Jelastic runs an SMTP server on a node. Does Jelastic, as a policy, allow setting up a smart relay on the local SMTP server?
I understand that some sysadmin from the service provider would need to do that on a per node basis. In my case, EverData is the service provider and their sysadmin says Jelastic policies don't allow such a change.
You can use the Elastic VPS or Docker node types to run and configure whatever you want (you have full root access). The only limitation is the provider's AUP.
Related
I need to access a postgres database from my java code which resides in openshift cluster. I need a way to do so. without initiating port forwarding manually through oc port forward command.
I have tried using openshift java client class openshift connection factory to get the connection by passing server url and username password through which I log in to the console but it dint help.
(This is mostly just a more detailed version of Will Gordon's comment, so credit to him.)
It sounds like you are trying to expose a service (specifically Postgres) outside of your cluster. This is very common.
However the best method to do so does depend a bit on your physical infrastructure because we are by definition trying to integrate with your networking. Look at the docs for Getting Traffic into your Cluster. Routes are probably not what you want, because Postgres is a TCP protocol. But one of the other options in that chapter (Load Balancer, External IP, or NodePort) is probably your best option depending on your networking infrastructure and needs.
I am integrating wirecloud and fiware-idm. Installed both through docker successfully. However, after installing fiware-idm, i am not able to login from admin. username - admin#test.com password - 1234.
Everytime it redirect it to "ip:3000/auth/login". Do I have to make any other configuration in wirecloud or fiware-idm?
Also, even after entering wrong credential, it redirects me to /auth/login and does not display any error message.
My wirecloud, fiware-idm and mysql database are in different containers. Is this can be the issue?
IdM should be deployed on production to be used by WireCloud. That is, you should configure the IDM service using public domains names, using https, and so on... Seems you are creating a local installation, so you should deploy some workarounds. Well, some of those requirements are not enforced by WireCloud, so it should be enough by ensure you use a domain name for accessing the IdM.
You can simulate having the idm server configured using public domains by adding the proper value to /etc/hosts (See this link if you are running windows), the correct value depends on how did you configured the IdM service. So, the idea is to ensure the domain used for accessing the idm resolves to the correct ip address both in the WireCloud container and from your local computer. We can provide you more detailed steps if you provide us more details about how are you launching the different containers.
I have a remote server to which I need to connect to. Let's say the hostname is Remote01. From my local, I am connecting to it via a VPN (Juniper). I have another remote server in my intranet which is an RHEL server. I loginto this RHEL server (let's call it Remote02) and in the command line I type:
ping Remote01
This returns
ping unknown host Remote01
Do I need a VPN installed in Remote02 as well?
You would need to install the VPN client on Remote02 as well in order to reach Remote01.
Or, if you're comfortable changing the routing table and firewall of your own server/machine, you can changing the routing table on Remote02. For the network of Remote01, instead of going to the default gateway, point it to your local machine. On your local machine, modify the firewall to accept incoming packets from Remote02 to forward to to Remote01 via the existing VPN connection.
I would say the first solution is much simpler. But if for some reason, the VPN client is not available on Linux then you can try the second solution.
I wanted to experiment with hosting a tiny murmur server, up to a few people.
Using a diy cartridge template, and a static build of murmur.x86, I've been able to start Murmur on the allowed OpenShift IP address.
However, how, if there's any way, would I be able to access the actual murmur server from a client, without requiring SSH > Port Forwarding from mine (and anyone else's who may want to access) local PC?
There is currently no way to expose ports other than 80/443/8000/8443 publicly on OpenShift Online. You are also able to make raw TCP connections to those ports, you can only use http/https/ws/wss. The only way to access the ports that murmur uses is over ssh port forwarding. If you would like to run a murmur server you would need to use a virtual machine that has it's own ip address and all ports exposed.
My SQL Server Windows service is set to use the NETWORK SERVICE account.
The server is installed to C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL.
However looking at the permissions on that folder, NETWORK SERVICE does not have any permissions. The groups which are allowed access to that folder are...
CREATOR OWNER - who is this?
SYSTEM - sounds fine - so that Windows can access the folder I presume?
SQLServerMSSQLUser$Computer_Name$MSSQLSERVER - this is the interesting one - what is this?
Administrators
Users
If NETWORK SERVICE is a user with minimal permissions on the system and looks to the O/S as someone connecting from a network how does it have permissions to access any files in the SQL Server install folder?
Thanks.
See Setting Up Windows Service Accounts in the SQL Server documentation:
SQL Server uses a security group to set resource ACLs rather than using the service account directly, so changing the service account can be done without having to repeat the resource ACL process. The security group can be a local security group, a domain security group or a service SID.
During SQL Server installation, SQL Server Setup creates a service group for each SQL Server component. These groups simplify granting the permissions that are required to run SQL Server services and other executables, and help secure SQL Server files.
Depending on the service configuration, the service account for a service or service SID is added as a member of the service group during install or upgrade.
That's what SQLServerMSSQLUser$Computer_Name$MSSQLSERVER is.
About NetworkService Account:
The NetworkService account is a predefined local account used by the service control manager.
...
A service that runs in the context of the NetworkService account presents the computer's credentials to remote servers.
NOT, as you put it:
looks to the O/S as someone connecting from a network