I have a Selenium Grid up and running on an AWS EC2 instance. I would like to connect to this from my local machine using Java to fire off my tests via a RemoteWebDriver, however, I'm unable to connect to the server be it through SSH or the Public IP.
For example I need to access the instance on port 4444 for a url of http://123.456.78.910:4444/wd/hub this would then need to establish a connection and receive my tests.
Whenever I try to use the Public IP I simply get a time-out.
Any help would be greatly appreciated.
You are getting a time out because your port 4444 is blocked in the EC2 security group. Check below you have add that rule to you EC2 security group. You can either add 0.0.0.0/0 but I will suggest just add your IP as you will be the only one to access that port from your local and for better security.
When you start a selenium grid hub - you are shown a message such as :
register node to the hub: http://{hub-ip}:4444/grid/register
When i tried to register a node with hub-ip , it did not work for me.
so i checked the public-ip of my ec2 instance by logging in to the ec2 console.
then i registered the node with http://{public-ip}:4444/grid/register
it worked.
so use public ip of ec2 instance to register the node.
the hub-ip duggested by selenium grid did not work for me on ec2
if i place hub , node on local machine - then none of this problem occurs.
are you running node and hub on different ec2 instances ?
You should also add the remotehost option while starting a node from an instance different from the hub instance to tell the hub about your ip address.
java -Dwebdriv.gecko.driver="geckodriver" -jar selenium-server-standalone-3.13.0.jar -role node -hub http://{hub-public-ip}:4444/grid/register/ -remoteHost "http://{node-public-ip}"
public ip of script instance - 34.224.113.203
I had the same problem with Selenium standalone 3-x. I installed a proxy server (nginx) and did a port forwarding. Then it started working.
Do not use the container port directly, instead use the host port which in turn communicate to container port.
For eg: docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
"container id" selenium/hub "/opt/bin/entry_poinâ¦" 23 hours ago Up About an hour 0.0.0.0:32768->4444/tcp hub
Here use the port 32768 instead of 4444
Related
I am trying to debug my app in testing environment, my app is running in pod, I said 'pod' because I am not familiar with Kubernetes, its manage client looks like this:app running schematic diagram. I have learn I should set idea like this idea RUN/Debug Configurations schematic diagram. And should restart and redeploy my app, I changed Dockfile firstly. the origin instruction is FROM xxx/java:alpine VOLUME /tmp ADD recruitment.jar app.jar ENTRYPOINT ["java","-Xmx2048m","-jar","/app.jar"] and I changed this to FROM xxx/java:alpine VOLUME /tmp ADD recruitment.jar app.jar ENTRYPOINT ["java","-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005","-jar","/app.jar"] but it always show error like this Error running 'face_remote': Unable to open debugger port (888.88.888.888[not real]:5005): java.io.IOException "handshake timeout". I am not sure with this ip,sicne I use 'ping 888.88.888.888' instruction can not success. I use this ip because Swagger request url's domain name's ip is this.this main enter image description here. and I guess if the app is running in docker or k8s and it will have a different Interactive mode. not same like just running in linux
most of the attached image are not visible.
IP address should be accessible from your local system
[888.88.888.888] note sure this is correct.
debug port also need to be mapped from your local system
-use port forwarding
ex:kubectl port-forward 5005:5005
If you have configure port forwarding then you can use localhost:5005 for debugging
I see three things that you can check:
Check the IP address:
The jar file runs inside a Docker container, which runs inside a pod. To access the pod you usually go through a service and an ingress. The ip you are using is most likely hitting the ingress/service or any other higher layer.
To attach a remote debugger, you will need to connect directly to the PodIP. One way of doing this is to first connect to your kubernetes cluster using the tool kubectl (some configuration required) and make a port forward from your pod: kubectl port-forward my-pod-c93b8b6df-8c4aa 5005:5005 pod (as an example, the pod instance name is my-pod-c93b8b6df-8c4aa).
This will open a connection from your local computer into the pod. Then you will need to identify the PodIP by kubectl describe pods my-pod-c93b8b6df-8c4aa and use that in IntelliJ
Check if the port is exposed:
Make sure you expose the port 5005 from the pod in your test environment (similar to exposing a port when you run the container locally).
How to do this depends a bit on how you are running your Kubernetes cluster. If you use Helm chart, you can just add a configuration like this in the port section of your deployment yaml:
- containerPort: 5005
name: debug
protocol: TCP
Check debug-command address:
Last thing is to make sure you are adding the correct address in the command line option. As IntelliJ suggest in the debug editor: for JDK9+ use …suspend=n,address=*:5005 and for JDK8 and below use …suspend=n,address=5005
I've installed the minikube instance on my local computer (--driver=docker). The minikube ip is 192.168.49.2. When I start minikube (minikube start --memory 7168) I get no errors on console. But trying to ping the minikube ip fails. What I do wrong?
$ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
minikube Ready control-plane,master 9d v1.20.2 192.168.49.2 <none> Ubuntu 20.04.1 LTS 5.4.72-microsoft-standard-WSL2 docker://20.10.3
Recall that minikube is local Kubernetes - it runs a single-node Kubernetes cluster on your personal computer so that you can try out Kubernetes. Now, it doesn't run the Kubernetes cluster in your local box, it runs it inside a VM.
That is why you can't simply access Node IP from your local. Another way to see it is that in Kubernetes you can create NodePort Service to access your workload outside of your cluster but this doesn't work when you are running Kubernetes using minikube - and the reason is the same as mentioned above.
Now, how you work around that is by using minikube service <<YOUR_SERVICE_NAME>> command. This will create a tunnel to access your application - which is exposed using the Service - from outside of the K8S cluster.
You can try minikube tunnel as mentioned by #Hackerman but I have never tried it.
Just to add a bit on top of the previous answer. There is docker bridge limitation that makes it impossible to route the traffic to Linux containers. That is why the minikube tunnel and service were implemented as workaround for that.
minikube tunnel runs as a process, creating a network route on the
host to the service CIDR of the cluster using the cluster’s IP address
as a gateway. The tunnel command exposes the external IP directly to
any program running on the host operating system.
Alternative way to that you may find interesting would be using an ingress which was enabled in #9761 pull request:
.\minikube-windows-amd64.exe addons enable ingress I1121 00:59:39.443965 3000 translate.go:89] Failed to load translation file for en: Asset translations/en.json not found
* After the addon is enabled, please run "minikube tunnel" and your ingress resources would be available at "127.0.0.1"
* Verifying ingress addon...
* The 'ingress' addon is enabled
On your windows system, after the creation of the container that is created by the initial "minikube start", you can see the "minikube instance" by typing "docker ps". This is the minikube 'master' node running in this container.
It would look something like this:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6293ca0ba5b0 gcr.io/k8s-minikube/kicbase:v0.0.25 "/usr/local/bin/entr…" 2 hours ago Up About an hour 127.0.0.1:59539->22/tcp, 127.0.0.1:59540->2376/tcp, 127.0.0.1:59537->5000/tcp, 127.0.0.1:59538->8443/tcp, 127.0.0.1:59536->32443/tcp minikube
In the PORTS column you will see ports that are forwarded by virtue of the way that minikube start the docker container. You can see these kinds of forwards are handled by docker the same as for any contain that you might do a "docker run -p port:port"
Notice that the first port forward in this list is the ssh port: "127.0.0.1:59539->22/tcp".
When you do a "minikube tunnel", minikube will open ssh.exe instances that you can see in your windows task manager if you enable the Command Line display in the column settings.
Those 'tunnels' would look like this:
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -N docker#127.0.0.1 -p 59539 -i C:\Users\steve.sims\.minikube\machines\minikube\id_rsa "-L 8080:10.102.174.166:8080"
If I take that command apart and only run this from the command prompt:
ssh docker#127.0.0.1 -p 59539 -i C:\users\steve.sims\.minikube\machines\minikube\id_rsa
Then I get an interactive remote window into the minikube VM (or node). Typing 'ifconfig eth0' I get:
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.49.2 netmask 255.255.255.0 broadcast 192.168.49.255
So, indeed my minikube ip is 192.168.49.2, but it is an internal address as the folks above mentioned.
Other than that, the -N parameter on the ssh means "no command" and the -L on the end is the port forward flag in port-to-forward:destination-socket format. Of course, so all of the tunnels are coming across that initial docker -p port:port forward that minikube established when the container was started.
If it is useful, you can create your own ssh instances from that line's format by script and they will work just as well.
Problem:
how to resolve host name of kubernetes pod?
I have the Following requirement we are using grpc with java where we have one app where we are running out grpc server other app where we are creating grpc client and connecting to grpc server (that is running on another pod).
We have three kubernetes pod running where our grpc server is running.
lets say :
my-service-0, my-service-1, my-service-2
my-service has a cluster IP as: 10.44.5.11
We have another three kubernetes pod running where our gprc client is running.
lets say:
my-client-0, my-client-1, my-client-2
Without Security:
i am try to connect grpc server pod with grpc client pod and it work fine.
grpc client (POD -> my-client) ----------------> groc server(POD -> my-service)
So without security i am giving host name as my-service and it's working fine without any problem..
ManagedChannel channel = ManagedChannelBuilder.forAddress("my-service", 50052)
.usePlaintext()
.build();
With SSL Security:
if i try to connect grpc server it will throw host name not match.
we have created a certificate with wild card *.default.pod.cluster.local
it will throw the below error:
java.security.cert.CertificateException: No name matching my-service found
at java.base/sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:225) ~[na:na]
at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:98) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) ~[na:na]
Not Working Code:
ManagedChannel channel = NettyChannelBuilder.forAddress("my-service", 50052)
.sslContext(GrpcSslContexts.forClient().trustManager(new File(System.getenv("GRPC_CLIENT_CA_CERT_LOCATION"))).build())
.build();
but if i give the host name as like this ==> 10-44-5-11.default.pod.cluster.local it will work fine correctly.
Working Code
ManagedChannel channel = NettyChannelBuilder.forAddress("10-44-5-11.default.pod.cluster.local", 50052)
.sslContext(GrpcSslContexts.forClient().trustManager(new File(System.getenv("GRPC_CLIENT_CA_CERT_LOCATION"))).build())
.build();
Now my problem is cluster ip of pod is dynamic and it will change every time during app deploy. what is the right way to resolve this host name?
is it possible if i give host name and it will return me the ip then i will append default.pod.cluster.local to hostname and try to connect to grpc server?
Addressing your pod directly is not a good solution since Kubernetes may need to move your pods around the cluster. This can occur for example because of the failing node.
To allow you clients/traffic to easy find desired containers you can place them behind a service with single static IP address. Service IP can be look up through DNS.
This is how you can connect to the service through it`s FQDN:
my-service.default.svc.cluster.local
Where my-service is your service name, default for your namespace and svc.cluster.local is a configurable cluster domain suffix used in all cluster services.
It's worth to know that you can skip svc.cluster.local suffix and even the namespace if the pods are in the same namespace. So you'll just refer to the service as my-service.
For more you can check K8s documents about DNS.
I am running tomcat in linux pc whose ip address is 192.168.1.31 and port number is 8084 . I have tested it via the following url :
http://192.168.1.31:8084/
The welcome message is come as depicted int he following picture :
But when I enter the above address from another pc (windwos 10 ) , I am getting this error :
This site can’t be reached
192.168.1.31 took too long to respond.
Search Google for 201 8084
ERR_CONNECTION_TIMED_OUT
I have firewall off . I cant understand where is the error . Please help me .
IP address which starts with192.168. by default is for local network, so if your windows machine isn't in this network it actually can't reach your tomcat. Check ipconfig on your windows machine and try to find address which starts from 192.168. to find it out.
Also you can change your tomcat bind address in the config file tomcat/conf/server.xml and bind tomcat to public IP address.
Another solution is to configure your iptables to forward traffic from some port of your public IP to the port 8084 on your local network.
I created a small web application.if i deployed its work but if try to run application it show
the port 8888 appears to be in use(perhaps by another lanch),do you still to contine with this lanch? i clicked yes
but show the error
Could not open the requested socket: Address already in use: bind
Try overriding --address and/or --port.
The problem is what it is stating.
You are facing this issue because of the following:
Either the port 8888 is in use by some other application and not previous launch. This is less likely.
This condition is more likely and it is because you have already launched the application once i.e. via the Run as Web Application. And it is still running. In your Eclipse, visit the Window-> Show View -> Console. And in the Console window, you will find one or more previous instances running. Please stop that.
There are some instances where the solution suggested by Romin will not work because the option to stop the process does not present itself in the console.
In these cases, you can probably find out which process ID is using the port and then kill that process.
For example, on a mac, this worked for me:
😈 >lsof -i tcp:8888
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 25866 alexryan 60u IPv6 0x96e9c26778f105e1 0t0 TCP localhost:ddi-tcp-1 (LISTEN)
😈 >kill 25866
😈 >lsof -i tcp:8888
😈 >
The port number 8888 is in use means that port already been activated. do one thing go to servicees option of control panel set the server start option from automatic to manual. Then your apps will get run. else you can stop the server from your eclipse env stop option.