I'd like grafana to get data from influxdb. They're running on the same host. I've not had much joy here.
I've turned on authentication in influxdb. I've an admin account with password, and I can use those credentials to connect to influxdb on the commandline.
When I try to connect via grafana, I see I can choose "basic auth" or not. I'm not sure what credentials are requested at basic auth, but whether or not I check that box, I see the (not very helpful) error at the bottom.
My influxdb http config looks like this:
[http]
# Determines whether HTTP endpoint is enabled.
enabled = true
# The bind address used by the HTTP service.
bind-address = ":8086"
# Determines whether HTTP authentication is enabled.
# auth-enabled = false
auth-enabled = true
I've also tried changing s/localhost/0.0.0.0/ in the grafana dialog just in case, but that doesn't change the outcome.
ubuntu#loire1:/tmp$ sudo netstat -tunapl | grep influx
tcp6 0 0 :::8086 :::* LISTEN 10399/influxd
tcp6 0 0 :::8088 :::* LISTEN 10399/influxd
udp 0 0 127.0.0.1:25826 0.0.0.0:* 10399/influxd
ubuntu#loire1:/tmp$
Any pointers?
The answer to this is that one should specify "proxy" rather than "direct" access.
This seemed counter-intuitive to me, so let me explain what is meant here. It is (for some reason that escapes me) occasionally reasonable for the user's browser to fetch data directly from the data source. In this case, the access is direct.
In the (only) scenario that makes sense to me, the browser accesses grafana, which in turn accesses the data source. So in this sense the data is being proxied (or reverse proxied, for those used to nginx) by grafana.
Related
I'm trying to connect to my public IP http://34.125.119.106:8080/, where I have a Jenkins service running but I can't and don't know why.
I've create firewall rule to allow tcp traffic on port 8080, which is the port exposed to Jenkins, but I still cannot connect. I looked into the /etc/default/jenkins file, to see if everything inside was configured correctly. I tried to line in this file like 'HTTP_HOST=127.0.0.1', like some people advise to do ,but it doesn't work for my case. Does anyone know how to solve this?
Sorry for my bad English.
enter image description here
i made a test and it successfully connected,but i still cant connect to my external Ip
Use the default settings, because HTTP_HOST=127.0.0.1 locks you out:
HTTP_HOST=0.0.0.0
HTTP_PORT=8080
HTTPS_HOST=0.0.0.0
HTTPS_PORT=443
Listing to all interfaces with 0.0.0.0 is fine, but HTTP_PORT should be -1.
As a first step my recommendation is to check if your service is exposed and through what port number. For this you can use command sudo netstat -plntu. You should be looking for an output similar to:
tcp6 0 0 :::8080 :::* LISTEN 17917/java
If its not, change your /etc/default/jenkins file to port 8080
After that from inside your GCP project, you can run a connectivity test having as source one of the IP addresses you are using to reach your Server and as destination your Servers VM instance IP address. This test will simulate traffic and tell you where it's getting stuck whether if it's stuck on the way to your Server or if your server is not correctly configured. You can get a good reference in this document.
If you have already configured your ingress firewall rule, just make sure its applied to your VM, it sometimes happens that you have a network tag on your VM instance and another tag on your firewall rule.
I have a server and I am using Ubuntu 20.04, nginx , mosquitto and node-red and docker , let's call the website http://mywebsite.com. The problem that I am facing that I have created a client lets call it client1 in docker so the URL will be http://mywebsite.com/client1
and I want to establish an MQTT connection via mosquitto and I'm sending the data on topic test
The problem that on node red node of MQTT when I write the IP address of my mosquitto container it works
But if I change the IP address 192.144.0.5 with mywebsite.com/client1 I can't connect to mosquitto and I can't send or receive any form of data
any idea on how to solve this problem
OK, you are going to have several problems here.
You can not do path based proxying with MQTT. If you want to have multiple MQTT brokers (1 per client) bound to a single public facing domain/IP address then they are all going to have to run on separate ports (other than the default 1883).
Nginx can do MQTT protocol proxying (e.g. like this), so you can use this to expose the different ports and forward them to the separate instances of mosquitto, but even if you had a different hostname (all pointing at the same IP address) nginx has no way to know which host name was used because there is no equivalent to the HOST HTTP header to direct it. If you were to use MQTT with TLS then you may be able to get it to work with SNI, but I've never seen anybody do that yet (possible docs for SNI based routing here) It works, explanation about how to do it here.
If you use MQTT over Websockets then you should be able to use hostname based routing.
Path based proxying for Node-RED currently doesn't work properly if you enable admin authentication, because the admin auth tokens are currently stored in browser local storage and only scoped to the hostname, not the hostname + path. This will mean that a client will only ever be able to log into one instance at a time.
You can work round this by using host based proxying, e.g. http://client1.mywebsite.com
A fix for this is on the backlog for Node-RED, probably (no promises) to be looked at after version 1.2.0 ships
This past week I submitted an update to an IOS app that hasnt been updated
in about 2 yrs. Apple rejected it based on its failure to access the
network stuff via ipv6. My NSURL is a hostname (not IP), I shouldnt
need to do anything special since the apple framework will apparently
handle the proper DNS AAAA lookup.
After investigating the issues, I found that I had to do the following:
1. Added a AAAA dns record (at godaddy.com) to my VPS (myhosting.com)
2. Added lines in my CentOS (6.x) httpd.conf (2.4.23) file to:
Listen xxx.xxx.xxx.xxx:80
Listen [my actual ipv6addr]:443
After an apache restart, I type:
netstat -tupln | grep 443
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 9016/httpd
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 9458/httpd
I dont see my ipv6 apache listener for ipv6, only ipv4's
Is the primary problem here
that CentOS is not setup and/or able to handle ipv6 network connections?
If so, does anyone have a recommendation on a good VPS service thats
low frequency/cheaper for testing that can handle both ipv4 and ipv6?
I currently pay $27 USD/month for this service and I was surprised when
they told me they couldnt handle ipv6.
Thanks
[EDIT]
I failed to mention that I had already set the NAT64/DNS64 network
based on the apple documentation here.
Removed the AAAA DNS record. Got rid of the apache listen for ipv6.
I have no idea why using NSMutableRequest with a valid hostname is giving me a "request timed out" based on everything Ive read so far.
I made a C# program with a client and a server that comunicates fine between them. Information is received by the server and stored in a MySQL Database with no problems. However I wanted to use wireshark to monitor how safe/encrypted was the information and couldn't find the communication using wireshark. My program uses sockets to connect the server and client, on my test the server and client are running at adress 127.0.0.1 or local IP machine (something like 192.168.13.191), server listens/connects using port 3608 and client a much higher random port, and all the filters I used on wireshark return nothing.
So far I tried:
ip.addr == 127.0.0.1 (show only packages whose origin or destination are 127.0.0.1)
ip.addr == 192.168.13.191 (same as above)
tcp.port == 3608 (show only packages whose origin or destination is this port)
tcp.port == client_port (same as above)
tcp contains 01:00:00:3B (only packages with a few of the bytes I'm sending)
My idea was to find at least one message from the client to server and use the "Follow TCP stream" option from wireshark, but all these filters return a black screen when used individually. I have no idea why, because when I run netstat -a on a windows command I can see the program have a established connection and is also listening for new connections on port 3608. Anyone have any idea what is going on or what filter should I use? Operational system somehow is "redirecting" traffic from port 3608 to another?
Thanks!
Wireshark doesn't pick up loopback packets. You'll have to install the client or server on another machine and then try again.
EDIT: After doing some reading I've discovered that this really doesn't have anything to do with Wireshark but with the way WinPcap works. In any case, running the client or server on another machine will solve the problem.
We can find out IP address of a domain name or URL. But how to find out Port number on which a domain name is hosted?
Unfortunately the standard DNS A-record (domain name to IP address)
used by web-browsers to locate web-servers does not include a port
number. Web-browsers use the URL protocol prefix (http://) to
determine the port number (http = 80, https = 443, ftp = 21, etc.)
unless the port number is specifically typed in the URL (for example
"http://www.simpledns.com:5000" = port 5000).
Can I specify a TCP/IP port number for my web-server in DNS? (Other than the standard port 80)
Quite an old question, but might be helpful to somebody in need.
If you know the url,
open the chrome browser,
open developer tools in chrome ,
Put the url in search bar and hit enter
look in network tab, you will see the ip and port both
DNS server usually have a standard of ports used. But if it's different, you could try nmap and do a port scan like so:
> nmap 127.0.0.1
The port is usually fixed, for DNS it's 53.
If it is a normal
then the port number is always 80
and may be written as http://www.somewhere.com:80
Though you don't need to specify it as :80 is the default of every web browser.
If the site chose to use something else then they are intending to hide from anything not sent by a "friendly" or linked to.
Those ones usually show with https
and their port number is unknown and decided by their admin.
If you choose to runn a port scanner trying every number nn from say 10000 to 30000 in https://something.somewhere.com:nn
Then your isp or their antivirus will probably notice and disconnect you.
Use of the netstat -a command will give you a list of connections to your system/server where you are executing the command.
For example it will display as below, where 35070 is the port number
TCP 10.144.0.159:**52121** sd-s-fgh:35070 ESTABLISHED
Port numbers are defined by convention. HTTP servers generally listen on port 80, ssh servers listen on 22. But there are no requirements that they do.
domain = self.env['ir.config_parameter'].get_param('web.base.url')
I got the hostname and port number using this.