How can I connect the Azure Cache for Redis to the Flask WebApp that uses celery to perform some asynchronous tasks? Whenever I try to connect via Webjob, it would say unable to connect to redis.
I also tried enter this celery inspect ping -b redis://{password}#{redis_service_name}.redis.cache.windows.net:6379/0 from this post How to configure celery-redis in django project on microsoft azure? but i would get Connection Failure: If this issue persists, ensure your computer's firewall and proxy settings allow outbound TCP traffic to port 10225. Using the firewall feature on your cache may also block connections from the console if your IP address has not been whitelisted
If there is no special rule in the firewall, this error should not occur. In general, there are special firewall settings in company networks, so access problems can occur. In this case, you need to allow the firewall to port 10225 outbound.
You can test it on a different network using Redis console on Azure to see if it's firewall-related.
using company network with firewall rule
other network without firewall rule
Try switching your network to work temporarily. This is a network specific issue and the port used to connect to Redis server is blocked and needs to be opened.
Related
I'm creating a python flask api on remote desktop and running it on localhost of remote desktop.
Is there anyway I can access this api from my local machine?
We are working in a team and I want to share this with my team members, but this is confidential and not to be deployed on open server.
We want to post and get the result with every member's local machine from api runnnig on remote desktop.
Both of our local machines and remote desktop are windows10.
Sorry for being abstract but I'm searching for any way out. Thanks.
Well, you should open your way to this API. You'll have to set up a VPN or IP address filter in the server so you can access the server from your network while still have it secured on the Internet. You can also setup a simpler proxy if you prefer it. I'll not cover the details on how to setup a VPN or proxy since it can get pretty extensive, but a Google search will help you out find the best alternative for you.
AFAIK, the Remote Desktop Protocol does not allow for any kind of VPN. However, if you can switch to TeamViewer, it does have an easy to setup VPN system that will allow you to get into the network with few configuration. Once a VPN is configured, it will work like if you were in the same network as the server, so from there you can access your API from your host machine by just going to the IP address of the server.
Do notice the security policies of whoever owns the server, since you can get into trouble if you don't have permission to enable some access from the outside. Security goes always in front of comfort.
Short term solution:
Firstly download ngrok for your operating system.
For debugging and testing purposes you can expose a secure tunnel connection to your API by running this command in your command prompt / terminal.
ngrok http <PORT_NUMBER>-host-header="localhost:<PORT_NUMBER>"
Where PORT_NUMBER is the port number in which your flask application is running.
Example if your flask application is running at port 5000 then simply execute this command:
ngrok http 5000 -host-header="localhost:5000"
Running this will give you two hostnames one with HTTP and other a secure HTTPS connected by a tunnel like this for a duration of 8 hours after which the command needs to again re-run.
Which you can call remotely
Long term solution:
Deploy flask application using FastCGI
or
To a cloud infrastructure provider like Microsoft Azure which gives readymade templates for flask applications.
I have developed a Django application which I wish to deploy on apache2.4 server. I have configured mod_wsgi and stuff on a system, which is going to be my server and localhost:8081 (apache's port) is working properly on the server system. I am in a corporate environment. When I wish to access the application from another system, I am unable to access the page.(The server and client are in the same network, both using LAN)
Observations:
8081 port is listening on my server system
(Proto: TCP, Local Address: 0.0.0.0:8081, Foreign Address: Computername:0, State: LISTENING)
I am unable to telnet to server ip on port 8081
(Connecting To 10.176.241.35...Could not open connection to the host, on port 8081: Connect failed)
Able to ping server IP (EDIT)
I have JDeveloper installed in my server system and I am able to access
the homepage of WebLogic server from another system though.
Site can't be reached, took too long to respond error while trying to
access the page from client system
What all I have done so far:
Followed the exact steps mentioned in here for configuring apache with django
Turned off firewall in both client and server systems
Add inbound and outbound exception rules in Advcanced firewall
settings in both client and server systems
I am unable to know the root cause of this problem and I have been working on this for a week and a half. I do not have much knowledge in networking and I am badly in need of some help. Sorry if the question is too naive.
I am trying to run flower on a remote ubuntu server. However, I am unsure on what address/port to run it on so that other people can login (I have the basic auth set up) and check their celery workers. The ubuntu server is actually an EC2 instance, so am I supposed to use its private or public ip address? Do I just open any standard port? In their docs, they use their example setup with http://localhost/5555 but I do not think that will work if flower will be running on a remote server. Any advice?
Flower runs on 5555 by default- which port are you running it on? The private IP is only available if the requests are coming from INSIDE your amazon network, so probably public.
So, if my guesses are right, you want to create an AWS security rule allowing traffic from "anywhere" to port 5555 and apply that to your instance, and then access that instance using its public ip like
http://50.31.10.99:5555
If I run my flask app on my local machine I get proper results by connecting to http://127.0.0.1:5000/report?id=1
But now I want to make it externally visible by deploying my flask in a VM in azure. I have opened the port 80 on my VM. And I'm running the flask app using this:
if __name__ == '__main__':
app.run(host='0.0.0.0')
I'm still not able to connect to my flask server using this (assume the public IP address of my VM is x.x.x.x):
http://x.x.x.x:5000/report?id=1
Any suggestions how should I go ahead with it?
Edit: I'm able to psping my VM's public IP address on port 80.
The problem isn't related to Flask, since you opened up your application to listen on any public IP (0.0.0.0).
Moreover you should do a proper port mapping in your azure configuration. Google said, you might have a look here: https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/
EDIT
Another idea, where some colleages often run into, is that you may have skype open which somewhat uses port 80/443 and therefore is blocking it. Shutdown skype if you do so or use a different port for your webapp.
So here's the deal with Azure:
If you open a port from the Azure portal, the firewall in your VM STILL blocks that port. You have to manually go in and create a firewall setting in your VM to keep the port 5000 open for your flask server. Once that is done, you should be able to connect to it.
I have a django application hosted on webfaction which now has a static/private ip.
Our network in the office is obviously behind a firewall and the AD server is running behind this firewall. From inside the network i can authenticate using python-ldap with the AD's internal IP address and the port 389 and all works well.
When i move this to the hosted webserver i change the ip address and port that has been openend up on our firewall. For simplicity the port we opened up is 389 however the requests to authenticate always timeout. When logged into webfaction and running python from the shell and querying the ipaddress i get webfactional's general ip address rather than my static ip.
Is this whats happening when i try and auth in django? the request comes from the underlying ip address that python is running on rather than the static ip that my firewall is expecting?
Im fairly clueless to all this networking and port mapping so any help would be much appreciated!
Hope that makes sense?
I would recommend against opening the port on the firewall directly to LDAP. Instead I would suggest making an SSH tunnel. This will put the necessary encryptionn around the LDAP traffic. Here is an example.
ssh -N -p 22 username#ldapserver -L 2222/localhost/389
This assumes that the ssh server is running on port 22 of your ldap server, and is accessible from your web host. It will create a tunnel from port 389 on the ldap server to port 2222 on the web host. Then, you configure your django application on the web host to think that the LDAP server is running on localhost port 2222.
There are quite a few components between your hosted django application and your internal AD. You will need to test each to see if everything in the pathways between them is correct.
So your AD server is sitting behind your firewall. Your firewall has ip "a.b.c.d" and all traffic to the firewall ip on port 389 is forwarded to the AD server. I would recommend that you change this to a higher more random port on your firewall, btw. Less scans there.
With the shell access you can test to see if you can reach your network. Have your firewall admin check the firewall logs while you try one of the following (or something similar with python) :
check the route to your firewall (this might not work if webfaction blocks this, otherwise you will see a list of hosts along which your traffic will pass - if there is a firewall on the route somewhere you will see that your connection is lost there as this is dropped by default on most firewalls):
tracert a.b.c.d
do a telnet to your firewall ip on port 389 (the telnet test will allow your firewall admin to see the connection attempts coming in on port 389 in his log. If those do arrive, that means that external comm should work fine):
telnet a.b.c.d 389
Similarly, you need to check that your AD server receives these requests (check your logs) and as well can respond to them. Perhaps your AD server is not set up to talk to the firewall ?