/v1/status/leader
Connecting to localhost:8500 (127.0.0.1:8500)
wget: can't connect to remote host (127.0.0.1): Connection refused
I've also tried using "host.docker.internal" but that doesn't work:
# ping host.docker.internal
ping: bad address 'host.docker.internal'
The hosts are all Centos 7 hosts, and Docker version 18.09.1, build 4c52b90.
The firewalld service is disabled on all hosts.
I'm using Boot2Docker to manage Docker containers in Windows and I have a container running an IBM Liberty server (I guess is the same for any other server), I can access the server home screen in the host machine using only the ip (which I get using the command boot2docker ip), but if I try to access the server using the https port, like this xx.xx.xx.xx:9443 the connection fails.
I tried forwarding the port in VirtualBox like this:
And then access the server using the ports 1000 or 1001, but it fails too.
Am I missing something?
BTW, I'm using default NAT connection.
https uses port 443 (not 9443) by default.
Make both "Host Port" and "Guest Port" 443 and try again.
I have my Single node Hadoop installed on Google Compute Engine instance and i want to open port 50070 on that machine to access the hadoop dashboard. i configured in the firewall rule as tcp:50070 in compute engine networks. but still i am unable to access my port outside the network (ie . via internet). I tried nmap for the public ip of my GCE instance and i got a result which has only ssh port got opened all other ports are filtered .
Note: i am using debian 7.5 image
Make sure your daemon is listening on port 50070. If you have more than one networks in you project make sure the port is opened on the right network. You can run the following commands to check the information about your instance and network.
lsof -i
gcutil --project= getinstance
gcutil --project= listnetworks
gcutil --project= listfirewalls
gcutil --project= getfirewall
Check if IP/Port is allowed in iptables or not.
iptables -L
would show you all the records.
To allow port in iptables you can do the following:
sudo iptables -A INPUT -p tcp -m tcp --dport 50070 -j ACCEPT
sudo iptables-save -c
Short answer
In addition to configure the firewall rule at GCE web console make sure that your server is listening at 0.0.0.0 instead of 127.0.0.1
Long answer
In the context of servers, 0.0.0.0 means all IPv4 addresses on the local machine. If a host has two IP addresses, 192.168.1.1 and 10.1.2.1, and a server running on the host listens on 0.0.0.0, it will be reachable at both of those IPs - Source
In contrast 127.0.0.1 is the IP address used to stablish a connection to the same machine used by the user this address is usually referred as the localhost.
It's often used when you want a network-capable application to only serve clients on the same host. A process that is listening on 127.0.0.1 for connections will only receive local connections on that socket. - Source
Hence, if you try to stablish a connection to your server from internet and your server is listening at 127.0.0.1 at your GCE machine, then, from the server point of view a request has never been received and as a consequence Goocle Cloud Firewall will refuse the connection because there is no server listening at the opened port (in your case 50070).
I hope this answer helps to solve your problem. Best regards.