I have requested a public ACM certificate and I have selected the DNS validation method. After requesting the certificate it went to Pending validation state. I have created a hosted zone in Route 53 with the same domain name which I have used for my certificate. After creating the certificate I got the option "Create record in Route 53". I have created the record in Route 53 with the CNAME and it displayed as " Success
The DNS record was written to your Route 53 hosted zone. It can take 30 minutes or longer for the changes to propagate and for AWS to validate the domain and issue the certificate.". But the status of the certificate is not getting changed and it is still in pending validation only. After some time the "Create record in Route 43" option is getting enabled again. I have tried the same process multiple times almost one day but the status is not getting changed. Can someone please help to fix the issue.
In the AWS Console (Web UI), on the Certificate Manager page,
Expand the certificate that is pending
Expand the table that has domain and validation status
Click the blue button that says "Create record in Route 53" (you can also do this manually)
Give it about 10 minutes
Or follow these instructions from AWS - Why is my AWS Certificate Manager (ACM) certificate DNS validation status still pending validation?
Having the same issue here and I found out that my problem is in the NS record in my domain. My mistake was I didn't update the Name Servers in my domain, what I did was the opposite. I updated the values of the NS record in R53 based on the NS on my domain then I realized that the right thing to do was to update your NS (Name Servers) of your domain to the values of the NS record in R53. Haha (english is not my native language btw).
Just make sure you have the correct Name Servers and correct CNAME suggested by ACM. I waited a day before and still Pending Validation, but when I fixed it it took only a few minutes for my certificate to be issued.
What I would do is:
Verify that the DNS returns what is expected.
For that you can use dig (Linux) or nslookup (Windows), or even better > https://www.digwebinterface.com
If you don't get what is expected, you need to reconfigure the DNS.
Once it is verified, wait a little bit (10 min to 2h I'd say).
Something to read while you wait:
https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html
https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html
https://aws.amazon.com/premiumsupport/knowledge-center/acm-certificate-pending-validation/
https://docs.aws.amazon.com/acm/latest/userguide/domain-ownership-validation.html
Related
I have 4 servers for an http service defined on my DNS servers:
app.speednetwork.in. IN A 63.142.255.107
app.speednetwork.in. IN A 37.247.116.68
app.speednetwork.in. IN A 104.251.215.162
app.speednetwork.in. IN A 192.121.166.40
for all of them the DNS server specify a TTL (time to live) of more than 10 hours:
$ttl 38400
speednetwork.in. IN SOA plugandplay.click. info.plugandplay.click. (
1454402805
3600
3600
1209600
38400 )
Firefox ignore TTL and make a new DNS query after each 60 secs, as seen on
about:config -> network.dnsCacheExpiration 60 and on about:networking -> DNS.
Chrome shows here chrome://net-internals/#dns a correct cached dns entry, with more that 10 hours until Expired:
apis.google.com IPV4 216.58.210.174 2016-04-12 11:07:07.618 [Expired]
app.speednetwork.in IPV4 192.121.166.40 2016-04-12 21:45:36.592
but ignore this entry and every minute requery the dns as discussed https://groups.google.com/a/chromium.org/forum/#!topic/chromium-discuss/655ZTdxTftA and seen on chrome://net-internals/#events
The conclusion and the problem: every minute both browsers query dns again, receive a new IP from the 4 configured on DNS, go for a new IP/server and LOST THE TOMCAT SESSION.
As config every user browser is not an option, my question is:
1) There is some other DNS config I can use for high availability?
2) There is some http header I can use to instruct the browsers to continue using the same IP/server for the day?
The DNS TTL value is the maximum time the information may be cached. There is no minimum time, nor any requirement to cache at all. The browser behavior you describe is entirely within the DNS specs, and the browsers are doing nothing wrong. If your server solution depends on the clients remembering a DNS lookup for a certain time, then you need to redesign it. As you have already discovered, it does not work.
Building a load-balancing cluster of Tomcat servers is hardly rocket science these days, and you can easily google a solution yourself.
Keep-Alive header can make the trick. Using a large value as 65 secs, browsers reuse http connection along all session and don't try a new dns query. This is true in my app, where there is a piggyback XMLHttpRequest connection to server every minute, maybe you'll need a bigger value. Apache default is 5 secs.
On using tomcat directly:
response.setHeader("Keep-Alive", " timeout=65");
On using apache (and mod_ajp) in front of tomcat:
nano /etc/apache2/apache2.conf:
MaxKeepAliveRequests 0
KeepAliveTimeout 65
But this was not a total solution. After disconnects http connection is closed, or under several concurrent server petitions, each one is open over several servers, so results are not under the same server session.
Finally I solve this implementing CORS (cross domain), fixing a server to work with (app1, app2, etc.) and go for it until this server fails.
CORS headers on both server and client let me exchange data no matter that initial files download was from app. (IE another domain).
I had 3 Agents (A, B and C). For test purposes, I´ve installed a fourth one (D), but I didnt know that my license was up to 3 Agents only. So, the agent D was created with "Unauthorized with comment: Agent teamcityagentdev4 cannot be authorized because there is not enough licenses" status. Its understandable, but a weird thing happened to another Agent A, that was working well so far. The Agent A status changed to "Disconnected (Agent has unregistered)". Now, I got 2 questions:
1) How can I delete the Agent D ? There is no button "Remove agent" in Agent Summary tab in TC Web UI. I tried to disable this Agent in order to get that button, but its still missing.
2) How can I reconnect the Agent A ? I tried to restart the Agent windows service, but nothing happened.
I also searching in Team City documentation, but I didnt found anything about that.
You just need to stop Agent service on Agent D to get it removed from Agents tab.
Also, you might want to check Agent A's logs to figure out what happened. You can try restarting Agent A's service after stopping Agent D's service
Stop the agent service.
Now in the agents tab you can see that particular agent disconnected. Now a new option(button) appears 'Remove Agent'. Click that and your agent gets deleted/removed.
I am not sure if this is a bug or an error on my side.
I created and instance on GCE and then proceeded to delete it. The deletion failed with message:
The resource 'projects/[PROJECT]/zones/[ZONE]/instances/[INSTANCE]'
was not found
Please note that this is an automated process that runs a couple times per day, so there wasn't a typo inside the commands.
Nevertheless, the instance was deleted.
Now, every time I try to create an instance with the same name, I get:
NAME ZONE MACHINE_TYPE INTERNAL_IP EXTERNAL_IP STATUS
ERROR: (gcloud.compute.instances.create) Some requests did not succeed:
- The resource 'projects/[PROJECT]/zones/[ZONE]/instances/[INSTANCE]' already exists
But I can't see the instance or its disk anywhere in the Developers Console, neither can I delete it from the command line since I get a resource not found.
I believe this is just a browser cache/cookies issue, where your cache still recognizes the resource name as existing when the resource is already deleted. Clearing the browser cache and cookies or using private browsing/incognito mode should do the trick.
Opening
https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps/repair
in a browser, entering the project ID + submitting has fixed a problem with the same error message for me.
Is there an equivalent of PostgresQL's notify and listen in MySQL? Basically, I need to listen to triggers in my Java application server.
Ok, so what I found is that you can make UDF functions in mysql that can do anything but need to be written in C/C++. They can be then called from triggers on updates in database and notify your application when update happened. I saw that there are some security concerns. I did not use it myself but from what I can see it looks like something that could accomplish what you want to do and more.
http://dev.mysql.com/doc/refman/5.6/en/adding-udf.html
The github project mysql-notification provides a MySQL user defined function MySQLNotification() as a plugin to MySQL that will send notification events via a socket interface. This project includes a sample NodeJS test server that receives the notification events that could be adapted for Java or any other socket service.
Example use:
$ DELIMITER ##
$ CREATE TRIGGER <triggerName> AFTER INSERT ON <table>
FOR EACH ROW
BEGIN
SELECT MySQLNotification(NEW.id, 2) INTO #x;
END##
Project includes full source code and installation instructions for OSX and Linux. License is GNU v3.
No, there aren't any built-in functions like these yet.
You need to "ping" (every 1-5 seconds) database with selecting with premade flag like "read" 0/1. After
SELECT * FROM mytable WHERE read = 0
update it with read = 1
I needed to do this, so I designed my application to send the update notices itself.
E.g.
--Scenario--
User A is looking at record 1
User B saves an update to record 1 while User A has it open.
Process:
I wrote my own socket server as a Windows Service. I designed a que like system which is basically,
EntityType EntityID NoticeType
Where the EntityType is the type of Poco in my data layer that needs to send out notices, EntityID is the primary key value of the row that changed in sql (the values of the poco), and NoticeType is 1 Updated, 2 Inserted, and 3 Deleted.
The socket server accepts connections from the server side application code on a secure connection "meaning client side code cannot make requests designed to be sent by the server side application code"
The socket server accepts a message like
900 1 1023 1
Which would mean the server needs to notify concerned client connections that Entity Type 1 "Person" with ID 1023 was Updated.
The server knows what users need to be notified because when User's look at a record, they are registered in the socket server as having an interest in the record and the record's ID which is done by the web socket code in the client side javascript.
Record 1 is a POCO in my app code that has an IsNew and IsDirty field. "Using EntityFrameWork6 and MySql" If UserB's save caused an actual change (and not just saving existing data) IsDirty will be true on the postback on UserB's POCO.
The application code see's the record is dirty then notifies the socket server with a server side sent socket "which will be allowed" that says Entity 1 with ID 1023 was Updated.
The socket server sees it, and puts it in the que.
Being .Net, I have a class for concerned users that uses the same pocos from the data layer running in the Socket Server window service. I use linq to select users who are working with an entity matching the entity type and primary key id of the entity in the que.
It then loops through those users and sends them a socket like
901 1 1023 1 letting them know the entity was updated.
The javascript in the client side receives it causing users B's page to do an ajax postback on Record 1, But what happens with UserA's is different.
If user A was in the process of making a change, they will get a pop up to show them what changed, and what their new value will be if they click save and asks them which change they want to keep. If UserA doesn't have a change it does an ajax postback with a notification bar at the top that says "Record Change: Refreshed Automatically" that expires after a few seconds.
The Cons to this,
1. It's very complex
2. It won't catch insert/update/delete operations from outside of the application.
In my case, 2 won't happen and if 2 does happen it's by myself or another dev who knows how to manually create the notify que requests "building an admin page for that".
You can use https://maxwells-daemon.io to do so.
It is based on mysql bin logs, when changes in database is occurred it will send json message with updates to kafka, rabbitmq or other streaming platforms
i've noticed that on LoLReplays webpage you can now stream live games via their program LoLRecorder. I found this code on their page
href="lrf://spectator spectator.eu.lol.riotgames.com 2nHvYdkaSjjqC7f+mtHQeIhFcUSQLFu5 488978485 EUN1 3.01.0.1"
And i've tried a little to stream from my own (already recorded) game. But all i get is unable to find match. My question is: Does anyone here know how this works?
Thanks!
TL;DR; You can't stream anything, but you can open LoLReplay in spectator mode for a specific match.
Try reinstalling LoLReplay, seemed to fix the issues that I was having.
The title of your post is somewhat misleading as no streaming actually happens - all that the link does is open LoLReplay on your local machine and pass in the details of the match you want to spectate.
This will only work for matches that are happening now, as it connects in a similar way as the LoL client does when you spectate a match.
Calling LoLReplay from the browser
The links seem to be formatted as follows:
lrf://spectator [Observer IP Address][:Observer Port] [Observer Encryption Key] [Game Id] [Platform Id] [Client Version?]
lrf://spectator tells LoLReplay to open up in spectator mode.
Observer IP Address is required and can either be a hostname or an IP address. The hostname is usually in the format spectator.[eu/na/br/etc.].lol.riotgames.com.
Observer Port is optional, I believe it defaults to 8088 which appears to be the default spectator mode port.
Observer Encryption Key... is a required per-match encryption key.
Game Id is a required, per-match integer id.
Platform Id is a more specific version of the region, I guess relating to how Riot have grouped their servers. For example EUW1.
Client Version, the last field appears to be a version number - I can only assume this is either the version of the client that LoLReplay is using OR the version of the client the players in the match are using.
How to find IP address, encryption key etc.
Edit: you can now grab all the info you need using the official Riot API, you just need the SummonerId of the user you're querying for. See current-game API docs for usage.