I am using Laradock to develop locally and so have an entry in the hosts file.
How can I get this working with ngrok?
I tried:
ngrok http -host-header=site.test 80
(https://helgesverre.com/blog/expose-local-webserver/)
but get: Failed to complete tunnel connection
(site.test works)
I got this working by running ngrok on the host machine instead of the container.
Kubernetes newbie (or rather basic networking) question:
Installed single node minikube (0.23 release) on a ubuntu box running in my lan (on IP address 192.168.0.20) with virtualbox.
minikube start command completes successfully as well
minikube start
Starting local Kubernetes v1.8.0 cluster...
Starting VM...
Getting VM IP address...
Moving files into cluster...
Setting up certs...
Connecting to cluster...
Setting up kubeconfig...
Starting cluster components...
Kubectl is now configured to use the cluster.
minikube dashboard also comes up successfully. (running on 192.168.99.100:30000)
what i want to do is access minikube dashboard from my macbook (running on 192.168.0.11) in the same LAN.
Also I want to access the same minikube dashboard from the internet.
For LAN Access:
Now from what i understand i am using virtualbox (the default vm option), i can change the networking type (to NAT with port forwarding) using vboxnet command
VBoxManage modifyvm "VM name" --natpf1 "guestssh,tcp,,2222,,22"
as listed here
In my case it will be something like this
VBoxManage modifyvm "VM name" --natpf1 "guesthttp,http,,30000,,8080"
Am i thinking along the right lines here?
Also for remotely accessing the same minikube dashboard address, i can setup a no-ip.com like service. They asked to install their utility on linux box and also setup port forwarding in the router settings which will port forward from host port to guest port. Is that about right? Am i missing something here?
I was able to get running with something as simple as:
kubectl proxy --address='0.0.0.0' --disable-filter=true
#Jeff provided the perfect answer, put more hints for newbies.
Start a proxy using #Jeff's script, as default it will open a proxy on '0.0.0.0:8001'.
kubectl proxy --address='0.0.0.0' --disable-filter=true
Visit the dashboard via the link below:
curl http://your_api_server_ip:8001/api/v1/namespaces/kube-system/services/http:kubernetes-dashboard:/proxy/
More details please refer to the officially doc.
I reached this url with search keywords: minikube dashboard remote.
In my case, minikube (and its dashboard) were running remotely and I wanted to access it securely from my laptop.
[my laptop] --ssh--> [remote server with minikube]
Following gmiretti's answer, my solution was local forwarding ssh tunnel:
On minikube remote server, ran these:
minikube dashboard
kubectl proxy
And on my laptop, ran these (keep localhost as is):
ssh -L 12345:localhost:8001 myLogin#myRemoteServer
The dashboard was then available at this url on my laptop:
http://localhost:12345/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/
The ssh way
Assuming that you have ssh on your ubuntu box.
First run kubectl proxy & to expose the dashboard on http://localhost:8001
Then expose the dashboard using ssh's port forwarding, executing:
ssh -R 30000:127.0.0.1:8001 $USER#192.168.0.20
Now you should access the dashboard from your macbook in your LAN pointing the browser to http://192.168.0.20:30000
To expose it from outside, just expose the port 30000 using no-ip.com, maybe change it to some standard port, like 80.
Note that isn't the simplest solution but in some places would work without having superuser rights ;) You can automate the login after restarts of the ubuntu box using a init script and setting public key for connection.
I had the same problem recently and solved it as follows:
Get your minikube VM onto the LAN by adding another network adapter in bridge network mode. For me, this was done through modifying the minikube VM in the VirtualBox UI and required VM stop/start. Not sure how this would work if you're using hyperkit. Don't muck with the default network adapters configured by minikube: minikube depends on these. https://github.com/kubernetes/minikube/issues/1471
If you haven't already, install kubectl on your mac: https://kubernetes.io/docs/tasks/tools/install-kubectl/
Add a cluster and associated config to the ~/.kube/config as below, modifying the server IP address to match your newly exposed VM IP. Names can also be modified if desired. Note that the insecure-skip-tls-verify: true is needed because the https certificate generated by minikube is only valid for the internal IP addresses of the VM.
clusters:
- cluster:
insecure-skip-tls-verify: true
server: https://192.168.0.101:8443
name: mykubevm
contexts:
- context:
cluster: mykubevm
user: kubeuser
name: mykubevm
users:
- name: kubeuser
user:
client-certificate: /Users/myname/.minikube/client.crt
client-key: /Users/myname/.minikube/client.key
Copy the ~/.minikube/client.* files referenced in the config from your linux minikube host. These are the security key files required for access.
Set your kubectl context: kubectl config set-context mykubevm. At this point, your minikube cluster should be accessible (try kubectl cluster-info).
Run kubectl proxy http://localhost:8000 to create a local proxy for access to the dashboard. Navigate to that address in your browser.
It's also possible to ssh to the minikube VM. Copy the ssh key pair from ~/.minikube/machines/minikube/id_rsa* to your .ssh directory (renaming to avoid blowing away other keys, e.g. mykubevm & mykubevm.pub). Then ssh -i ~/.ssh/mykubevm docker#<kubevm-IP>
Thanks for your valuable answers, If you have to use the kubectl proxy command unable to view permanently, using the below "Service" object in YAML file able to view remotely until you stopped it. Create a new yaml file minikube-dashboard.yaml and write the code manually, I don't recommend copy and paste it.
apiVersion : v1
kind: Service
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard-test
namespace: kube-system
spec:
ports:
- port: 80
protocol: TCP
targetPort: 9090
nodePort: 30000
selector:
app: kubernetes-dashboard
type: NodePort
Execute the command,
$ sudo kubectl apply -f minikube-dashboard.yaml
Finally, open the URL:
http://your-public-ip-address:30000/#!/persistentvolume?namespace=default
Slight variation on the approach above.
I have an http web service with NodePort 30003. I make it available on port 80 externally by running:
sudo ssh -v -i ~/.ssh/id_rsa -N -L 0.0.0.0:80:localhost:30003 ${USER}#$(hostname)
Jeff Prouty added useful answer:
I was able to get running with something as simple as:
kubectl proxy --address='0.0.0.0' --disable-filter=true
But for me it didn't worked initially.
I run this command on the CentOS 7 machine with running kubectl (local IP: 192.168.0.20).
When I tried to access dashboard from another computer (which was in LAN obviously):
http://192.168.0.20:8001/api/v1/namespaces/kube-system/services/kubernetes-dashboard/proxy/
then only timeout was in my web browser.
The solution for my case is that in CentOS 7 (and probably other distros) you need to open port 8001 in your OS firewall.
So in my case I need to run in CentOS 7 terminal:
sudo firewall-cmd --zone=public --add-port=8001/tcp --permanent
sudo firewall-cmd --reload
And after that. It works! :)
Of course you need to be aware that this is not safe solution, because anybody have access to your dashbord now. But I think that for local lab testing it will be sufficient.
In other linux distros, command for opening ports in firewall can be different. Please use google for that.
Wanted to link this answer by iamnat.
https://stackoverflow.com/a/40773822
Use minikube ip to get your minikube ip on the host machine
Create the NodePort service
You should be able to access the configured NodePort id via < minikubeip >:< nodeport >
This should work on the LAN as well as long as firewalls are open, if I'm not mistaken.
Just for my learning purposes I solved this issue using nginx proxy_pass. For example if the dashboard has been bound to a port, lets say 43587. So my local url to that dashboard was
http://127.0.0.1:43587/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/
Then I installed nginx and went to the out of the box config
sudo nano /etc/nginx/sites-available/default
and edited the location directive to look like this:
location / {
proxy_set_header Host "localhost";
proxy_pass http://127.0.0.1:43587;
}
then I did
sudo service nginx restart
then the dashboard was available from outside at:
http://my_server_ip/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/#/cronjob?namespace=default
Objective: want to share a website preview using ngrok, which creates a tunnel from which my localhost can be seen with an url of something like mywebsite.ngrok.io
Problem: I use WAMP and my localhost folder looks something like this:
localhostdirectory
|-- website1
|-- website2
|-- etc
To access a website I type to localhost/website1/ in the browser, I would like to tunnel only that URL, the possible solutions would be:
Setting up a Virtual host, I would go through the hassle of manually setting up a virtual host, then I get something like website1.dev, and then I would pass it to ngrok as the host header in the HTTP request, like that:
ngrok http -host-header=website1.dev 80
I didn't understand what the host header is though, and why can't I pass a relative url like localhost/website1/, also what is the rewrite option?
Change the folder directory of my localhost to the folder of the website, I would prefer not to do that.
Is there a better way to accomplish my objective in an easier way, maybe going through WAMP aliases?
If you make do with Apache Vhost you just have to exec command
ngrok http -host-header=rewrite YOUR-LOCAL-DOMAIN:PORT
Dont forgot to edit host file for resolution #IP <-> YOUR-LOCAL-DOMAIN
I tried below way.
When I ran $ ./ngrok http 80 ngrok listen to localhost:80 which shows dashboard because apache server is running on port 80. Then I tried running subfolder in another port, which solved problem. Assume you have project in xyz and want ngrok should points it. Then do following
$ cd /opt/lampp/htdocs/xyz
$ php -S localhost:8080
Here 8080 is any unused port. localhost:8080 direct points to xyz and then open other terminal
$ ./ngrok http 8080
By doing this ngrok will listen to 8080 port were your xyz is running.
Hope this helps!!
After you set up the ngrok address to point to localhost on port 80, you can access your websites by their names.
Ex:
ngrok http -subdomain=dev 80
Access website1:
dev.ngrok.io/website1
I believe the correct syntax now for ngrok v3 is ngrok http --host-header=rewrite YOUR-LOCAL-DOMAIN:PORT
Notice the double --
https://ngrok.com/docs/guides/upgrade-v2-v3
I have elasticsearch 1.4 and kibana4 running on an Amazo EC2 instance running RHEL7.
Kibana4 is running as a standalone process and is not deployed in a web container such as nginx.It is listening on Port 5601.(the default port). I would like to have kibana listen on port 80.
Can this be achieved without using nginx? If yes how?
You need to set capabilities CAP_NET_BIND_SERVICE to bind non root process to a privileged port (<1024)
to make kibana listen on port 80 :
1- edit kibana port in /etc/kibana/kibana.yml
server.port : "80"
2- run the following commands :
sudo setcap cap_net_bind_service=+epi /usr/share/kibana/bin/kibana
sudo setcap cap_net_bind_service=+epi /usr/share/kibana/bin/kibana-plugin
sudo setcap cap_net_bind_service=+epi /usr/share/kibana/bin/kibana-keystore
sudo setcap cap_net_bind_service=+epi /usr/share/kibana/node/bin/node
Edit file {kibana-directory}/config/kibana.yml. Find this line:
port: 5601
and change it to:
port: 80
Setting the port 80 in config file will trigger the following error
kibana[11777]: FATAL Error: listen EACCES: permission denied 0.0.0.0:80
due to the fact that kibana service by default executes under the user kibana
You can change the user to root, but this will trigger the following warning
kibana[11639]: Kibana should not be run as root. Use --allow-root to continue.
So running kibana service under root user is something not recommended. Better make a port forwarding rule, or a HTTP redirect if you have a web server.
Full settings here: https://www.elastic.co/guide/en/kibana/current/settings.html
This should be added to config/kibana.yml
server.port: 80
And run kibana server with sudo. Make sure no process is using port 80 at the same time.
here are some configuration files from the virtualbox on centos5.5, i've restart the network,but also can't connect to the internet, no gateway records information listed using route command, however,while i typing "route add default gw 192.168.0.1" and it works well.how shoud i configurate the gateway ip? thanks in advance.
/etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
/etc/sysconfig/network
GATEWAY=192.169.0.1
NETWORKING=yes
HOSTNAME=localhost
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
HWADDR="00:24:1D:8A:3D:F7"
ONBOOT="yes"
BOOTPROTO="static"
BROADCAST="192.168.0.255"
NETWORY="192.168.0.1"
IPADDR="192.168.0.109"
NETMASK="255.255.0.0"
CentOS 5 should have file route-eth0 (in /etc/sysconfig/network-scripts )
put this string into it:
default X.X.X.X dev interface
make sure you change X.X.X.X and interface to your.
Btw, take a look to http://www.centos.org/docs/5/html/5.1/Deployment_Guide/s1-networkscripts-static-routes.html