Note that I'm newbie in Argo tunnel
I have several servers in different locations and only a set of them exposed to the internet. (Lets say there is two sets, backend and frontend.
I want to coonect from frontend to backend using Argo tunnel like they are on the same machine. Lets say, I have setup Nginx with proxy_pass http://backendde:8008! Now, backendde is a name for one of my backends. (or set an IP like 10.25.36.1)
Maybe, my question can be: "How can I expose one server to another using Argo tunnel?"
Note that I cant edit /etc/hosts (its a PaaS/kubernate) so, I have to assign a fixed local IP for each instance.
I have this
/root/cloudflared tunnel --no-autoupdate run --token $TUNNEL_TOKEN --protocol http2 $TUNNEL_NAME
and I dont know how to set a fixed IP for my instances and then call this IP from another server (with argo setup)
Thanks in advance
what you want to do is called "connecting private networks" on Argo tunnels lingo.
You will need to deploy a "WARP" client on one end, and a cloudflared daemon on the other end, to be able to route traffic on the cloudflare edge network (without exposing the host to the internet).
See details here:
https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/connect-private-networks/
Related
I have an application written in node js which is using multiple outgoing IPs to make requests to website. Basically, I want to make requests to some website with different IPs, which I have assigned to my VPS. I want to containerize my application with docker, but docker only has access to the main IP from the host machine and I was not able to assign my other IPs to that container. I've tried many things and been stuck on that problem for days...
IPv4 address for enp1s0: xxx.xx.xxx.70
IPv4 address for enp1s0: xxx.xxx.x.145
IPv4 address for enp1s0: xxx.xxx.xxx.154
I need to be able to select one of these IPs from node js application inside docker container and me an HTTP request with it.
Also if what I said is not possible it is also acceptable to assign each IP to each container (so 3 containers in total with different outgoing IPs). But this is not ideal. I'm looking for a painless way of doing this since I want to be able to pre-configure my apps and docker-compose to automate most of this work.
Could deploy Bosh and small footprint tanzu application service(tas) in Azure, without using the domains.All Vms are running.Can i access the ccapi and apps manager with the IP address instead of the api.SYSTEMDOMAIN?
The short answer is no. You really, really want to have DNS set up properly.
Here's the long answer that is more nuanced.
All requests to your foundation go through the Gorouter. Gorouter will take the incoming request, look at the Host header and use that to determine where to send the request. This happens the same for system services like CAPI and UAA as it does for apps you deploy to the foundation.
DNS is a requirement because of the Host header. A browser trying to access CAPI or an application on your foundation is going to set the Host header based on the DNS entry you type into your browser's address bar. The cf CLI is going to do the same thing.
There are some ways to work around this:
If you are strictly using a client like curl where you can set the Host header to arbitrary values. In that way, you could set the host header to api.system_domain and at the same time connect to the IP address of your foundation. That's not a very elegant way to use CF though.
You can manually set entries in your /etc/hosts` (or similar on Windows). This is basically a way to override DNS resolution and supply your own custom IP.
You would need to do this for uaa.system_domain, login.system_domain, api.system_domain and any host names you want to use for apps deployed to your foundation, like my-super-cool-app.apps_domain. These should all point to the IP of the load balancer that's in front of your pool of Gorouters.
If you add enough entries into /etc/hosts you can make the cf CLI work. I have done this on occasion to bypass the load balancer layer for troubleshooting purposes.
Where this won't work is on systems where you can't edit /etc/hosts, like customers or external users of software running on your foundation or if you're trying to deploy apps on your foundation that talk to each other using routes on CF (because you can't edit /etc/hosts in the container). Like if you have app-a.apps_domain and app-b.apps_domain and app-a needs to talk to app-b. That won't work because you have no DNS resolution for apps_domain.
You can probably make app-to-app communication work if you are able to use container-to-container networking and the apps.internal domain though. The resolution for that domain is provided by Bosh DNS. You have to be aware of this difference though when deploying your apps and map routes on the apps.internal domain, as well as setting network policy to allow traffic to flow between the two.
Anyway, there might be other hiccups. This is just off the top of my head. You can see it's a lot better if you can set up DNS.
The most easy way to achieve a portable solution is a service like xip.io that will work out of the box. I have setup and run a lot of PoCs that way, when wildcard DNS was something that enterprise IT was still oblivious about.
It works like this (excerpt from their site):
What is xip.io?
xip.io is a magic domain name that provides wildcard DNS
for any IP address. Say your LAN IP address is 10.0.0.1.
Using xip.io,
10.0.0.1.xip.io resolves to 10.0.0.1
www.10.0.0.1.xip.io resolves to 10.0.0.1
mysite.10.0.0.1.xip.io resolves to 10.0.0.1
foo.bar.10.0.0.1.xip.io resolves to 10.0.0.1
...and so on. You can use these domains to access virtual
hosts on your development web server from devices on your
local network, like iPads, iPhones, and other computers.
No configuration required!
Well i have a machine and i want to do a very simple thing, on this machine i have 3 DNS records,
for example 111.111.111.111 is the ip of the machine itself
test1.whatever.net - 111.111.111.111
test2.whatever.net - 111.111.111.111
test3.whatever.net - 111.111.111.111
We would like the traffic coming through each DNS record to be
handled by each corresponding service.
Create 3 very simple scripts that act as a website using any language
or platform (suggested NodeJs), that echo the name of the service
when calling the DNS record (e.g. "service1", "service2" and
"service3").
how do i do that?
All of the services must run on port 80
The machine is AWS Linux 2
What http server are you using?
Usually you can solve this issue with creating virtual hosts. In Apache it would look like this: https://httpd.apache.org/docs/2.4/vhosts/examples.html
There you can define, based on the DNS request, which folder the webserver should use to present the client.
Another option, but this might be more complex, when you setup an nginx proxy. https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
I am trying to build a local test environment where my local devices will point to a different environment than production. The easiest way for me to do this is to point the device to a server that will map all routes to the production endpoint, to the staging endpoint.
How can I point my router to a Node.js instance, and use the Node.js instance as the DNS server?
It sounds like you're basically wanting to set up a (temporary?) alias for a host name on your local network so that all devices on your network use that alias. For example, today I might want to go to http://application.example.com and access the development version; tomorrow I will want to go to the same address and access the testing version.
There are a couple of different ways to do this:
Add a proxy - this will take HTTP requests for one host and route them to a different host. You could do this with a virtual machine, a Docker container, or directly on the development/testing machine. All you need to do is point your application domain at the proxy and configure the proxy to send the requests to the server you want.
Configure your router to serve the test environment IP address - some routers permit you to add host names to the DNS configuration. This would allow you to simply switch the IP address for the test and development environments as needed, while keeping the same host name.
Add a DNS server to your local network - this is basically the same as the item above, except that it gives you much more control (and is more difficult to configure).
All of these will take some work to set up and will depend very much on your server and network setup.
I am currently using a very simple OpenVPN setup where I connect from different devices to a OpenVPN server and then access a website that is being hosted by an Apache Server running on the same system. To reach that server, I have to use its IPv4 adress inside the VPN (e.g. 10.1.0.1).
I would like to use a 'real' name like myserver.local. Is there a way to do this without setting up a DNS server? Can the OpenVPN-Client maybe just add an entry to the local hosts-file?
Not without setting up a DNS server, but getting one to work is very easy and can be restricted behind the VPN.
I am using dnsmasq on Ubuntu 14.04 for exactly this purpose. Just install it and add all your hosts to the /etc/hosts-File in the following way:
# Clients on the VPN
10.8.0.1 vpn.lan vpn.lan
10.8.0.8 service1.lan service1
10.8.0.6 service2.lan service2
You can restrict dnsmasq, that it only listens to the tun0-Interface of OpenVPN by adding interface=tun0 to /etc/dnsmasq.conf. You can push the DNS server to your clients by adding push "dhcp-option DNS 10.8.0.1" to your /etc/openvpn/server.conf.
The downside of this solution is, that you have to add every server to /etc/hosts, but for a couple of servers I think it's ok.