I have 2 aws ec2 instances and facing reach-ability issue from one instance to another. Have checked for SG, IGW, and it looks fine. Have also added subnet in /etc/hosts.allow to allow the hosts.
Can someone please suggest how to debug this reach-ability issue ?
I'm trying with
telnet <ip of other ec2 instance> <port>
from one ec2 instance to check if one instance is able to connect to open port where service is running of other instance.
Can capturing packet trace from source and destination will help? If yes, what will be the command for it ?
Related
Am curious about how OpenStack handles IP configuration, i have a complete working openstack dashboard with a static IP of 192.168.1.73/24 and i want to change it to something else. Running as a VM using RHEL\Scientific Linux\Centos 7.5 as the Guest Host.
Am running openstack-queens (repo) -- /etc/yum.repos.d
What i've tried and failed...
1.Changing static IP in /etc/sysconfig/network-scripts/ifcfg-eth0
2.Made sure in /etc/resolv.conf reflects my new configuration.
2.Replacing IP configuration in packstack-answerfile for the compute node and the rest of the services i've configured.
What i have noted!!!
1.systemctl status -l redis.service --- fails when i change the IP configuration, this is active (running) with its initial configuration.
2.Virtualization daemon also fails during boot--(running as KVM)
How "deep" does Networking go for OpenStack and how do i achieve my goals of setting a different IP and still have my dashboard up and running?
This was Easy. What I missed to do is to only re-run my packstack answerfile.
First, change the IP address on the machine in /etc/sysconfig/network-scripts/ifcfg-br-ex thats if you already gone ahead in setting up networking for your OpenStack Env.
If you have done a backup of your ifcfg-eth0, revert to it and change to new IP configuration.
Second, Replace new IP configuration in packstack-answerfile for the compute node and the rest of the services configured.
Last But not Least: Requires Steady Internet Connection!!!
Last Step is to re-run your packstack-answerfile with the new IP configuration.
I recently migrated a site to a new server and am now trying to replace the old domain by the new one using this tool suggested in the wordpress codex.
The SQL instance and the VM are both in the same region and are connected using a cloud sql proxy, however when I try and connect to the database via the searc-replace tool, I get connection refused:
EDIT:
The command used to start the sql proxy is the following:
localhost:/cloudsql/project-name:region:sql-instance-name
It is the same I use in the config file to connect the site to the db.
"Connection Refused" error occurs when an application attempts a TCP connection but there is either no service listening on the target address and port or a firewall rejecting the connection.
First, lets make sure you are connecting on the right port. Run sudo netstat -lntp and look for cloud_sql_proxy. For example you might see
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 71313/cloud_sql_pro
indicating cloud sql is listening on port 3306. If you saw this, you should change the port in your tool to 3306.
If netstat does not show any cloud_sql_proxy line, then it isn't listening on TCP. While TCP isn't always needed for MySQL, it looks like the tool your are using does need it. Make sure you start cloud_sql_proxy with -instances=<INSTANCE_CONNECTION_NAME>=tcp:3306
Second, lets make sure you are connecting on the right address. This should be localhost without :/cloudsql/project-name:region:sql-instance-name after.
If it still doesn't work after those two, use sudo iptables -L to look for firewall rules blocking the traffic. I believe it's unlikely that you have a firewall stopping local traffic, however.
An alternative to using the Cloud SQL Proxy is to connect directly to your instance. To do this:
Find the external IP address of the VM you are running the PHP tool on.
Grant access for that IP address to your SQL instance, with the instructions here
Because MySQL can have different username/password depending on where you connect from, ensure there is a username/password combo for host %. instructions here.
Use the tool, with the username/password from (3), port=3306 and host=the IP address of your SQL instance
When you are done, remove access from the IP address to your Cloud SQL instance.
How to make my instance accessible from another machine in the same network, I've already asssign a floating IP?
Once you have assigned FIP,
1. verify you have ingress/egress allow on CIDR 0.0.0.0/0 rules configured on security-group.
2. Ping from other machine which is in same network as FIP.
If step 2 succeeds, then you should be able to access VM over network.
In case if step 2 fails, check below things.
Run neutron floatingip-list and check if you have FIP configured for Instance
Go to to nova-api and check logs for clue
Trying to connect to my VM instance when all of a sudden I get this error from the console:
Server disconnected (code: 1006)
All I did was move from one room to another (changing Ethernet cables). Please help
Is this at your house or at work? Your question is vague and I'm wondering if your server now has a new IP and you might need to disassociate the current floating IP and re-associate it with a new floating IP. You can do that from the instance page using the dropdown for the specific instance.
Also try soft/hard rebooting the VM instance after doing the previous step and see if that helps you.
Check the "novncproxy_host" option under nova.conf ( vi /etc/nova/nova.conf) file
if the novncproxy_host IP is set as 0.0.0.0 change it with your Controller IP where the Nova Proxy service is running.
novncproxy_host=172.25.20.10
I did a script that launch several amazon instances with the same security group which is the default one, with ICMP and all the TCP/UDP connection allowed... so no firewall problem.
I am running an ubuntu 11.4 64 bits ami working fine.
Usually in the bunch of machine I launch some do not respond to any ping or telnet connection. They can ping other machines but cannot be pinged. The other machines can ping each other in two directions without any problem, but usually one or two just don't respond to any ping. There is no difference in the way I launch them, so I don't understand where this bug comes from...
How to avoid this problem and recover from it without restarting the EC2 instance?
Thanks a lot tender developpers :D.
try this
Log into AWS account.
Click on Security Groups. Choose the required security group.
Click on the Inbound tab.
Create a new rule:
Custom ICMP rule
Type: Echo request
Source: 0.0.0.0/0
0.0.0.0 will allow everyone to ping your server. You can specify your own addresses if you want.
Assuming all the instances you launch have the same security group and same ami, you need to contact amazon about this.
https://forums.aws.amazon.com/thread.jspa?threadID=22640