Recently i am working with DNS RR.I have DNS Server with domain Name configured with two Ip where apache httpd services are running...
DNS Server :xx.xx.xx.58,Domain Name:xxx.xxx.sam.com,httpdNode1 :xx.xx.xx.21,htttpdNode2 :xx.xx.xx.22.
From client machine xx.xx.xx.27 ping to xxx.xxx.sam.com working fine ,nslookup xxx.xxx.sam.com also giving valid results and wget to https:\xxx.xxx.sam.com:80\service?wsdl also working and returning success.
but in my java wsdl client when i try to access https:\xxx.xxx.sam.com:80\service?wsdl its not able to resolve and saying unknown host.what is missed here?
As of now DNS Server is window based but all nodes having Redhat Linux OS
Related
Problem:
how to resolve host name of kubernetes pod?
I have the Following requirement we are using grpc with java where we have one app where we are running out grpc server other app where we are creating grpc client and connecting to grpc server (that is running on another pod).
We have three kubernetes pod running where our grpc server is running.
lets say :
my-service-0, my-service-1, my-service-2
my-service has a cluster IP as: 10.44.5.11
We have another three kubernetes pod running where our gprc client is running.
lets say:
my-client-0, my-client-1, my-client-2
Without Security:
i am try to connect grpc server pod with grpc client pod and it work fine.
grpc client (POD -> my-client) ----------------> groc server(POD -> my-service)
So without security i am giving host name as my-service and it's working fine without any problem..
ManagedChannel channel = ManagedChannelBuilder.forAddress("my-service", 50052)
.usePlaintext()
.build();
With SSL Security:
if i try to connect grpc server it will throw host name not match.
we have created a certificate with wild card *.default.pod.cluster.local
it will throw the below error:
java.security.cert.CertificateException: No name matching my-service found
at java.base/sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:225) ~[na:na]
at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:98) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) ~[na:na]
Not Working Code:
ManagedChannel channel = NettyChannelBuilder.forAddress("my-service", 50052)
.sslContext(GrpcSslContexts.forClient().trustManager(new File(System.getenv("GRPC_CLIENT_CA_CERT_LOCATION"))).build())
.build();
but if i give the host name as like this ==> 10-44-5-11.default.pod.cluster.local it will work fine correctly.
Working Code
ManagedChannel channel = NettyChannelBuilder.forAddress("10-44-5-11.default.pod.cluster.local", 50052)
.sslContext(GrpcSslContexts.forClient().trustManager(new File(System.getenv("GRPC_CLIENT_CA_CERT_LOCATION"))).build())
.build();
Now my problem is cluster ip of pod is dynamic and it will change every time during app deploy. what is the right way to resolve this host name?
is it possible if i give host name and it will return me the ip then i will append default.pod.cluster.local to hostname and try to connect to grpc server?
Addressing your pod directly is not a good solution since Kubernetes may need to move your pods around the cluster. This can occur for example because of the failing node.
To allow you clients/traffic to easy find desired containers you can place them behind a service with single static IP address. Service IP can be look up through DNS.
This is how you can connect to the service through it`s FQDN:
my-service.default.svc.cluster.local
Where my-service is your service name, default for your namespace and svc.cluster.local is a configurable cluster domain suffix used in all cluster services.
It's worth to know that you can skip svc.cluster.local suffix and even the namespace if the pods are in the same namespace. So you'll just refer to the service as my-service.
For more you can check K8s documents about DNS.
I installed LDAP server on my virtual machine(centOS) running on windows, now I want to access it from windows
So how do I enable remote access to LDAP server.
I tried installing 389 Directory Server (which is actually meant for fedora), on some forum I heard its a easy GUI to do the command line jobs easily, but I did not find the option to enable the remote login or any ip filters.
Note:
I am trying to use Java to login the LDAP server for authentication and authorization, for that I am using unboundid api
You can suggest which api should I use, I am just a beginner.
Update:
my java code
LDAPConnection ldap = new LDAPConnection("http://xxx.xx.xx.xxx", 9830);
error
an error occurred while attempting to connect to server http://xxx.xx.xx.xxx:9830: java.io.IOException: An error occurred while attempting to establish a connection to server http://xxx.xx.xx.xxx:9830: java.net.UnknownHostException: http://xxx.xx.xx.xxx')
I also tried ldap://xxx.xx.xx.xxx instead of http://xxx.xx.xx.xxx
Don't specify the server address as a URL. Just specify the address as either an IP address or resolvable name. So instead of "http://xxx.xx.xx.xxx" just use "xxx.xx.xx.xxx".
I'm getting the following error when i'm trying to connect via RMI to a JBoss application
javax.naming.CommunicationException [Root exception is java.lang.ClassNotFoundException: org.jboss.proxy.ClientContainer]
This error occurs only after enabling IPtables on a linux server.
At the moment, we use this application as a logging tool between 2 servers, but it all Ports to be open because RMI uses random ports for the export of objects if i'm not mistaken
We have tested with some small test applications and the following is a viable solution when using firewalls with RMI:
UnicastRemoteObject.exportObject(server, 1244);
I export the object over port 1244
The following ports are open at this moment:
1244: The RMI-export object
1066: Binding with RMI on the server
1099: Registering on the management server
Is there anybody that could push me in the right direction to get this implementation working?
Thanks in advance!
I have deployed tomcat 7 on unix server. Application is working properly in its internal text mode browser which is elinks.
My server ip is 190.0.0.1 and hostname is test123. In elink i entered the URL http://localhost:9999/Test, then the application is working properly.
But whenever i tried to access the application hitting URL http://190.0.0.1:9999/Test, than it is not working. I checked the logs there is no error message in it.
May be some configuration issue i have to change but dont know which?
Please issue hostname -i in your unix box to get the ip address of your machine. Example:
[ssivan#wsapp403p.prod.ch4 conf]$ hostname -i
10.236.55.42
Then you can try with that ip address. Example:
http://10.236.55.42:9999/Test
I'am installing ArcGisServer for the Java plataform on Centos 5.5 x86_64, this is not a supported platform but I have overcome almost every problem preventing the success of the installation. It uses exhaustively Sun Directory Server. The last error i receive was:
ldap_simple_bind: Can't connect to the ldap server - No route to host
It happens in other applications which makes uses of it, so it seems to be an specific problem of Sun Directory Server on linux and solaris. There is no reported solution. Usually I search the problem as much as I can but this time I have reached my patience and I need it working as soon as posible. I recognize this as an excellent forum because of it's community and quality of answers, ¿can anybody help me with this?
The "No route to host" error suggests that the issue is one of network connectivity between your ArcGIS server (the Sun Directory Server component, as you mention) and the LDAP server. So, a few things to examine, in order:
Do you have an LDAP server set up and running?
Is your LDAP server reachable from your Centos machine outside of the ArcGis server?
Is your ArcGis configured with the correct address to the LDAP server - should be in the web.config file? Example below:
<connectionStrings>
<add name="ADConnectionString"
connectionString="LDAP://SERVER_LDAP:389/ou=Sigestredi,o=Sicondef,dc=aplicaciones,o=mdef,c= es" />
</connectionStrings>
Disclaimer: I don't know anything about the ArcGIS server per se - I'm just diagnosing the "no route to host error" with a few snippets I picked up from some quick searches of the ArcGis forums.
ArcGIS includes a Sun Directory Server on it, so arcgis server and ldap are on the same machine. The port is set to 62000. When I run the diagnostic tool the DG028 fails:
DG028 - check LDAP server: is listening
I made a prove using nmap as:
nmap localhost -p62000
And it says it is opened. I don't know how to verify if LDAP is up and running, the startup log doesn't show anything wrong. I have found a config file named ldap.conf:
url ldap://name.subdomain.domain:62000/dc=name,dc=arcgis
admnm agsadmin
And my /etc/hosts is:
127.0.0.1 localhost localhost
ip_direction name.subdomain.domain name.subdomain.domain
I don't have an alias for "name", so:
ping name.subdomain.domain
Works
But:
ping name
Doesn't work
I have never used ldap so I don't know what should be on "dc". Could my hosts file be malformed or is my ldap.conf?
Another information is that the computer I am using is part of a domain. When I installed Centos, /etc/hosts file had an alias for the loopback interface as localhost.localdomain but i removed it.
I would appreciate any help.
I have solved my problem, the problem was on my /etc/hosts file. I added an alias for my ip direction:
127.0.0.1 localhost localhost
ip_direction name.subdomain.domain name
Then I run the ServerConfig script. This is a successful installation of ArcGIS Server for the Java platform on Linux. Thanks Greg for your guide.