Develop Reference

nerdctl DNS timeout on Windows

We just installed Rancher Desktop 1.4.1 (nerdctl v 0.20.0) on Windows 10 and we seem to have a problem pulling images and logging into a registry:
nerdctl pull alpine
docker.io/library/alpine:latest: resolving |--------------------------------------|
elapsed: 9.9 s total: 0.0 B (0.0 B/s)
INFO[0010] trying next host error="failed to do request: Head \"https://registry-1.docker.io/v2/library/alpine/manifests/latest\": dial tcp: lookup registry-1.docker.io on 192.168.167.172:53: read udp 192.168.167.172:47744->192.168.167.172:53: i/o timeout" host=registry-1.docker.io
FATA[0010] failed to resolve reference "docker.io/library/alpine:latest": failed to do request: Head "https://registry-1.docker.io/v2/library/alpine/manifests/latest": dial tcp: lookup registry-1.docker.io on 192.168.167.172:53: read udp 192.168.167.172:47744->192.168.167.172:53: i/o timeout
Trying to login results in similar errors:
nerdctl --debug-full login registry-1.docker.io
/usr/local/bin/docker-credential-rancher-desktop: source: line 5: can't open '/etc/rancher/desktop/credfwd': No such file or directory
Enter Username: myusername
Enter Password:
DEBU[0030] Ignoring hosts dir "/etc/containerd/certs.d" error="stat /etc/containerd/certs.d: no such file or directory"
DEBU[0030] Ignoring hosts dir "/etc/docker/certs.d" error="stat /etc/docker/certs.d: no such file or directory"
DEBU[0030] len(regHosts)=1
ERRO[0040] failed to call tryLoginWithRegHost error="failed to call rh.Client.Do: Get \"https://registry-1.docker.io/v2/\": dial tcp: lookup registry-1.docker.io on 192.168.167.172:53: read udp 192.168.167.172:36590->192.168.167.172:53: i/o timeout" i=0
FATA[0040] failed to call rh.Client.Do: Get "https://registry-1.docker.io/v2/": dial tcp: lookup registry-1.docker.io on 192.168.167.172:53: read udp 192.168.167.172:36590->192.168.167.172:53: i/o timeout
It looks like nerdctl is having problems resolving hostnames. It always times-out after 10 seconds.
Is there a way to explicitly configure hostname resolution in Rancher or nerdctl?
Any help would be appreciated.

Ansible: ios_config - want to remove a configuration line only if it exists

I need to remove the IP SLA configuration on the router if it is currently running via "no ip sla 46" but, if it doesn't currently exist on the router, the playbook fails. Ideas?
- name: Add IP SLA test
ios_config:
lines:
- udp-jitter 10.x.x.x source-ip {{ loopback }} codec g711ulaw
- tos 184
- tag Network Operation Center - G711ulaw EF VoIP
- frequency 180
parents: ip sla 46
before: no ip sla 46

Ended up using ios_command to check for a current IP SLA config and delete if present.
- name: Find current SLA 46 config
ios_command:
commands: 'show run | inc sla 46'
register: raw_sla_46
- set_fact:
sla_46: "{{ raw_sla_46.stdout[0] }}"
- name: Delete IP SLA 46 if present
ios_config:
lines:
- no ip sla 46
when: sla_46 == 'ip sla 46'
- name: Add IP SLA from Lo0 to DC
ios_config:
lines:
- udp-jitter 10.20.0.25 17000 source-ip {{ loopback }} codec g711ulaw
- tos 184
- tag Network Operation Center - CHA - G711ulaw EF VoIP
- frequency 180
parents: ip sla 46

I have this same problem - I want to change the NTP servers but in the interest of idempotency when I add the ones I want, I want to remove any that were old/erroroneous. In ansible there should be a way that I can just replace the lines - I don't want to use the before clause to remove all the ntp config because it has destructive side affects.
current config
ntp server 10.10.10.10
desired config
ntp server 10.10.10.20
If I run a playbook with the ios_config command for the new server I end up with 2 NTP servers - which isn't what I want!

C64 + DigiConnect SP messages sending as 1 char connections instead of full strings using BASIC

Using a Commodore 64 with a GLINK LT RS-232 adapter connected to a Digi-Connect SP configured to send RAW TCP to a static IP/port on my home network. Destination is a socat process passing traffic elsewhere with verbose logging.
Testing hitting socat from a bash shell on an OS X machine, issuing curl http://192.168.1.91:1234 I get a valid response and the socat log shows
> 2018/12/29 22:06:50.168550 length=81 from=0 to=80
GET / HTTP/1.1\r
Host: 192.168.1.91:1234\r
User-Agent: curl/7.54.0\r
Accept: */*\r
\r
< 2018/12/29 22:06:50.169509 length=144 from=0 to=143
(followed by http response)
But when I run the following on the C64 BASIC code SNIPPET:
100 OPEN 2,2,3,CHR$(6)+CHR$(0)
110 GET#2,A$: REM TOSS NULL TO OPEN RCVR CHANNEL
120 PRINT#2,"GET /"
...
the socat log shows:
> 2018/12/29 22:11:38.952005 length=1 from=167 to=167
G> 2018/12/29 22:11:38.983674 length=1 from=168 to=168
E> 2018/12/29 22:11:39.015464 length=1 from=169 to=169
T> 2018/12/29 22:11:39.051758 length=1 from=170 to=170
> 2018/12/29 22:11:39.084476 length=1 from=171 to=171
/> 2018/12/29 22:11:39.117131 length=1 from=172 to=172
I'm not sure if I'm doing something wrong on the C64 side to cause the individual char's to be sent or if it's an incorrect Digi-Connect setting.
Digi serial settings are:
TCP Client Settings:
Automatically establish TCP connections
Always connect and maintain connection
Establish connection to the following network service:
Server: 192.168.1.91
Service: Raw TCP
TCP Port: 1234
Enable TCP Keep-Alive: On
Basic Serial Settings
Baud: 300
Data bits: 8
Parity: None
Stop Bits: 0
Flow Control: Hardware
Advanced Serial Settings
(nothing configured here)

The individual characters was a red herring, the fix is simply to add a LF (ASCII 10) to the end of the message so the downstream web service understands that the message is finished.
Working example:
100 OPEN 2,2,3,CHR$(6)+CHR$(0)
110 PRINT#2,"GET /"
120 PRINT#2,CHR$(10)
(also of note - anything requiring correct upper/lower case will need PETSCII <-> ASCII conversions)

Binding external IP address to Rabbit MQ server

I have box A and it has a consumer on it that listens on a Rabbit MQ server
I have box B that will publish a message to the listener
So as long as all of this in on box A and I start Rabbit MQ server w/ defaults it works fine.
The defaults are host=127.0.0.1 on port 5672, but
when I telnet box.a.ip.addy 5672 from box B I get:
Trying box.a.ip.addy...
telnet: connect to address box.a.ip.addy: No route to host
telnet: Unable to connect to remote host: No route to host
telnet on port 22 is fine, I can ssh into Box A from Box B
So I assume I need to change the ip that the RabbitMQ server uses
I found this: http://www.rabbitmq.com/configure.html and I now have a config file in the location the documentation said to use, with the name rabbitmq.config and it contains:
[
{rabbit, [{tcp_listeners, {"box.a.ip.addy", 5672}}]}
].
So I stopped the server, and started RabbitMQ server again. It failed. Here are the errors from the error logs. It's a little over my head. (in fact most of this is)
=ERROR REPORT==== 23-Aug-2011::14:49:36 ===
FAILED
Reason: {{case_clause,{{"box.a.ip.addy",5672}}},
[{rabbit_networking,'-boot_tcp/0-lc$^0/1-0-',1},
{rabbit_networking,boot_tcp,0},
{rabbit_networking,boot,0},
{rabbit,'-run_boot_step/1-lc$^1/1-1-',1},
{rabbit,run_boot_step,1},
{rabbit,'-start/2-lc$^0/1-0-',1},
{rabbit,start,2},
{application_master,start_it_old,4}]}
=INFO REPORT==== 23-Aug-2011::14:49:37 ===
application: rabbit
exited: {bad_return,{{rabbit,start,[normal,[]]},
{'EXIT',{rabbit,failure_during_boot}}}}
type: permanent
and here is some more from the start up log:
Erlang has closed
Error: {node_start_failed,normal}
^M
Crash dump was written to: erl_crash.dump^M
Kernel pid terminated (application_controller) ({application_start_failure,rabbit,{bad_return,{{rabbit,start,[normal,[]]},{'EXIT',{rabbit,failure_during_boot}}}}})^M
Please help

did you try adding?
RABBITMQ_NODE_IP_ADDRESS=box.a.ip.addy
to the /etc/rabbitmq/rabbitmq.conf file?
Per http://www.rabbitmq.com/configure.html#customise-general-unix-environment
Also per this documentation it states that the default is to bind to all interfaces. Perhaps there is a configuration setting or environment variable already set in your system to restrict the server to localhost overriding anything else you do.
UPDATE: After reading again I realize that the telnet should have returned "Connection Refused" not "No route to host." I would also check to see if you are having a firewall related issue.

You need to open up the tcp port on your firewall
Using Linux, Find the iptables config file:
eric#dev ~$ find / -name "iptables" 2>/dev/null
/etc/sysconfig/iptables
Edit the file:
sudo vi /etc/sysconfig/iptables
Fix the file by adding a port:
# Generated by iptables-save v1.4.7 on Thu Jan 16 16:43:13 2014
*filter
-A INPUT -p tcp -m tcp --dport 15672 -j ACCEPT
COMMIT

How can I test an outbound connection to an IP address as well as a specific port?

OK, we all know how to use PING to test connectivity to an IP address. What I need to do is something similar but test if my outbound request to a given IP Address as well as a specif port (in the present case 1775) is successful. The test should be performed preferably from the command prompt.

Here is a small site I made allowing to test any outgoing port. The server listens on all TCP ports available.
http://portquiz.net
telnet portquiz.net XXXX

If there is a server running on the target IP/port, you could use Telnet. Any response other than "can't connect" would indicate that you were able to connect.

To automate the awesome service portquiz.net, I did write a bash script :
NB_CONNECTION=10
PORT_START=1
PORT_END=1000
for (( i=$PORT_START; i<=$PORT_END; i=i+NB_CONNECTION ))
do
iEnd=$((i + NB_CONNECTION))
for (( j=$i; j<$iEnd; j++ ))
do
#(curl --connect-timeout 1 "portquiz.net:$j" &> /dev/null && echo "> $j") &
(nc -w 1 -z portquiz.net "$j" &> /dev/null && echo "> $j") &
done
wait
done

If you're testing TCP/IP, a cheap way to test remote addr/port is to telnet to it and see if it connects. For protocols like HTTP (port 80), you can even type HTTP commands and get HTTP responses.
eg
Command IP Port
Telnet 192.168.1.1 80

The fastest / most efficient way I found to to this is with nmap and portquiz.net described here: http://thomasmullaly.com/2013/04/13/outgoing-port-tester/ This scans to top 1000 most used ports:
# nmap -Pn --top-ports 1000 portquiz.net
Starting Nmap 6.40 ( http://nmap.org ) at 2017-08-02 22:28 CDT
Nmap scan report for portquiz.net (178.33.250.62)
Host is up (0.072s latency).
rDNS record for 178.33.250.62: electron.positon.org
Not shown: 996 closed ports
PORT STATE SERVICE
53/tcp open domain
80/tcp open http
443/tcp open https
8080/tcp open http-proxy
Nmap done: 1 IP address (1 host up) scanned in 4.78 seconds
To scan them all (took 6 sec instead of 5):
# nmap -Pn -p1-65535 portquiz.net

The bash script example of #benjarobin for testing a sequence of ports did not work for me so I created this minimal not-really-one-line (command-line) example which writes the output of the open ports from a sequence of 1-65535 (all applicable communication ports) to a local file and suppresses all other output:
for p in $(seq 1 65535); do curl -s --connect-timeout 1 portquiz.net:$p >> ports.txt; done
Unfortunately, this takes 18.2 hours to run, because the minimum amount of connection timeout allowed integer seconds by my older version of curl is 1. If you have a curl version >=7.32.0 (type "curl -V"), you might try smaller decimal values, depending on how fast you can connect to the service. Or try a smaller port range to minimise the duration.
Furthermore, it will append to the output file ports.txt so if run multiple times, you might want to remove the file first.