How do I enable remote access/request to Elastic APM-server? - elasticsearch

I have setup of Elastic with APM server on single machine. I've configured APM java agent to push traces to APM server on localhost. Everything works fine with localhost configuration on Windows.
Now, I'm looking to run apm java agent for application running on different machine on the same network. That is apm java agent on linux & apm server running on windows machine.
Default APM-server listen to localhost. I tried to change setting on apm-server.yml file with -
apm-server:
# Defines the host and port the server is listening on. use "unix:/path/to.sock" to listen on a unix domain socket.
host: "hot-ip:8200"
default is:
host:"localhost:8200".
After making apm-server.yml change, process explorer show apm-server.exe process listening to IP- host-ip port- 8200 protocol- TCP.
But, still http://host-ip:8200 is not accessible from other machine on network. While on the same machine (windows) http://localhost:8200 & http://host-ip:8200 works fine & give below response.
{
build_date: "2019-05-23T12:58:36Z",
build_sha: "410bf33fa1b67fa5bd02a388de17d0e30ec031da",
version: "7.1.1",
}
Thanks for help.

To listen on 0.0.0.0 try:
host: ":8200"

Is a firewall blocking the traffic (like Window's built-in one)?
10.9.21.91 is the IP that hosts are trying to reach? Just to be sure you could bind to host: "0.0.0.0:8200", which would cover all possible interfaces.

Replace "localhost:8200" with "0.0.0.0:8200" in apm-server.yml

Related

SonarQube server not showing in browser

I have a Linux VM running with a Jenkins, Nexus and SonarQube server on it. The IP for the VM is 192.168.56.2 and I have no trouble accessing both Jenkins and Nexus on ports 8080 and 8081 respectively. However, when I try to access 192.168.56.2:9000 for SonarQube it just says 192.168.56.2 refused to connect.
When I run systemctl status sonar in the terminal it shows that SonarQube is active and running. I have opened the firewall to port 9000 and I have not changed any of the default settings. Does anyone have any idea what might be the issue?
SonarQube will only be listening on 'loopback' rather than on all inbound IP addresses. In your server's sonar.properties file, you'll need to set the Web information in order to access the server remotely, specifically the following values:
sonar.web.host: 192.168.56.2
sonar.web.port: 80 # if you want to use a port other than 9000
Also, in the web UI's Settings, under the "General" section, set the "Server base URL" value so that links and redirects issued by SonarQube target the correct location.

teamcity windows agent not connecting to teamcity server running in Ubuntu

I am trying to connect teamcity server running in Ubuntu, from windows but its not working.
I changed firewall settings and opened up port 9090 and 8111.
I got these logs from windows agent
Call http://my.domain.com:8111/RPC2 buildServer.registerAgent3:
org.apache.xmlrpc.XmlRpcException:
jetbrains.buildServer.CannotPingAgentException: Unable to ping agent .
Check firewall and/or try to specify 'ownAddress' in the agent
configuration. Details: Agent '' cannot be accessed by any of the
addresses: [183.83.50.68, 192.168.1.146], (port 9090)
It means that TeamCity server can't access TeamCity agent by the specified addresses and port.
Ensure that your agent IP address is 183.83.50.68 and that incoming connections to the 9090 port are not blocked by not only firewall, but also by antivirus or similar software.
Or you can update to the TeamCity 9.1 or later - in these versions server doesn't have to be able to connect to the agent, only agent-to-server connection is necessary.

Windows Container with Docker: Cannot reach httpd in container from host (Win2016 TP5)

I have a Windows Server 2016 TP5 machine that I use as a container host.
I have a Windows Container running that I manage with Docker. Inside this container I have an Apache httpd running on port 88.
The port mapping when I start the container is: 0.0.0.0:80->88/tcp, so I map port 80 of my container host to port 88 of the container.
This is the output from docker inspect: http://pastebin.com/AVem1eGV
I can now reach the Apache http start page from any other computer in the network through the DNS or IP.
In my case:
http://10.10.1.162/
http://documents.test2016-3.company.com/
But the same does not work when I try to call the same from the host system itself or from inside the container. So, on the host system, I try to access the same URL via browser or wget, and getting:
C:\> wget -UseBasicParsing http://documents.test2016-3.company.com/
wget : Unable to connect to the remote server
in both cases.
But I can ping the host from both the host itself as well as the container.
From the host:
C:\>ping test2016-3.company.com
Ping wird ausgeführt für TEST2016-3.company.com [fe80::847a:1430:8a10:b120%4] mit 32 Bytes Daten:
From the container:
PS C:\> ping documents.test2016-3.company.com
Pinging documents.test2016-3.company.com [10.10.1.162] with 32 bytes of data:
which seems to be able to resolve the name just fine.
What does work though is to call the Apache default page via the container hostname (which is win-de6u4068naf) and its running port directly (not through the port mapping), both from the host as well as inside the container:
http://win-de6u4068naf:88/
Just going the route through the container host hostname and mapped port from the host or container itself does not work properly!
Firewall rules allow everything on port 80 from any remote address or to port 80 (=inbound and outbound rules are both set to "allow" for "any").
I know that Microsoft/Docker changed the networking code base of the container/docker support from Windows Server 2016 TP4 to TP5. Not sure if that's related, or whether this is a bug or I'm having something not configured correctly yet.
I made a test and left Docker/Container out of the picture above and installed a plain Apache httpd itself on the container host system on port 80 (and no Docker running at all) just to check whether such setup works or not, in order to be sure that it is actually somehow Docker/Container related and not a problem with my network/host configuration in general. And this works fine, I can reach the Apache from outside as well as from the host itself, thus it must be a Docker/Container related problem.
Environment:
Windows Server 2016 TP5
Docker version 1.12.0-dev, build 2b97201
Got a reply on Microsoft's Github:
https://github.com/Microsoft/Virtualization-Documentation/issues/253#issuecomment-217975932
This is a known limitation in our Windows NAT implementation (WinNAT)
that you cannot access the external port in a static port mapping
directly from the container (NAT) host.

Wakanda Server 10 on Amazon EC2, cannot listen for connections on port 8080 or secure port 4433 on all IP addresses

I have installed wakanda server on an Amazon EC2 server running ubuntu by following this utube video: https://www.youtube.com/watch?v=uSQODnB7wRU .
Now the video is for an older version but I have followed along successfully until I actually launch wakanda on the server. This is what I get in the console:
Welcome to Wakanda Server 10 build 10.187175
Publishing "DefaultSolution" solution
The solution's log file will be stored in the "/home/ubuntu/.Wakanda Server/UserCache/Wakanda Server/DefaultSolution-1882/Logs/" folder
The Administration Web Server cannot listen for connections on port 8080 or secure port 4433 on all IP addresses
You can customize the Administration Web Server's ports with the "--admin-port" and "--admin-ssl-port" options
, then when I try to log into it via the browser it says the connection dropped! Any help would be much appreciated, it seams I need to restrict the IP addresses which can access, but how?
Your wakanda server tried and failed to listen on 8080 and/or 4433
Check the following things:
Are the ports 8080 and/or 4433 used by other processes? (sudo netstat -tapen | grep :8080, if a result is found, then yes another process uses 8080. Check 4433 also)
You may found that wakanda server is already running as a service:
yes you should use this service (create and edit /etc/default/wakanda, add WAKANDA_SOLUTION_AT_STARTUP=your_path and restart with sudo /etc/init.d/wakanda restart)
or to continue starting it manually, stop the service first (sudo /etc/init.d/wakanda stop)
Has the current user the right to listen on those ports? (try running the server with sudo just to check, then use authbind or equivalent)
Can you use alternative ports? (use --admin-port and --admin-ssl-port wakanda server options)
wakanda-server --help will give you the list of options available, especially --solution=VALUE to provide the path to your solution.

Access web server over https in a Docker container

I'm using Boot2Docker to manage Docker containers in Windows and I have a container running an IBM Liberty server (I guess is the same for any other server), I can access the server home screen in the host machine using only the ip (which I get using the command boot2docker ip), but if I try to access the server using the https port, like this xx.xx.xx.xx:9443 the connection fails.
I tried forwarding the port in VirtualBox like this:
And then access the server using the ports 1000 or 1001, but it fails too.
Am I missing something?
BTW, I'm using default NAT connection.
https uses port 443 (not 9443) by default.
Make both "Host Port" and "Guest Port" 443 and try again.

Resources