How Do You Troubleshoot Puppet Agent with a “Failed to open TCP connection…connection refused port 8140” error?

Problem scenario
You run puppet agent but you get this error:

Error: Could not request certificate: Failed to open TCP connection to puppetmaster.domain.com:8140 (Connection refused – connect(2) for “puppetmaster.domain.com” port 8140)

What do you do?

Solution
Ensure port 8140 is open. Install nmap on a server, and run this command:

nmap -p 8140 puppetmaster.domain.com

If you see this

PORT STATE SERVICE
8140/tcp closed unknown

Then the Puppet Master service is not running.

 » Read more..

How Do You Configure Linux CentOS 6.x to Accept SSH Connections?

Problem scenario
You try to use PuTTY to connect to a Linux CentOS 6.x server. You get the message “Network error: Connection refused.” What should you do?

Solution
Prerequisite
This assumes that there is no software or hardware firewall blocking port 22. You may want to use nmap or a Windows PowerShell port tester to verify port 22 is open.

 » Read more..

Why Cannot You Ping an IP Address of an AWS Server When the Security Group Should Allow for Pinging?

Problem scenario
In AWS you manually added a Security Group rule for the source of a given IP address. This IP address is either the internal or external IP address. You can ping one of them (either the internal or external IP address). Why cannot you ping each IP address?

Solution
Check to see if a firewall is running on the Linux server.

 » Read more..

What Should You Do when the Apache Mesos Web UI Keeps Refreshing and Sending a Pop-up “Failed to connect to …:5050”?

Problem scenario
You deployed Apache Mesos. The web UI is having problems. You see the error “Failed to connect to x.x.x.x:5050.” What should you do?

Solution

  1. Go to the back-end of the Apache Mesos server. Run this command: sudo systemctl stop mesos-master
  2. sudo find / -name mesos-master.sh
  3. Change directory into the parent of the “bin” directory that houses the mesos-master.sh as found above.

 » Read more..

When Does the DNS Server Override the /etc/hosts File for FQDN or Domain Name Resolution?

Problem scenario
You notice that on some Linux servers the /etc/hosts file controls the resolution of hostnames and on other servers the DNS server overrides the /etc/hosts file. Which has precedence in DNS resolution, /etc/hosts or the DNS server on the network?

Answer
It depends. The /etc/nsswitch.conf file will decide. There is a “hosts” stanza. This setting will have the DNS server override the /etc/hosts file:

hosts:dns files

This setting will have the /etc/hosts file take precedence for name resolution:

hosts:files dns

To get the hostname,

 » Read more..

How Do You Create a GCP VM to Be a Web Server?

Problem scenario
You have a GCP server. You can run curl commands to its URL via localhost. But with a URL constructed with the server’s external IP address the curl command times out. You cannot reach the URL from your workstation. How do you get the GCP server to present the web service to other machines?

Solution
Modify the firewall rule by following these steps below.

 » Read more..

What is an Ingress Resource in Kubernetes?

Question
What is an Ingress resource in Kubernetes?

Answer
It is a Kubernetes technique of exposing services via an individual IP address (page 135 of Kubernetes in Action by Luksa). In TCP/IP networking, the Ingress port allows inbound traffic to route somewhere. Kubernetes supports other IP address to service mapping methods (e.g., NodePort or LoadBalancer). NodePort operates on layer 4 of the OSI seven-layer model (according to this posting).

 » Read more..

How Do You Open a Port to Connect to a GCP server?

Problem scenario
You are used to AWS Security Groups. You created a firewall rule in GCP. You cannot seem to reach the GCP server. What is wrong?

Possible Solution
Does the GCP firewall rule use the same shorthand notation like this?
x.x.x.x/32

Inbound rules in AWS Security Groups use the /32 to allow an IP address to connect to an EC-2 instance or service.

 » Read more..

How Do You Troubleshoot a Web Server in GCP Not Working via a Web Browser when Port 80 Is Not Blocked?

Problem scenario
From a web browser these commands succeed (where x.x.x.x is the external IP address of the Linux VM serving the web service):

Test-NetConnection -ComputerName x.x.x.x -Port 80
Test-NetConnection -ComputerName x.x.x.x -Port 443

But when you open a web browser and go to the x.x.x.x IP address, but the page does not load. You may get an error message about it timing out or not being reached or available.

 » Read more..

How Do You Get Oracle VirtualBox Guest Servers to Communicate with Each Other?

Problem scenario
You want to allow for TCP/IP connectivity between two VMs running Linux in Oracle VirtualBox. What do you do?

Solution
The network settings for the VMs should be as follows:

  • The “Attached to:” setting hould be “Host-only Adapter”
  • The “Adapter type:” setting should be “Paravirtualized Network”
  • The “Cable connected” option should be checked.

 » Read more..