Two AWS Servers Cannot Ping Each Other. What Is Wrong?

0 Comments

Problem scenario:  You have two AWS instances in the same security group.  The Security Group has rules for “All TCP” associated with both the public IP address (visible in the EC2 portion of the AWS Console) and the private IP address (found when you issue an “ifconfig” at the OS level of the server).  You find that the servers cannot ping each other.  You cannot SSH from one to the other either.

Continue reading “Two AWS Servers Cannot Ping Each Other. What Is Wrong?”

Connection Refused Error When Trying to Configure Chef Server on RedHat

0 Comments

Problem scenario:  You are trying to set up a Chef Client on a VM to be configured to communicate with your Chef Server (version 12). The OS of both servers (the Chef server and the server that will be the Chef client) is RHEL 7.3.

You run this command from a server that you want to be a Chef client:

knife client list

You get this:

   

Continue reading “Connection Refused Error When Trying to Configure Chef Server on RedHat”

How Do You Get a Script with Yum Commands That Rely on a Public Website to Work when you have No Access to the Internet?

0 Comments

Problem scenario
You have a Bash script that cannot be modified that runs yum commands.  The script runs on a RedHat distribution of Linux and uses URLs with SSL (e.g., https://continualintegration.com).  The script expects a yum repository to be set up at this URL.  This script must run without access to the Internet due to enterprise security policies.  What do you do if you are behind enough security to not need SSL to be set up properly (given that you have no Internet access) and need to get the script to work immediately?

Continue reading “How Do You Get a Script with Yum Commands That Rely on a Public Website to Work when you have No Access to the Internet?”

How Do I Know If I Have a Safe Version of NTP on a Linux Server?

0 Comments

Question  How do I know if I have a safe version of NTP on a Linux server?

Background  The United States Computer Emergency Readiness Team’s website indicates that this many versions of NTP are susceptible to a denial-of-service attack.

Answer  Run this command:  ntpd –version

The output should look something like this:

ntpd 4.2.8p9

If it is lower than that (e.g.,

Continue reading “How Do I Know If I Have a Safe Version of NTP on a Linux Server?”

What is TCP port 8080 typically used for?

0 Comments

Question
What is TCP port 8080 typically used for?

Answer
Jenkins, Docker, NodeJS, Apache Ambari, Apache Marathon, Apache Tomcat, Amazon Web Services’ Elastic Load Balancer, JBoss Application Server, GitLab, M2MLogger (remote monitoring), InfoSphere BigInsights Console (IBM’s proprietary Hadoop and Spark solution), JasperReports (because of Apache Tomcat), remote management of physical routers, and enterprise network proxy services all commonly use port 8080. 

In part, taken from Learning AWS

Continue reading “What is TCP port 8080 typically used for?”

How Do You Create Docker Containers To Have Unique IP Addresses?

0 Comments

Problem scenario
How do you create Docker containers to have unique IP Addresses (but not the default 172.x.x.x type)?

Solution
(If you need help installing Docker, see this posting.)

Create new IP addresses with these commands (with sudo in front of them, preferably, or less preferably as the root user):

ip addr add 33.33.33.38/28 brd + dev eth0
ip addr add 33.33.33.39/28 brd + dev eth0
ip addr add 33.33.33.40/28 brd + dev eth0

# Replace the IP addresses and subnet masks as you desire

Then use a modified version of this command:
docker run -p 33.33.33.38:80:80 repositoryName:versionDesignation /bin/bash
# You can use the “docker images” command to find the “repositoryName” and “versionDesignation”
# The IP address and port mapping (from Linux server to Docker container) can be substituted as needed

Two or more containers on the same Docker host can use port 80 using this method. 

Continue reading “How Do You Create Docker Containers To Have Unique IP Addresses?”

How To Create IP Addresses On a Linux Server without Corresponding NICs

0 Comments

If you do not want to create new interfaces, just new IP addresses, use these commands:

ip addr add 33.33.33.38/28 brd + dev eth0
ip addr add 33.33.33.39/28 brd + dev eth0
ip addr add 33.33.33.40/28 brd + dev eth0

# Replace the IP addresses and subnet masks as you desire.

The IP addresses will go away upon rebooting.  You may want multiple IP addresses on new “semi-virtual” interfaces on a Linux server. 

Continue reading “How To Create IP Addresses On a Linux Server without Corresponding NICs”

How To Port Forward (redirect traffic destined for an IP address to a specific port)

0 Comments

Scenario:  On a Linux server, it can be useful to send traffic destined to a certain IP address to a different port on the server.  The listening service could be unique insofar as its port number has been designated.  The listening service could be a Docker container or a guest virtual machine.
Method:  iptables -t nat -A PREROUTING -i eth3 -p tcp –dport 80 -j DNAT –to 91.91.91.91:81
Explanation: 

Continue reading “How To Port Forward (redirect traffic destined for an IP address to a specific port)”