telepresence - Per-Cluster Configuration does not work - telepresence

https://www.getambassador.io/docs/telepresence/latest/reference/config/#dns
Config snippet
- cluster:
certificate-authority-data: cert_data
server: server_uir
extensions:
- extension:
dns:
include-suffixes:
- .svc
name: telepresence.io
name: cluster_name
telepresence status does not reflect include-suffixes
Root Daemon: Running
Version : v2.5.5 (api 3)
DNS :
Remote IP : 127.0.0.1
Exclude suffixes: [.arpa .com .io .net .org .ru]
Include suffixes: []
Timeout : 8s
Also Proxy : (0 subnets)
Never Proxy: (2 subnets)
- 54.236.162.187/32
- 52.22.5.94/32
telepresence version
Client: v2.5.5 (api v3)
Root Daemon: v2.5.5 (api v3)
User Daemon: v2.5.5 (api v3)

Related

Need Ansible playbook inorder to calculate number of users currently login into VPN

Writing ansible playbook for "Count number of users currently login to VPN".Using Junos modules as suggested by network team.I have installed below softwares on my RHEL 7 machine with Ansible 2.9 version installed.
Junos Ansible Requirements
===============================
-->Install Dependencies
# pip install ncclient
# pip install junos-eznc
--> Install Juniper.junos Galaxy role
ansible-galaxy install juniper.junos
---> Have NETCONF enabled on Juniper devices over SSH
# set system services netconf ssh
--->(Optional)
#pip install junos-netconify (python lib for juniper console)
Whenever i am writing any playbook, I am getting below error.
Playbook:-
---
- name: Get device uptime
hosts:
- dc1
roles:
- Juniper.junos
connection: local
gather_facts: no
vars_prompt:
- name: username
prompt: Junos Username
private: no
- name: password
prompt: Junos Password
private: yes
tasks:
- name: get uptime using galaxy module
junos_command:
commands: show system uptime
register: uptime
- name: display uptimes
debug: var=uptime
Error:-
PLAY [Get device uptime] **************************************************************************************************************
TASK [get uptime using galaxy module] *************************************************************************************************
fatal: [172.16.130.1]: FAILED! => {"changed": false, "msg": "invalid rpc for running in check_mode"}
PLAY RECAP ****************************************************************************************************************************
172.16.130.1 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
I was just exploring ansible networking commands & got above error.Please suggest what configurations required working with junos.
Please find below playbook to check no. of users currently login to VPN:-
name: Get system users currently logged in
hosts: all
connection: local
gather_facts: no
roles:
Juniper.junos
tasks:
name: Retrieve facts from device running Junos OS
juniper_junos_facts:
name: Print version
debug:
var: junos.fqdn
name: Run RPC Commands
juniper_junos_command:
commands="show security dynamic-vpn users"
format=text
dest={{ junos.fqdn }}.output

Installing Artifactory OSS port on FreeBSD jail

I have installed artifactory-5.4.1 on a FreeBSD 11.1 jail. I have localhost and a loopback interface defined, but its IP address is 127.0.0.169. When I install the artifactory package and attempt to start it, it fails to configure because it initially only allows the admin user to connect via 127.0.0.1:
2017-10-20 14:52:04,177 [art-init] [ERROR] (o.a.w.s.ArtifactoryContextConfigListener:97) - Application could not be initialized: HTTP response status 403:{
"errors" : [ {
"code" : "FORBIDDEN",
"message" : "User 'admin' is not allowed to login from remote address: 127.0.0.169"
} ]
}
Where can I modify the artifactory configuration so that admin is allowed to log in from a different IP address before this configuration takes place?

NGINX error when deploying static website with Concourse CI

I encounter an error when I try to deploy a static website to Pivotal Web Services with Concourse CI. I want to push a static website using the static_buildpack. The index.html is placed in the root folder. When I push the code from the command line directly to Pivotal Web Services using the cf push command everything works fine.
When I use the concourse pipeline the build is terminated successfully however I get an error when accessing the website. I get an nginx 403 Forbidden error when trying to access the website. I tried the following manifest with the following pipeline (see below). When using Concourse CI the container is created successfully, the buildpack is used, nginx is installed and the droplet is uploaded. The app itself starts successfully.
The Cloud Foundry Logs show the following error:
2017/09/05 08:42:54 [error] 70#0: *3 directory index of "/home/vcap/app/public/" is forbidden, client: <ip>, server: localhost, request: "GET / HTTP/1.1", host: "agencydemo.cfapps.io"
manifest.yml
---
applications:
- name: agencyDemo
memory: 64M
buildpack: staticfile_buildpack
host: agencyDemo
pipeline.yml
resources:
- name: app_sources
type: git
source:
uri: https://github.com/smichard/CloudFoundryDemo
branch: master
- name: staging_CloudFoundry
type: cf
source:
api: {{pws_api}}
username: {{pws_user}}
password: {{pws_password}}
organization: {{pws_org}}
space: {{pws_space}}
skip_cert_check: false
jobs:
- name: deploy-website
public: true
serial: true
plan:
- get: app_sources
trigger: true
- put: staging_CloudFoundry
params:
manifest: app_sources/manifest.yml
The source code can be found on GitHub
nginx 403 Forbidden happens mainly when index.html is not found. suggested steps
Check your buildpack (which now is updated as buildpacks in manifest file)
check command or dist folder
cf push -p ./dist/ -f manifest-{your_envireonment}.yml --no-start (if your index.html is directly under dist folder )
or
cf push -p ./dist/{your_app_name} -f manifest-{your_envireonment}.yml --no-start (if your index.html is under dist/{your_app_name} folder )
You must ensure that index.html and other angular static files are directly present inside public/ folder and not in something like public/your-app-name/
Another solution is to fix the path-attribute in your manifest.yml as follows:
---
applications:
- name: agencyDemo
memory: 64M
buildpack: staticfile_buildpack
host: agencyDemo
path: ./dist/your-app-name
Docs

How to create a docker proxy repo with gcr.io?

My settings: https://i.stack.imgur.com/yvyqG.png
logs:
2017-07-18 01:49:01,592+0000 WARN [qtp330844155-323] admin org.sonatype.nexus.repository.docker.internal.V2Handlers - Error: GET /v2/gcr.io/google-containers/addon-resizer/manifests/2.0: 403 - org.sonatype.nexus.repository.docker.internal.V2Exception: Permission denied for "2.0" from request "/v2/gcr.io/google-containers/addon-resizer/manifests/2.0".
Problem solved
the pull address have to without origin registry hosts
e.g:
origin:
docker pull gcr.io/google-containers/kubernetes-dashboard-amd64:v1.6.3
with proxy:
docker pull 127.0.0.1:18883/google-containers/kubernetes-dashboard-amd64:v1.6.3

Realm - Failed to connect to endpoint ':::9080': Connection refused

I am getting the below error when starting the Realm object server. I am running the server on Mac.
Realm Mobile Platform version is 1.8.1
2017-07-08T09:48:06.362Z - info: Logging to console at level 'info'.
2017-07-08T09:48:06.438Z - info: Realm Object Server sync engine listening on 127.0.0.1:27800.
2017-07-08T09:48:06.484Z - info: permission: Seed permission-Realms
2017-07-08T09:48:06.496Z - info: Realm Object Server web server listening on 127.0.0.1:27080.
2017-07-08T09:48:06.498Z - info: http proxy listening on :::9080.
2017-07-08T09:48:06.503Z - info: client: Opening Realm file: /Users/vkuppusamy/Documents/realm-mobile-platform/realm-object-server/object-server/root_dir/internal_data/auth.realm
2017-07-08T09:48:06.503Z - info: client: Connection[1]: Session[1]: Starting session for '/Users/vkuppusamy/Documents/realm-mobile-platform/realm-object-server/object-server/root_dir/internal_data/auth.realm'
2017-07-08T09:48:06.503Z - info: client: Connection[1]: Resolving ':::9080'
2017-07-08T09:48:06.503Z - info: client: Connection[1]: Connecting to endpoint ':::9080' (1/1)
2017-07-08T09:48:06.503Z - error: client: Connection[1]: Failed to connect to endpoint ':::9080': Connection refused
2017-07-08T09:48:06.503Z - error: client: Connection[1]: Failed to connect to ':::9080': All endpoints failed
2017-07-08T09:48:06.504Z - info: client: Opening Realm file: /Users/vkuppusamy/Documents/realm-mobile-platform/realm-object-server/object-server/realm-object-server/listener/__admin.realm
2017-07-08T09:48:06.504Z - info: client: Connection[2]: Session[2]: Starting session for '/Users/vkuppusamy/Documents/realm-mobile-platform/realm-object-server/object-server/realm-object-server/listener/_
You can ignore that - it's likely due to clients trying to connect before the server has initialized completely.

Resources