I have Rundeck installed on an instance that is on a VPC in Amazon AWS. This isn't the default VPC - it is one I have created with different subnets and security groups. My issue is this: Rundeck runs and acts fine except when sending email. I get this error:
2014-10-01 18:05:42,758 [quartzScheduler_Worker-2] ERROR grails.app.services.rundeck.services.NotificationService - Error sending notification email to email#domain.com for Execution 109: Mail server connection failed; nested exception is javax.mail.MessagingException: 501 5.0.0 HELO requires domain address . Failed messages: javax.mail.MessagingException: 501 5.0.0 HELO requires domain address
This is only when the instance is created in my VPC. It is in a public subnet that accesses the internet directly via an internet gateway so it has no Nat instance between it. ACLs are default for this subnet, and the security group is set to allow all outbound.
The weird thing is this works in the Amazon default VPC, but not in my created one. They are setup the exact same. Only difference is IP range obviously - both have public IPs and the security groups are setup the same. Sendmail can send email, but Java appears to not be able to.
Any ideas on what the issue is? I've tried a few things and I am stumped.
I couldn't get it to work with Amazon SES, but I did get it to work with Gmail smtp by using the Rundeck groovy config located here: https://gist.github.com/gschueler/5707281
Related
I am using Simple Java Mail API in order to send emails from my Spring Boot application. The app's owner was my colleague who doesn't work with me now. In my application.properties file I have the following config
simplejavamail:
smtp:
host: 172.28.94.229
port: 25
javaxmail:
The question is that I can't understand what host is this? Which server my emails go to? Is this something provided by Simple Java Mail, but I couldn't find anything in their documentation.
This IP address is not publicly routable on the Internet but is reserved and used for private or local networks.
For you information the following IPv4 address spaces are not Internet routable:
10.0.0.0/8 IP addresses: 10.0.0.0 – 10.255.255.255
172.16.0.0/12 IP addresses: 172.16.0.0 – 172.31.255.255
192.168.0.0/16 IP addresses: 192.168.0.0 – 192.168.255.255
You can try the following command
telnet 172.28.94.229 25
and see if you get a timeout (meaning that no service is listening on that IP/Port) or you are connected to some service.
If this IP/Port exists and you get a connection opened, then you should ask your company's system admin for more information on that SMTP server.
If you cannot get connected, maybe this is just a mock / not real SMTP server.
Problem:
how to resolve host name of kubernetes pod?
I have the Following requirement we are using grpc with java where we have one app where we are running out grpc server other app where we are creating grpc client and connecting to grpc server (that is running on another pod).
We have three kubernetes pod running where our grpc server is running.
lets say :
my-service-0, my-service-1, my-service-2
my-service has a cluster IP as: 10.44.5.11
We have another three kubernetes pod running where our gprc client is running.
lets say:
my-client-0, my-client-1, my-client-2
Without Security:
i am try to connect grpc server pod with grpc client pod and it work fine.
grpc client (POD -> my-client) ----------------> groc server(POD -> my-service)
So without security i am giving host name as my-service and it's working fine without any problem..
ManagedChannel channel = ManagedChannelBuilder.forAddress("my-service", 50052)
.usePlaintext()
.build();
With SSL Security:
if i try to connect grpc server it will throw host name not match.
we have created a certificate with wild card *.default.pod.cluster.local
it will throw the below error:
java.security.cert.CertificateException: No name matching my-service found
at java.base/sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:225) ~[na:na]
at java.base/sun.security.util.HostnameChecker.match(HostnameChecker.java:98) ~[na:na]
at java.base/sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455) ~[na:na]
Not Working Code:
ManagedChannel channel = NettyChannelBuilder.forAddress("my-service", 50052)
.sslContext(GrpcSslContexts.forClient().trustManager(new File(System.getenv("GRPC_CLIENT_CA_CERT_LOCATION"))).build())
.build();
but if i give the host name as like this ==> 10-44-5-11.default.pod.cluster.local it will work fine correctly.
Working Code
ManagedChannel channel = NettyChannelBuilder.forAddress("10-44-5-11.default.pod.cluster.local", 50052)
.sslContext(GrpcSslContexts.forClient().trustManager(new File(System.getenv("GRPC_CLIENT_CA_CERT_LOCATION"))).build())
.build();
Now my problem is cluster ip of pod is dynamic and it will change every time during app deploy. what is the right way to resolve this host name?
is it possible if i give host name and it will return me the ip then i will append default.pod.cluster.local to hostname and try to connect to grpc server?
Addressing your pod directly is not a good solution since Kubernetes may need to move your pods around the cluster. This can occur for example because of the failing node.
To allow you clients/traffic to easy find desired containers you can place them behind a service with single static IP address. Service IP can be look up through DNS.
This is how you can connect to the service through it`s FQDN:
my-service.default.svc.cluster.local
Where my-service is your service name, default for your namespace and svc.cluster.local is a configurable cluster domain suffix used in all cluster services.
It's worth to know that you can skip svc.cluster.local suffix and even the namespace if the pods are in the same namespace. So you'll just refer to the service as my-service.
For more you can check K8s documents about DNS.
Recently i am working with DNS RR.I have DNS Server with domain Name configured with two Ip where apache httpd services are running...
DNS Server :xx.xx.xx.58,Domain Name:xxx.xxx.sam.com,httpdNode1 :xx.xx.xx.21,htttpdNode2 :xx.xx.xx.22.
From client machine xx.xx.xx.27 ping to xxx.xxx.sam.com working fine ,nslookup xxx.xxx.sam.com also giving valid results and wget to https:\xxx.xxx.sam.com:80\service?wsdl also working and returning success.
but in my java wsdl client when i try to access https:\xxx.xxx.sam.com:80\service?wsdl its not able to resolve and saying unknown host.what is missed here?
As of now DNS Server is window based but all nodes having Redhat Linux OS
I have set up WSO2API manager on EC2 server and using nginx for serving requests.
If I access https://example.com/carbon with my domain ssl, it works fine. and I got the verified indication on browser URL.
But when i access https://example.com:9443/store/forum it gives me SSL error at the top. When I investigate the issue i found "Common name as localhost"
How to solve this issues?
I installed LDAP server on my virtual machine(centOS) running on windows, now I want to access it from windows
So how do I enable remote access to LDAP server.
I tried installing 389 Directory Server (which is actually meant for fedora), on some forum I heard its a easy GUI to do the command line jobs easily, but I did not find the option to enable the remote login or any ip filters.
Note:
I am trying to use Java to login the LDAP server for authentication and authorization, for that I am using unboundid api
You can suggest which api should I use, I am just a beginner.
Update:
my java code
LDAPConnection ldap = new LDAPConnection("http://xxx.xx.xx.xxx", 9830);
error
an error occurred while attempting to connect to server http://xxx.xx.xx.xxx:9830: java.io.IOException: An error occurred while attempting to establish a connection to server http://xxx.xx.xx.xxx:9830: java.net.UnknownHostException: http://xxx.xx.xx.xxx')
I also tried ldap://xxx.xx.xx.xxx instead of http://xxx.xx.xx.xxx
Don't specify the server address as a URL. Just specify the address as either an IP address or resolvable name. So instead of "http://xxx.xx.xx.xxx" just use "xxx.xx.xx.xxx".