Google Compute Engine and Glassfish can't access from outside - google-compute-engine

I created an instance (CentOS7) in GCE. I then installed Glassfish 4. However, I can't seem to access it via http/https.
[ank#instance-1 bin]$ sudo ./asadmin start-domain
Waiting for domain1 to start .........
Successfully started the domain : domain1
domain Location: /opt/glassfish4/glassfish/domains/domain1
Log File: /opt/glassfish4/glassfish/domains/domain1/logs/server.log
Admin Port: 4848
Command start-domain executed successfully.
When trying to access http://ip_address or even http://ip_address:4848 I get "refused to connect" error.
Appreciate any help.

you'd need to open port tcp:80, tcp:443 (and tcp:4848) on the firewall; assuming you have already assigned an external IP (or are accessing it from another internal IP on the same network, which I'd suggest for tcp:4848). see the documentation, concerning: Using Firewall Rules.

Related

Finding MySQL localhost URL and/or accessing phpmyadmin

Going around in circles. Please help, I enter http://localhost into safari on my mac and receive: It works!
However, I cannot figure out how using MySQL workbench I can find the URL. I am looking to code JSON in xCode to retrieve data from my local MySQL database, however, I do not even know the URL to access it.
My port is on 3306. I have tried http://127.0.0.1:3306 - and get a failed to open.
Do I need myphpadmin or can I go direct to MySQL?
I have tried saving a copy of MyPhPAdmin under Users>MyUserName> but this did not work when I ran: http://localhost/myphpadmin
Should the file be saved elsewhere? When I worked on Python weeks ago I run it under a different location then was recommended (Under the Python X.X cache folder) whereas online people simply ran it from their Users>MyUserName> folder. I am on the latest Catalina OS X.
Tried http://localhost/usr/local/mysql-8.0.20-macos10.15-x86_64/phpmyadmin/ - 404 not found
With MySQL, you can connect via localhost "socket" or networking "TCP/IP" connections. The user accounts in MySQL exist separately from each other, so if your user account exists with host value 'localhost' the TCP/IP connection probably won't work for you. Also note that, depending on how you installed MySQL and how it's configured, it might not even listen for network connections. Normally, localhost is preferred if you are on the same machine.
In MySQL Workbench, you need to give the hostname or IP address when selecting "Standard (TCP/IP)" from the "Connection Method" dropdown. This is simply the hostname or IP address, not a complete URL or web site. So you'd set the hostname to "127.0.0.1" or "192.168.9.34" or whatever. Again, Local Socket/Pipe is usually a better choice in most cases.
MySQL uses its own networking port (3306) and communication protocol, so using http://127.0.0.1 is incorrect as it isn't using the http protocol. Likewise, if you would need to change the port for some reason, specify that in the port field rather than as a part of the hostname.
As for phpMyAdmin, you would install that to a folder that is handled by your web server, then access it through the URL/path exposed by the web server — by default, your user home directory is not shared to the web (and rightly so, I don't want all of my documents and files shared with the world!). Put the phpMyAdmin folder in your web root and you'll have better success. Which folder that is probably depends a lot on which webserver you are running, how it is installed, and how you configured it.
I won't comment on the Python scripts you've run in the past, as my experience with serving Python to the web requires adjusting some settings in my nginx configuration and I won't want to confuse you compared to the tutorials you're following.

Exception occurred while flushing email queue on Ionos virtual cloud server

I have a Symfony 4 application running on 1und1 on a package called "1&1 Unlimited Plus". The SMTP config looks like this:
MAILER_URL=smtp://smtp.1and1.com?username=****&password=******
and it works fine. I also have a development copy of this application on my local dev server with same config. This dev copy can send emails, too.
Since the databases on "1&1 Unlimited Plus" are limited to 1GB, I ordered another cloud server from Ionos. With the same config I am not able to send emails. I got this error in dev.log:
Exception occurred while flushing email queue: Connection could not be established with host smtp.1and1.com [Connection timed out #110]
Ping on smtp.1and1.com works, it reveals the same IP like if I ping on my dev server. On this cloud server I have running:
Plesk Onyx
Ubuntu 18.04.2 LTS‬
DNS turned off. I have just an A-record on the origin server to the IP of cloud server. NO MX-records set.
I checked the firewall rules. No outgoing limits found, just incoming. I added TCP 25 to incoming rules but I dont know if it is necessary.
I tried another ports but then I got this:
Exception occurred while flushing email queue: Expected response code 220 but got an empty response []
More config:
swiftmailer:
url: '%env(MAILER_URL)%'
spool: { type: 'memory' }
Any idea whats wrong?
I found the solution. Ionos closes the outgoing port 25 per default. This is nothing I can find or change in admin area, only technical support can open this port.

Google Compute Instance RDP Fails (after working for years)

Apologies if this is a bit basic:
I have a Google Compute Instance running Windows Server 2012 R2. It has a valid admin account and password (checked via gcloud). The external IP address can be pinged, the system has been stopped and started successfully. The gcloud commands execute successfully etc etc.
If I try to RDT in I get the unsuccessful message. If I use the RDT (Chrome) option in the Google Cloud Platform admin page I get this message:
In order to use the Chrome RDP Extension, you must configure VM
instance so that it has an external IP address, username and password.
Note: You must configure the network firewall to open TCP port 3389 to
enable RDP access.
Note that ALL of the above are correct and confirmed.
I am sort of going round in circles, I've tried to use powershell on a windows system to RDT in to no avail. Again, using the built in Bash serial access I can get to the system and, for example, retrieve the admin account and password, BUT RDT FAILS.
I have tried using the powershell command Enter-PSSEssion... and I initially got a winrm error, apparently the IP address needs to be in trustedhosts. Fixed that and now I am getting a message that I need to verify that winrm is running on the destination computer, catch 22, that's why I'm using winrm, to access the destination computer.
Any ideas what I might try next?
Thanks.....
create a rdp network tag for firewall rule, which allows tcp:3389 ingress and and then apply it to the instance in question... someone (assuming you're at work) might have removed/edited these rules trough the console or gcloud command.

Cannot access Google Cloud Compute Instance External IP

I have set up an Google Cloud Compute Instance:
Machine type
n1-standard-1 (1 vCPU, 3.75 GB memory)
CPU platform
Intel Haswell
Zone
us-east1-c
I can ssh in using the external address.
I have installed the vncserver and can access it on port 5901 from localhost as well as the internal IP.
I am trying to access it from the static, external IP address but it is not working.
I have configured the firewall to open to port to 0.0.0.0/0, but it is not reachable.
Can anyone help?
------after further investigation from the tips from the two answers (thanks, both!), I have a partial answer:
The Google Cloud Compute instance was set, by default, to not allow
HTTP traffic. I reset the configuration to allow HTTP traffic. I
then tried the troubleshooting tip to run a small HTTP service in
python. I was able to get a ressponse from the service over the
internet.
The summary of the current situation is as follows:
The external IP address can be reached
It is enabled and working for SSH
It is enabled and working for HTTP
It does not seem to allow traffic from vncserver
Any idea how to configure the compute instance to allow for vncserver traffic?
If you already verified that Google Firewall or your VM are not blocking packets, you must make sure that VNC service is configured to listen on the external IP address.
You can always use a utility like nmap outside Google project to reveal information on the port status.
enable http/https traffic form the firewall as per the need. it will work!!
The Google Cloud Compute instance was set, by default, to not allow HTTP traffic. I reset the configuration to allow HTTP traffic. I then tried the troubleshooting tip to run a small HTTP service in python. I was able to get a response from the service over the internet.
As such, the original question is answered, I can access Google Cloud Compute Instance External IP. My wider issue is still not solved, but I will post a new, more specific question about this issue
TLDR: make sure you are requesting http not https
In my case i was following the link from my CE instance's External Ip property which takes you directly to the https version and i didn't set up https, so that was causing the 'site not found' error.
Create an entry in your local ssh config file as below with mentioned local forward port. In my case its an example of yarn's IP, which I want to access in browser.
Host hadoop
HostName <External-IP>
User <Local-machine-username>
IdentityFile ~/.ssh/<private-key-for-above-user>
LocalForward 8089 <Internal-IP>:8088
In addition to having the firewall rules to allow HTTP traffic in both Google Cloud Platform and within the OS of the instance, make sure you install a web server such as Apache or Nginx.
After installing the web server, you connect to the instance using SSH and verify you do not get a failed connection with the following command:
$ sudo wget http://localhost
If the connection is positive, it means that you can access your external URL:
http://<IP-EXTERNAL-VM>
Usually there are two main things to check.
1. Port
By default, only port 80, 443 and ICMP are exposed. If your server is running on a different port, create a record for the same.
2. Firewall
Make sure you are allowing http and https traffic based on your need.
oua re
For me the problem was that I set up the traffic for the firewall rule to be 'Egress' instead of 'Ingress'.
If anyone already initiated 'https'
just disable it and check again.

Google Compute Engine LAMP Stack SFTP,SQL and HTTPS

I've setup a google compute VM, and can access phpmyadmin and the default index page. SSH works when I click the button on the website.
I am having issues remotly connecting to my server instance for any sort of management(ftp or sql)
I followed the firewall section here: https://cloud.google.com/solutions/mysql-remote-access
But I still can't connect.
My firewall is configured:
And I have no idea how to get HTTPS working, But it can be a problem to take care of in the future when I fully switch my site over the compute engine. Since I can't switch my domain or current SSL certificates over yet.
EDIT:
More information:
When I try to connect to SQL using client "Sequel Pro" it returns:
With telnet:
When I try connect to SFTP I get:
Could this be caused by me mistyping the password?
Your firewall settings show that you allowed external traffic to both ports 21 and 3306 for TCP protocol. This is good but not enough.
In order to allow remote connections to MySQL, you will need to grant remote access to your username and your external IP address. Take a look at this case for an example. This is also mentioned in step 6 and step 7 of Configure MySQL server on my-server section of the article you specified:
mysql> GRANT ALL PRIVILEGES ON *.* TO 'TESTUSER'#'<external-ip-my-client>' IDENTIFIED BY '<some-password>';
About the ftp server, the VM instance comes with no ftp service installed, but instead you can use SFTP protocol to connect to it which is more secure than FTP protocol and is highly recommended. Use gcloud compute config-ssh to generate SFTP/SSH key pair. For more information visit Setting up secure FTP on Google Compute Engine artcile.