I have two servers, which are both stayed at the same host but different port.
One is reactjs server hosted at port 3000.
Another one is database server with API interface hosted at port 1337.
I use Axios to make api request to the database, but it only works when I make call with Public IP address (for example: axios.get("http://215.128.23.16:1337/collection/"). When I change to localhost, it shows error. (shown in attached pictures)
What I want is to make API request internally, in order to restrict the IP address of accessing the database to only localhost connection.
Here are the steps I want to achieve: Client Side make a API call from browser -> Reactjs server receive the call -> Reactjs server send API request to database server internally (then I can restrict the IP access of accessing database to localhost) -> return result
Is this possible???
Related
We have configured the ELB with 2 server for the Web API. Updated the MachineKey in both the server to be same.
When the Reset Token password/Confirm password is created from server1. The Url is sent to the User Email when the Verify token call is Made the Server1 Verify the token successfuly, But if call is sent to the Server 2, Server 2 always returns Invalid Token. Do i need to make any configuration chanages other than the Machine Key.
You need to make sure that the all the request belongs to one session goes to the single backend.
In order to do this enable session stickiness on the ELB. This will make sure that request always gets routed to the same backend.
On Classic Load balancer : https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html
On Application Load Balancer : https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#sticky-sessions
I am doing a code based load balancing i.e. on first request to the main server, it returns an address, to which the browser will open a persistent conncection using (wss) websocket. But, due to compatability with my mobile app, i'm returning a public DNS of aws instance, Ex: ec2-35-154-101-63.ap-south-1.compute.amazonaws.com which works fine in the mobile app. The browser however is refusing the connection because the address of websocket is not matching the parent domain. Are there any options to fix this other than using a Wesocket address from the same domain.
Edit: I had no choice rather than return a subdomain address for the websocket connection.
You are connecting to a URL that does not match the name in the SSL certificate.
You have two choices, either map the domain name to the instance or (not recommended) issue a certificate that matches the URL that you are using (ec2-35-154-101-63.ap-south-1.compute.amazonaws.com)
The correct approach is to specify the A address (IP address) in your DNS server for the EC2 instance so that requests for your_domain_name resolve correctly and then USE that URL and not the EC2 instance DNS name. You cannot specify the AWS URL for https as the SSL certificate was not issued to that identity.
I'm just learning OSE 3. I'd like to deploy two Node.js Web applications I have created. So I have created a Project with two Node.js deployments, which are now running in their own Pod.
My question is, how are they supposed to communicate ? say for example one application needs to redirect to the other, or include components from the other application.
Should I hardcode the route of each application in a configuration file or so ?
Thanks!
For internal communication between the two services, you can use the name of the service as the host name when making connections. This is possible because the name of the services are added to an internal DNS server so that a host name lookup on the name will yield the correct IP for the service at that time. When the service has multiple pods, an internal IP load balancer will automatically route the request to one of the pods.
For the question about redirects, that seems to suggest you have both services exposed publicly and want to have one service return a HTTP response that redirects the HTTP client to a URL which falls to the other service. What the redirect URL needs to be is going to depend on how you are exposing the services. That is, whether each service is exposed as a different hostname or you have used path based routing of OpenShift to overlay one at a sub URL of the other under the same host.
Either way, you probably want to use an environment variable passed in via the deployment configuration to indicate to the service triggering the redirect, to tell it what the URL prefix is that it needs to redirect to. You would manually set this up. This at least means you haven't hardwired it in your code.
If you mean something else by redirect, you will need to explain better what you mean.
I have a MySQL database running on my raspberry pi.
To access it I use dynamic DNS (duckdns) when I am outside of my network, but I would like to access it with same dynamic domain name when I am inside my network. However it is not working and I always get connection refused.
I would like somehow enable it so I do not have to change in app.config MySQL server address from my dynamic domain to localhost when I am inside my local network.
You'll need a gateway router that supports NAT hairpinning. Many consumer-grade units (and some supposedly commercial-grade equipment) doesn't support this. Either yours doesn't, or you need to find an option to enable it.
When you try to connect to the public IP address from inside the network, the router probably assumes that you want to connect to the router itself.
My cable modem's built-in router at home understands how to do this. When I access my server from the laptop, and connect to the public IP from inside, the router (inside the cable modem) does a transformation on the packets so that my server sees my connection coming from the router's IP address, not my laptop's IP address.
This is what has to happen, because when the server responds, it will respond to the machine that connected to it. If it responded to the laptop's address, the laptop would reject the traffic, since it would be coming from ther server's internal IP, which is not the IP address I connected to. So, it responds to the router, which does a second transform on the packet address, replacing the server's internal IP with the external IP. Remembering the session from previous traffic, the router then sends the packet back to the laptop.
Ultimately this setup can't possibly work for you without the complicity of your router, which may not have that capability.
Some routers, however, have a DNS proxy that will allow you to create static entries. My former DSL modem could not hairpin NAT connections, but it had a way to create DNS entries that would be used to respond to internal DNS queries for a specific host... with a different IP than the one that DNS otherwise provided. That's an alternative workaround if the router supports it.
How to configure SRX200 router?
I want to setup a LAN (trusted network) with my own series (ex: 10.x.x.x)
Router should forward the request based on port(Port based forwarding).
i.e If any machine sent a request on a port, router should forward the request to a specific machine based on that port number. Router should translate the destination address to one specific IP (specified by us).
We could configure the juniper router in two ways.
1. Through cli prompt
2. Web interface
To Configure router with web interface, find the complete information from the following link.
http://forums.juniper.net/jnet/attachments/jnet/Learning/47/
The above document provides complete information.
You can configure the port based redirection using Destination NAT and IP based redirection with Static NAT.