So I have two AWS servers in question, one is running MariaDB and the other is my API server (python based). I can connect just fine locally on the MariaDB server as well as my dev computer. I cannot connect from the API server nor a third AWS server.
netstat output
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:mysql *:* LISTEN 1363/mysqld
ngrep on API server shows
interface: eth0 (10.[api ip]/255.255.255.0)
filter: (ip or ip6) and ( port 3306 )
##########
ngrep on Maria Server
interface: eth0 ([maria ip]/255.255.255.0)
filter: (ip or ip6) and ( port 3306 )
####
T [maria ip]:3306 -> [dev ip]:2392 [AP]
[redacted]
##
T [dev ip]:2392 -> [maria ip]:3306 [AP]
[redacted]
##
T [maria ip]:3306 -> [dev ip]:2392 [AP]
[redacted]
#######################
Eventually I get this error
ERROR 2003 (HY000): Can't connect to MySQL server on '[maria ip]' (110 "Connection timed out")
or from my python script
Exception happened during processing of request from ('127.0.0.1', 50110)
Traceback (most recent call last):
File "/usr/lib/python2.7/SocketServer.py", line 295, in _handle_request_noblock
self.process_request(request, client_address)
File "/usr/lib/python2.7/SocketServer.py", line 321, in process_request
self.finish_request(request, client_address)
File "/usr/lib/python2.7/SocketServer.py", line 334, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/lib/python2.7/SocketServer.py", line 651, in __init__
self.finish()
File "/usr/lib/python2.7/SocketServer.py", line 710, in finish
self.wfile.close()
File "/usr/lib/python2.7/socket.py", line 279, in close
self.flush()
File "/usr/lib/python2.7/socket.py", line 303, in flush
self._sock.sendall(view[write_offset:write_offset+buffer_size])
error: [Errno 32] Broken pipe
----------------------------------------
Before somebody mentions it, my IP tables are set correctly and AWS SecGrps are not the issue either.
This is not a duplicate of Trying to connect to remote MySQL host (error 2003) as (1) there are no (logical) devices between the server, (2) I can connect from my Dev station on the other side of the country, and (3) none of the "fixes" worked.
Also I can connect from API script to Redis Server running on my maria server.
I think you have to follow these steps as below:
Allow remote connect on MariaDB AWS server on 3306 port (depend on your config)
Check the Firewall (Security Group --> Inbound setting) on your Maria AWS server, this server have to allow access via 3306 port from IP address of API Server.
Check the Firewall (Security Group --> Oubound setting. By default AWS server allow all ports) on your API AWS server.
Reference # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
Related
I have a bot that runs on my Windows machine and I recently bought an Ubuntu virtual server. After a series of like infinite errors, I just reset the server completely and retrying from scratch. You can look here to see another post of some of my previous errors: no pg_hba.conf entry for host / Connect call failed / Invalid data directory for cluster 12 main - Postgresql Ubuntu
So now when I try to start my bot, it gives me this error:
Traceback (most recent call last):
File "bot.py", line 950, in <module>
bot.loop.run_until_complete(create_db_pool())
File "/usr/lib/python3.8/asyncio/base_events.py", line 616, in run_until_complete
return future.result()
File "bot.py", line 160, in create_db_pool
bot.pg_con = await asyncpg.create_pool(database='xxx', user='postgres', password='???')
File "/usr/local/lib/python3.8/dist-packages/asyncpg/pool.py", line 398, in _async__init__
await self._initialize()
File "/usr/local/lib/python3.8/dist-packages/asyncpg/pool.py", line 426, in _initialize
await first_ch.connect()
File "/usr/local/lib/python3.8/dist-packages/asyncpg/pool.py", line 125, in connect
self._con = await self._pool._get_new_connection()
File "/usr/local/lib/python3.8/dist-packages/asyncpg/pool.py", line 468, in _get_new_connection
con = await connection.connect(
File "/usr/local/lib/python3.8/dist-packages/asyncpg/connection.py", line 1718, in connect
return await connect_utils._connect(
File "/usr/local/lib/python3.8/dist-packages/asyncpg/connect_utils.py", line 663, in _connect
con = await _connect_addr(
File "/usr/local/lib/python3.8/dist-packages/asyncpg/connect_utils.py", line 642, in _connect_addr
await asyncio.wait_for(connected, timeout=timeout)
File "/usr/lib/python3.8/asyncio/tasks.py", line 483, in wait_for
return fut.result()
asyncpg.exceptions.InvalidAuthorizationSpecificationError: Peer authentication failed for user "postgres"
The database, user, and password are all correct though. It's working even right now as the bot is running on my Windows machine, which is why I think this is an Ubuntu specific issue. My listen addresses set to"
listen_addresses = '*'
pg_hba.conf on local windows server:
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 0.0.0.0/0 md5
# IPv6 local connections:
host all all ::0/ md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
host replication all 0.0.0.0/0 md5
host replication all ::0/ md5
and my pg_hba.conf on Ubuntu server set to:
# Database administrative login by Unix domain socket
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 md5
host replication all ::1/128 md5
If I change the first line from peer to md5, I get:
asyncpg.exceptions.InvalidPasswordError: password authentication failed for user "postgres"
and changing to trust says that there is no database xxx which is the database on my local Windows machine.
Typing ps ax | grep postgres shows:
9929 ? Ss 0:02 /usr/lib/postgresql/12/bin/postgres -D /var/lib/pos tgresql/12/main -c config_file=/etc/postgresql/12/main/postgresql.conf
9931 ? Ss 0:00 postgres: 12/main: checkpointer
9932 ? Ss 0:01 postgres: 12/main: background writer
9933 ? Ss 0:01 postgres: 12/main: walwriter
9934 ? Ss 0:01 postgres: 12/main: autovacuum launcher
9935 ? Ss 0:01 postgres: 12/main: stats collector
9936 ? Ss 0:00 postgres: 12/main: logical replication launcher
21821 pts/0 S+ 0:00 grep --color=auto postgres
I've been stuck on this for a really long time and I have no idea what to do. I really hope someone knows the issue and I hope I've given enough information. Thank you.
I think its trying to connect to a database on the Ubuntu server instead of the database on my Windows machine. How do I make it target the Windows machine?
client.pg_con = await asyncpg.create_pool(database=database, user=user, password=password, host="127.0.0.1")
Add host="127.0.0.1" as well, this solved my problem.
Not able to authenticate Askbot django application on Ubantu 18.04
Able to ping the LDAP server, but still it says - "Can't contact LDAP server"
Error logs shows:-
Traceback (most recent call last): File
"/srv/askbot/venv/local/lib/python2.7/site-packages/askbot/deps/django_authopenid/ldap_auth.py",
line 127, in ldap_authenticate_default
get_attrs File "/srv/askbot/venv/local/lib/python2.7/site-packages/ldap/ldapobject.py",
line 854, in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
File
"/srv/askbot/venv/local/lib/python2.7/site-packages/ldap/ldapobject.py",
line 847, in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
File
"/srv/askbot/venv/local/lib/python2.7/site-packages/ldap/ldapobject.py",
line 843, in search_ext
timeout,sizelimit, File "/srv/askbot/venv/local/lib/python2.7/site-packages/ldap/ldapobject.py",
line 331, in _ldap_call
reraise(exc_type, exc_value, exc_traceback) File "/srv/askbot/venv/local/lib/python2.7/site-packages/ldap/ldapobject.py",
line 315, in _ldap_call
result = func(*args,**kwargs) SERVER_DOWN: {u'info': 'Transport endpoint is not connected', 'errno': 107, 'desc': u"Can't contact LDAP
server"}
Ping uses the ICMP protocol. LDAP uses a TCP connection to (usually) port 389 (or 636 for LDAPS). Those are two different things.
So the fact that you can ping the server only means the server is online. It doesn't mean that the LDAP service is running or that a firewall is not blocking TCP traffic to the right port.
You can test opening a TCP connection to the right port on Ubuntu in one of two ways:
telnet yourserver 389
Or,
nmap yourserver 389
More information on that here.
You may have to install telnet or nmap for those to work. And if you're using LDAPS (LDAP over SSL) then you should test port 636.
I have to connect to a jumpserver to connect to a bunch of routers running only telnet. I'm new to SSH tunneling, but I've figured out that on the command line on my local machine, the following command forms the necessary tunnel:
$ ssh -fNL 2300:remote_host:23 user#jumpServer
Then all I have to do is connect to port 2300 on the local machine for the traffic to be forwarded to port 23 on the router (which doesn't have SSH and only has telnet):
> telnet localhost 2300
I have a few questions:
Where does the actual tunnel form? As I said, the router has port 22 blocked, i.e., it isn't capable of running SSH. However, my local machine and the gateway/jumpserver can. So, if the tunnel's forming between my local machine and the jump server, what is the mode of transport between the jumpserver and the router?
If I understand this right, there's a listener on my local machine on port 2300, that forwards all traffic to some port on the jump server via the SSH tunnel, that then forwards it to the router. Right?
[Python Specific question] How do I get the sshtunnel module to do this programmatically? I tried the following:
from sshtunnel import open_tunnel
from telnetlib import Telnet
js = '123.456.555.666'
js_usr = "user"
rem_host = '123.456.789.101'
with open_tunnel(
ssh_address_or_host=(js, 22),
ssh_username=js_usr,
ssh_password="password",
remote_bind_address=(rem_host, 23)
) as tunnel:
with Telnet(js, tunnel.local_bind_port, 10) as tn:
tn.interact()
However, this throws the following error:
Traceback (most recent call last):
File "C:/Users/somsinha/PycharmProjects/SysTEst/sshTunnelTest.py", line 14, in
with Telnet(js, tunnel.local_bind_port, 10) as tn:
File "C:\Users\somsinha\bin\WPy64-3741\python-3.7.4.amd64\lib\telnetlib.py", line 218, in init
self.open(host, port, timeout)
File "C:\Users\somsinha\bin\WPy64-3741\python-3.7.4.amd64\lib\telnetlib.py", line 234, in open
self.sock = socket.create_connection((host, port), timeout)
File "C:\Users\somsinha\bin\WPy64-3741\python-3.7.4.amd64\lib\socket.py", line 727, in create_connection
raise err
File "C:\Users\somsinha\bin\WPy64-3741\python-3.7.4.amd64\lib\socket.py", line 716, in create_connection
sock.connect(sa)
ConnectionRefusedError: [WinError 10061] No connection could be made because the target machine actively refused it
How to I make python ssh -fNL 2300:remote_host:23 user#jumpServer manually?
Everything is right with your code except use should use "localhost" with telnet:
from sshtunnel import open_tunnel
from telnetlib import Telnet
js = '123.456.555.666'
js_usr = "user"
rem_host = '123.456.789.101'
with open_tunnel(
ssh_address_or_host=(js, 22),
ssh_username=js_usr,
ssh_password="password",
remote_bind_address=(rem_host, 23)
) as tunnel:
# Use localhost as host
with Telnet('localhost', tunnel.local_bind_port, 10) as tn:
tn.interact()
The reason is the port is forwarded to the localhost and it must be accessed from it.
How do I connect to remote docker host using python?
>>> from docker import Client
>>> cli = Client(base_url='tcp://52.90.216.176:2375')
>>>
>>> cli.containers()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/lib/python2.7/site-packages/docker/api/container.py", line 69, in containers
res = self._result(self._get(u, params=params), True)
File "/usr/local/lib/python2.7/site-packages/docker/utils/decorators.py", line 47, in inner
return f(self, *args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/docker/client.py", line 112, in _get
return self.get(url, **self._set_request_timeout(kwargs))
File "/usr/local/lib/python2.7/site-packages/requests/sessions.py", line 480, in get
return self.request('GET', url, **kwargs)
File "/usr/local/lib/python2.7/site-packages/requests/sessions.py", line 468, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python2.7/site-packages/requests/sessions.py", line 576, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python2.7/site-packages/requests/adapters.py", line 437, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPConnectionPool(host='52.90.216.176', port=2375): Max retries exceeded with url: /v1.21/containers/json?all=0&limit=-1&trunc_cmd=0&size=0 (Caused by NewConnectionError('<requests.packages.urllib3.connection.HTTPConnection object at 0x7fd87d836750>: Failed to establish a new connection: [Errno 111] Connection refused',))
If I log-in to 52.90.216.176 and use the following:
>>> cli = Client(base_url='unix://var/run/docker.sock')
this works. But how do I connect to docker running on another server?
It sounds like you're using docker-py.
Also, it sounds like maybe you're not familiar with TLS, so please read the documentation for using TLS with docker-py. You may need to download your TLS files and copy them local to the docker-py client as they are used to authenticate that you are authorized to connect to the Docker daemon.
I hope your remote Docker daemon is not exposed to the world.
If it is not running TLS (exposed to the world):
client = docker.Client(base_url='<https_url>', tls=False)
If it is secured with TLS (not exposed to the world):
client = docker.Client(base_url='<https_url>', tls=True)
This is not answer, but need your feedback.
The error message is: Connection refused, so can you run the command:
telnet 52.90.216.176 2375
To confirm if there is no firewall issue. Sometime the port is 2376
Add tcp option to sys config as shown here:
vi /etc/sysconfig/docker
OPTIONS="--host=tcp://0.0.0.0:2375"
After restarting docker, I could connect to remote docker server using python.
I tried to start a smtp server with python with the following code:
import smtplib
smtp_server = smtplib.SMTP('localhost')
And I get the following error:
File "test.py", line 2, in <module>
smtp_server = smtplib.SMTP('localhost')
File "/usr/local/lib/python2.7/smtplib.py", line 242, in __init__
(code, msg) = self.connect(host, port)
File "/usr/local/lib/python2.7/smtplib.py", line 302, in connect
self.sock = self._get_socket(host, port, self.timeout)
File "/usr/local/lib/python2.7/smtplib.py", line 277, in _get_socket
return socket.create_connection((port, host), timeout)
File "/usr/local/lib/python2.7/socket.py", line 571, in create_connection
raise err
I tried to telnet localhost 25 and telnet localhost but they both give the following error:
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host: Connection refused
The same python code runs perfectly well on one of my other machines.
Any advice ?
Thanks.
UPDATE:
The machine I'm having problem with is running Python 2.7.2, while the machine that the code works well is running Python 2.6.2. I don't know if this is one of the reasons.
smtplib is SMTP protocol client. What you are looking for is smtpd.
The problem is that smtplib does not provide an SMTP server implementation, it implements SMTP client. Most likely, the code tries to connect to localhost and fails. See http://docs.python.org/2/library/smtplib.html
Is the other machine you write about already running an SMTP server?
And what are you trying to do?