I've installed the latest RabbitMQ server (rabbitmq-server-3.3.0-1.noarch.rpm) on a fresh Centos 5.10 VM according to the instructions on the official site.
I've done this many times before during development and never had any issues. However, this time I cannot log into the management web interface using the default guest/guest user.
In the logs, I see the following:
=ERROR REPORT==== 4-Apr-2014::00:55:15 ===
webmachine error: path="api/whoami"
"Unauthorized"
What could be causing this?
It's new features since the version 3.3.0
http://www.rabbitmq.com/release-notes/README-3.3.0.txt
server
------
...
25603 prevent access using the default guest/guest credentials except via
localhost.
If you want enable the guest user read this or this RabbitMQ 3.3.1 can not login with guest/guest
# remove guest from loopback_users in rabbitmq.config like this
[{rabbit, [{loopback_users, []}]}].
# It is danger for default user and default password for remote access
# better to change password
rabbitmqctl change_password guest NEWPASSWORD
If you want create a new user with admin grants:
rabbitmqctl add_user test test
rabbitmqctl set_user_tags test administrator
rabbitmqctl set_permissions -p / test ".*" ".*" ".*"
Now you can access using test test.
If you still can't access the management console after a fresh install, check if the management console was enabled. To enable it:
Go to the RabbitMQ command prompt.
Type:
rabbitmq-plugins enable rabbitmq_management
Something that just happened to me and caused me some headaches:
I have set up a new Linux RabbitMQ server and used a shell script to set up my own custom users (not guest!).
The script had several of those "code" blocks:
rabbitmqctl add_user test test
rabbitmqctl set_user_tags test administrator
rabbitmqctl set_permissions -p / test ".*" ".*" ".*"
Very similar to the one in Gabriele's answer, so I take his code and don't need to redact passwords.
Still I was not able to log in in the management console. Then I noticed that I had created the setup script in Windows (CR+LF line ending) and converted the file to Linux (LF only), then reran the setup script on my Linux server.
... and was still not able to log in, because it took another 15 minutes until I realized that calling add_user over and over again would not fix the broken passwords (which probably ended with a CR character). I had to call change_password for every user to fix my earlier mistake:
rabbitmqctl change_password test test
(Another solution would have been to delete all users and then call the script again)
If on Windows and installed using chocolatey make sure firewall is allowing the default ports for it:
netsh advfirewall firewall add rule name="RabbitMQ Management" dir=in action=allow protocol=TCP localport=15672
netsh advfirewall firewall add rule name="RabbitMQ" dir=in action=allow protocol=TCP localport=5672
for the remote access.
I also couldn't log in to Rabbit's web interface. in my case, cookies were disabled in the browser for this web interface. I allowed cookies to be saved and rebooted chrome. and I was able to log in again.
If you are in Mac OS, you need to open the /usr/local/etc/rabbitmq/rabbitmq-env.conf and
set NODE_IP_ADDRESS=, it used to be 127.0.0.1. Then add another user as the accepted answer suggested.
After that, restart rabbitMQ, brew services restart rabbitmq
Related
I am trying to debug my app in testing environment, my app is running in pod, I said 'pod' because I am not familiar with Kubernetes, its manage client looks like this:app running schematic diagram. I have learn I should set idea like this idea RUN/Debug Configurations schematic diagram. And should restart and redeploy my app, I changed Dockfile firstly. the origin instruction is FROM xxx/java:alpine VOLUME /tmp ADD recruitment.jar app.jar ENTRYPOINT ["java","-Xmx2048m","-jar","/app.jar"] and I changed this to FROM xxx/java:alpine VOLUME /tmp ADD recruitment.jar app.jar ENTRYPOINT ["java","-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005","-jar","/app.jar"] but it always show error like this Error running 'face_remote': Unable to open debugger port (888.88.888.888[not real]:5005): java.io.IOException "handshake timeout". I am not sure with this ip,sicne I use 'ping 888.88.888.888' instruction can not success. I use this ip because Swagger request url's domain name's ip is this.this main enter image description here. and I guess if the app is running in docker or k8s and it will have a different Interactive mode. not same like just running in linux
most of the attached image are not visible.
IP address should be accessible from your local system
[888.88.888.888] note sure this is correct.
debug port also need to be mapped from your local system
-use port forwarding
ex:kubectl port-forward 5005:5005
If you have configure port forwarding then you can use localhost:5005 for debugging
I see three things that you can check:
Check the IP address:
The jar file runs inside a Docker container, which runs inside a pod. To access the pod you usually go through a service and an ingress. The ip you are using is most likely hitting the ingress/service or any other higher layer.
To attach a remote debugger, you will need to connect directly to the PodIP. One way of doing this is to first connect to your kubernetes cluster using the tool kubectl (some configuration required) and make a port forward from your pod: kubectl port-forward my-pod-c93b8b6df-8c4aa 5005:5005 pod (as an example, the pod instance name is my-pod-c93b8b6df-8c4aa).
This will open a connection from your local computer into the pod. Then you will need to identify the PodIP by kubectl describe pods my-pod-c93b8b6df-8c4aa and use that in IntelliJ
Check if the port is exposed:
Make sure you expose the port 5005 from the pod in your test environment (similar to exposing a port when you run the container locally).
How to do this depends a bit on how you are running your Kubernetes cluster. If you use Helm chart, you can just add a configuration like this in the port section of your deployment yaml:
- containerPort: 5005
name: debug
protocol: TCP
Check debug-command address:
Last thing is to make sure you are adding the correct address in the command line option. As IntelliJ suggest in the debug editor: for JDK9+ use …suspend=n,address=*:5005 and for JDK8 and below use …suspend=n,address=5005
So apologies if what I ask is trivial but I am experimenting with Memcached and Jmeter. I have a Memcached server setup (as far as I can tell) and am able to make telnet requests to it via telnet IP PORT and additionally set and get using commands set and get appropriately.
Now point me to a different application if perhaps this is the wrong choice; but my understanding was that Jmeter should allow me to pound the server with equivalent Set and Get requests.
Unfortunately the experimental platform is a remote linux PC running Rockylinux which is similar to CentOS / RedHat to my understanding (I didn't set this part up); and as a result I do not have a GUI to launch while on the Linux PC. I have however opened Jmeter up on my local PC on windows and understand I should be able to send the test file over and run it.
I followed these instructions to try to setup a TCP sampler and set the "text to send" field as below; after doing the additional step in the link regarding the precompiler.
set tutorialspoint 0 900 9${CR}${LF}
memcached${CR}${LF}
quit${CR}${LF}
Running the above as a headless jmeter session doesn't generate any errors called [./jmeter -n -t "Sample.jmx" -l testresults.jtl"] but when I connect via telnet I'm also not seeing the value for the key "tutorialspoint" get updated. When manually doing the get and set I am seeing updates. Any ideas what I could be doing wrong? Checking the log indicates ResponseCode 200 OK as expected. Is there a good method to debug something in a Headless setup?
Thanks for your time.
I believe the easiest way is using Memcached Java Client library
Download spymemcached-2.12.3.jar and drop it to "lib" folder of your JMeter installation (or any other location in JMeter Classpath)
Restart JMeter to pick the .jar up
Add JSR223 Sampler to your test plan and use the following code snippets:
def client = new net.spy.memcached.MemcachedClient(new InetSocketAddress('your-memcached-host', your-memcached-port)) - for connecting to the server
client.set('tutorialspoint', 900, 'memcached').done to write memcached to the tutorialspoint key for 15 minutes
client.get('tutorialspoint') - to read the value of tutorialspoint key
client.shutdown() - to disconnect
More information on Groovy scripting in JMeter: Apache Groovy - Why and How You Should Use It
Demo:
I want to create a web application where employees could manage their email-forwarding settings.
In the past, this happened via some PowerShell scripts. For example, setting email forward with copy:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://[server] -Authentication Kerberos
Import-PSSession $Session
Set-Mailbox -Identity "{USERNAME}" -DeliverToMailboxAndForward $true -ForwardingAddress "{EMAIL}"
I set the redirection and watched the Active Directory for changes. It set the parameter altRecipient of the original recipient to the DN of the new and the parameter altRecipientBL of the new recipient to the DN of the old. I tried to reproduce these parameters with JND functionalities, but it doesn't redirect the mails. So there must be more what this PowerShell Command does, maybe changing the settings of the ExchangeServer.
How could I reproduce following functionality in Java preferably without using the PowerShell?
check forwarding status
remove forwarding
set forwarding with copy
set forwarding without copy
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://[server] -Authentication Kerberos :Creates a new remote session (via WSMAN) to the exchange server.
Import-PSSession $Session: Is used to import the remote Exchange cmdlets to your local machine. If you would not call Import-PSSession, Set-MailBox-cmdlet of the next line would not be available on your local machine:
Set-Mailbox -Identity "{USERNAME}" -DeliverToMailboxAndForward $true -ForwardingAddress "{EMAIL}"
From microsoft:
The Import-PSSession cmdlet imports commands , such as cmdlets, functions, and aliases, from a PSSession on a local or remote computer into the current session. You can import any command that the Get-Command cmdlet can find in the PSSession. ...
Your question:
How could I reproduce following functionality in Java preferably without using the PowerShell?
Well you've to use kind of Java remoting mechanism towards Exchange server. On the Exchange server there needs to be some endpoint that is able to call the PowerShell command.
Hope that helps.
If I open jvisualvm and go to File >> Add Remote Host I am prompted to create a new remote server entry. I enter a host name of myapp01.example.org, and then I see that server show up under the Remote section of the Applications tree on the left-hand side. When I right-click that server, and click Add JMX Connection, I see the following dialog:
Let's say I have a Java app (WAR deployed to Tomcat) running on myapp01.example.org:8443. To SSH into the server, I use username skroob and a password of 12345 (hey, that's the combination on my luggage!):
ssh skroob#myapp01.example.org
skroob#myapp01.example.org's password: 12345
When I fill out the dialog as follows:
Connection: myapp01.example.org:8443
Username: skroob
Password: 12345
I get the following error:
Cannot connect to skroob#myapp01.example.org:8443 using service:jmxLrmi:///jndi/rmi://myapp01.example.org:8443/jmxrmi
I believe this may be because I'm not configuring JMX to be exposed on Tomcat itself. Or maybe I'm just entering the wrong info. Maybe both. Either way:
What do I need to do to configure this with proper JMX info?
What do I need to do to configure this properly for jstatd?
That's not how JMX connection is specified. For tomcat the best way is to create a bin/setenv.sh file This is best because the Apache scripts are already set up to look for it and call it if present.
This is the place where you are intended to set any installation specific parameters.
You will go far with something like this:
#
# PORT for debug
export JPDA_ADDRESS='8000'
echo start with 'jpda start' parameters to enable debugging. Tomcat will listen on $JPDA_ADDRESS
CATALINA_OPTS="\
-Dcom.sun.management.jmxremote \
-Dcom.sun.management.jmxremote.port=1299 \
-Dcom.sun.management.jmxremote.authenticate=true \
-Dcom.sun.management.jmxremote.password.file=../conf/jmxremote.password \
-Dcom.sun.management.jmxremote.access.file=../conf/jmxremote.access \
-Dcom.sun.management.jmxremote.ssl=false
jmxremote.access:
monitorRole readonly
controlRole readwrite
jmxremote.password: This file MUST be READONLY by the ID that starts Tomcat or JMX WILL NOT WORK! i.e. chmod 400 jmxremote.password
monitorRole readpass
controlRole changepass
Basically you are setting up 2 JMX user IDs. One that can access exposed getters. The other that can also access setters and arbitary mbean methods. In practice you'll usually want to supply the latter so you can do more than just look.
SO....
In your dialog above it becomes
Connection: myapp01.example.org:1299
Username: controlRole
Password: changepass
I have a Java application which is running as non root mode.
My App will create a TFTP server (using apache commons tftp). TFTP server is bind to port 69(Default TFTP port). When running the app from IDE everything works fine since the IDE running as root. But if the app is run from other user i get the error
java.net.BindException: Permission denied
It is clear that for non root user i can not open the port. Is there a workaround for this issue?
For binding on Linux of ports less that 1024 you need to application to run a root. There is no way around this. If you need to do this you have you run as root. sudo might be the command to look into.
BTW - Running your IDE as root is not a very good idea.
To resolve this issue. You can use setuid() and setfid() system calls. So that you can temporarily elevate the permissions and then drop the permission back to user permissions.
In my Case, this problem happened in Solaris 11 OS. I added privileges to user to use the ports under 1024.
https://technicalsanctuary.wordpress.com/2014/06/03/allowing-a-user-to-use-ports-under-1024-on-solaris-11/