I followed this http://www.datastax.com/documentation/cassandra/2.0/cassandra/install/installAMI.html and then I try to use this ruby gem (https://github.com/iconara/cql-rb) to connect to my EC2 instance but i get the following error:
irb(main):013:0> Cql::Client.connect(host: 'PUBLIC_DNS', port: 9160)
Cql::Io::ConnectionError: end of file reached from
/Users/damien/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/cql-rb-2.0.0.pre0/lib/cql/client/synchronous_client.rb:32:in
connect' from
/Users/damien/.rbenv/versions/1.9.3-p392/lib/ruby/gems/1.9.1/gems/cql-rb-2.0.0.pre0/lib/cql/client.rb:118:in
connect' from (irb):13 from
/Users/damien/.rbenv/versions/1.9.3-p392/bin/irb:12:in `'
If I SSH to the box and use cqlsh to connect to localhost it works fine.
Any idea?
You should use the native_transport_port which defaults to 9042, not the rpc_port which defaults to 9160. However, both ports are configurable inside of cassandra.yaml after a Cassandra server restart.
Related
I am new to mongoDB trying to setup tools for my new project. Most of my infrastructure run on AWS so i prefer to use AWS documentDB. I manage to connect to documentDB from EC2 both via mongo client or NodeJS aplication. but it would be good to mange documentDB from my Windows workstation using MongoDB Compass.
As we know, we can not direct connect any mongo client from outside AWS to DocumentDB Connecting to an Amazon DocumentDB Cluster from Outside an Amazon VPC
so we need SSH tunnel through EC2. I try many options but still fail... below are most likely 2 options:
Option 1: Connect using MongoDB Compass SSH tunnel
Error: unable to get local issuer certificate
both RDS-COMBINED-CA-BUNDLE.PEM and SSH Key already supplied so which one unable to get?
as red highlight on SSH port, I also tried to open another SSHD port on server and tried to connect using second port but still failed.
Option 2: Connect using Putty SSH tunnel
Error: Hostname/IP does not match certificate's altnames...
since MongoDB Compass need to connect to locathost to get into tunnel and i still can not find the way to supply --sslAllowInvalidHostnames options.
So, what i can do to get around this ?
MongoDB Compass: 1.25.0
I am done with Compass.
successful established "robo3t" connection to AWS DocumentDB using this guild.
https://docs.aws.amazon.com/documentdb/latest/developerguide/robo3t.html
As of Jan 2022 MongoDB Compass does not support sslInvalidHostNameAllowed=true in the connection builder form, this is the parameter you are missing in order to connect to AWS DocumentDB while ssh tunneling to a machine inside the same VPC of the database itself.
I used Studio 3T and it worked perfectly. You could create the connection string yourself or try other GUI.
Edit Jan 2023:
I just gave a try to compass again and it seems they now support sslInvalidHostNameAllowed flag through the UI, you could still change manually the connection string but then any UI interaction would overwrite it.
If you edit the connection string directly in MongoDB Compass you can set options that may not be accessible in the user interface.
Below is an example with tweaked parameters to connect without using TLS:
mongodb://xxxx:yyyy#localhost:27017/?authSource=admin&connectTimeoutMS=10000&readPreference=primary&authMechanism=SCRAM-SHA-1&serverSelectionTimeoutMS=5000&appname=MongoDB%20Compass&ssl=false
For Hostname, are you using DocumentDB endpoint? In one screenshot, I see you are using localhost.
I have managed to connect with option 1.
The workaround can be by establish connection using SSH Tunnel (port forward) and so that SSH tunnel opens a port on your local system that connects through to another port at the other end of the tunnel.
Using the below command establishes a tunnel on terminal and later you can use this channel/connection to connect MongoDB using MongoDB Compass.
For example:
ssh user#aws-ec2-ip-address -L 35356:127.0.0.1:27017 -N
where -L as the Local listening side
Port 35356 is listening on localhost (that is in this case your EC2) and port forwards through to port 27017 on remote server.
Note - Add identity file in .ssh/config
Ex - On Mac
Host XXXXXXX
HostName 52.xx.xx.xx
User ubuntu
IdentityFile ./path/prod.pem
I'm learning Chef (12.10.24) and am trying to build a cookbook with recipes for provisioning machines that I'll do Ruby development on.
I'm trying to use knife bootstrap to set up my laptop as a node but am getting a connection error that I'm not sure how to get around. Here is the output:
➜ chef-repo$ knife bootstrap localhost -yN my-macbook-pro -p 2200 -x david -P [password]
Creating new client for my-macbook-pro
Creating new node for my-macbook-pro
Connecting to localhost
ERROR: Network Error: Connection refused - connect(2) for 127.0.0.1:2200
Check your knife configuration and network settings
Connecting to chef-server is fine but I can't connecting to localhost. Any suggestions about what I might be doing wrong?
I neglected to mention that I am using OSX El Capitan. It turns out that the ssh daemon isn't on by default in OSX.
Turning it on in System Preferences > Sharing (check Remote Login) fixed the problem.
I can't seem to get this to work. I try to run bundle exec rake db:migrate after running bundle exec rake db:create and it gives me this error:
rake aborted!
PG::ConnectionBad: fe_sendauth: no password supplied
/home/david/DBC/survey-gorilla-challenge/Rakefile:106:in block (2 levels) in <top (required)>'
Tasks: TOP => db:migrate
(See full trace by running task with --trace)
I've tried looking around, but it all seems like a solution for rails, whereas I'm using this with Sinatra and activerecord. I'm not sure if that makes any difference. I even tried changing my pg_hba.conf, which looks like this currently:
IPv4 local connections:
host all all 127.0.0.1/32 md5
IPv6 local connections:
host all all ::1/128 md5
I'm not sure how to get this working. Any help is appreciated.
I solved it. I changed my pg_hba.conf to
TYPE DATABASE USER ADDRESS METHOD
"local" is for Unix domain socket connections only
host all all 127.0.0.1/32 trust
IPv4 local connections:
host all PC 127.0.0.1/32 trust
IPv6 local connections:
host all all ::1/128 trust
and then restarted postgres with sudo nano /etc/postgresql/9.3/main/pg_hba.conf. This gets the migration going.
I am running redis 2.8.7 on one box. From other box (both are aws ec2) i am issuing this command
redis-cli -h , but I get this error
Could not connect to Redis at :6379: Connection refused
port 6379 on box 1 is open for box2
Also, there is no id/pwd for redis
I figured it out
comment the bind line in redis.conf file
(make sure port 6379 is accessible only for specific machines)
More details at https://serverfault.com/questions/301788/how-do-you-get-redis-connections-working-within-an-amazon-vpc-private-subnet
Comment the bind line for local host and add the below bind line.
bind 0.0.0.0
and make sure you restart the redis-server for the changes to be effective.
I am using aws sdk in order to create machines, and as soon as the machines are created, i want to check ssh connection to those machines.
the problem is - from my machines, i don't have access to EC2 machines, but there is another machine on my network, which i have access to through ssh, and this machine do have access to the EC2 machines.
Now, is there a simple way through ruby to check ssh to EC2 machine ?
I've tried the following:
proxy = Net::SSH::Proxy::HTTP.new('<proxy ip>', 22)
Net::SSH.start('<EC2 machine's IP>', '<USER>', :proxy => proxy) do |ssh|
end
Errno::ECONNRESET: Connection reset by peer
from /home/galt/.rvm/gems/ruby-1.9.3-p484/gems/net-ssh-2.7.0/lib/net/ssh/proxy/http.rb:76:in `gets'
from /home/galt/.rvm/gems/ruby-1.9.3-p484/gems/net-ssh-2.7.0/lib/net/ssh/proxy/http.rb:76:in `parse_response'
from /home/galt/.rvm/gems/ruby-1.9.3-p484/gems/net-ssh-2.7.0/lib/net/ssh/proxy/http.rb:62:in `open'
from /home/galt/.rvm/gems/ruby-1.9.3-p484/gems/net-ssh-2.7.0/lib/net/ssh/transport/session.rb:67:in `block in initialize'
from /home/galt/.rvm/rubies/ruby-1.9.3-p484/lib/ruby/1.9.1/timeout.rb:55:in `timeout'
from /home/galt/.rvm/rubies/ruby-1.9.3-p484/lib/ruby/1.9.1/timeout.rb:100:in `timeout'
from /home/galt/.rvm/gems/ruby-1.9.3-p484/gems/net-ssh-2.7.0/lib/net/ssh/transport/session.rb:67:in `initialize'
from /home/galt/.rvm/gems/ruby-1.9.3-p484/gems/net-ssh-2.7.0/lib/net/ssh.rb:200:in `new'
from /home/galt/.rvm/gems/ruby-1.9.3-p484/gems/net-ssh-2.7.0/lib/net/ssh.rb:200:in `start'
from (irb):12
from /home/galt/.rvm/rubies/ruby-1.9.3-p484/bin/irb:12:in `<main>'
thanks !
The Net::SSH::Proxy::HTTP class is meant to point to a HTTP proxy for your ssh connections. So, you will need to set up a HTTP proxy on that machine to be able to proxy your connections through it.
If you can't do that, I suggest you use SSH reverse tunnels. We will achieve this by opening the port 8080 on the local machine, forward the traffic sent there to Server using the SSH tunnel and make Server forward it to the EC2 instance on port 22. The net-ssh ruby gem already provide commands to help us with that, but we will need to run 2 sessions in parallel, using threads:
proxy_thread = Thread.new do
Net::SSH.start('<proxy ip>', '<user>') do |ssh|
ssh.forward.remote(8080, "<AWS ip>", 22)
ssh.loop { true }
end
end
proxy_thread.start
Net::SSH.start('localhost', '<localhost user>', port: 8080) do |ssh|
#done
end
proxy_thread.kill