[Box-Admins] squeaksource.com move to Rackspace

Tobias Pape Das.Linux at gmx.de
Tue Oct 4 07:26:45 UTC 2016 

Hi Dave


On 04.10.2016, at 03:49, David T. Lewis <lewis at mail.msen.com> wrote:

> Hi Tobias,
> 
> I am now running a test image on 'dan' that is listening for http connections
> on port 8888, and for VNC connections on 5900. I installed telnet on 'dan' so
> that I can verify that both listening ports are active on the server. But
> I am unable to make TCP connections to either port from an outside machine.

That is expected.
BTW: You can use netstat to see who is listening where:

# netstat -neptl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode       PID/Program name
tcp        0      0 10.176.197.150:22       0.0.0.0:*               LISTEN      0          20788       7726/sshd       
tcp        0      0 0.0.0.0:8888            0.0.0.0:*               LISTEN      1003       566790      30950/squeakvm  
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      0          17561       6275/exim4      
tcp        0      0 0.0.0.0:5900            0.0.0.0:*               LISTEN      1003       546769      30950/squeakvm  
tcp6       0      0 ::1:25                  :::*                    LISTEN      0          17562       6275/exim4      

Next, ufw will tell you which ports are open:

# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip

To                         Action      From
--                         ------      ----
10.176.197.150 22/tcp      ALLOW IN    10.0.0.0/8
10.176.197.150 8888/tcp    ALLOW IN    10.0.0.0/8


> 
> I assume that I am missing some sort of port forwarding configuration, but
> nothing I have tried so far has worked. Ideally I would like to connect to
> the web server with http://104.130.170.38:8888 and use SSH local forwards
> for the VNC connection.

The web server variant via http://104.130.170.38:8888 is not intended.
Please lets have as few ports open to the public as possible.
But there's help:

> 
> Could you please try making connections to those two ports on 'dan' and
> let me know the specific ssh port forwarding commands that made it work?

so, this works for me:

ssh -L8888:localhost:8888 -L5900:localhost:5900 dan.box.squeak.org

(given the ssh config outlined some days ago, otherwise it is

ssh -L8888:localhost:8888 -L5900:localhost:5900 -o ProxyCommand "ssh -W %h:%p ss at ssh.squeak.org:10225" 10.176.197.150
)

you can then see squeaksource on localhost:8888 and the VNC on Display 0 on localhost.

Best regards
	-Tobias




> 
> Thanks,
> Dave
> 
> On Mon, Oct 03, 2016 at 08:40:30PM +0200, Tobias Pape wrote:
>> 
>> On 03.10.2016, at 01:25, David T. Lewis <lewis at mail.msen.com> wrote:
>> 
>>> On Wed, Sep 28, 2016 at 11:31:36AM +0200, Tobias Pape wrote:
>>>> 
>>>> with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace.
>>>> Here's the overview:
>>>> 
>>>> =======================================================================================================================
>>>> Name 	Name (ext)	intended use	Unix Users	Public Ports	Private Ports	Public IPv4	Private IPv4
>>>> -----------------------------------------------------------------------------------------------------------------------
>>>> ian	ssh.squeak.org	ssh-gateway	ssh     	1022    	22      	104.130.6.82	10.208.225.29
>>>> alan	*.squeak.org	webserver	webteam  	80, 443  	22      	104.239.229.92	10.176.200.8
>>>> adele	lists....	mailinglists	(tbd)   	25, 587, 465	22, 8080	162.242.237.43	10.208.160.56
>>>> andreas	--------	source.squeak	chrismuller*	--------	22, 8080	irrelevant	10.208.161.222
>>>> dan	--------	squeaksource	davidlewis*	--------	22, 8080	irrelevant	10.176.197.150
>>>> ted	--------	squeak wiki+map	(tbd)   	--------	22, 8080, 8081	irrelevant	10.176.130.111
>>>> david	--------	jenkins 	(tbd)   	--------	22, 8080	irrelevant	10.208.194.45
>>>> scott	--------	misc    	(tbd)   	--------	22, 8080, 8081	irrelevant	10.176.199.169
>>>> =======================================================================================================================
>>> 
>>> 
>>> I installed a new interpreter VM on dan, with the deb in /root/localdebs and
>>> notes added to /root/admin-log.txt:
>>> 
>>>  ========================
>>>  20161002 davidlewis
>>> 
>>>  Install 64-bit interpreter VM for squeaksource.com. This is an up to date
>>>  VM compiled on my personal Ubuntu laptop according to instructions at
>>>  http://wiki.squeak.org/squeak/6354, with "make deb" to create the local
>>>  debian package installed here.
>>> 
>>>  The debian install package is /root/localdebs/squeakvm_4.15.8-3749-1_amd64.deb
>>> 
>>>  The run script is /usr/local/bin/squeak, as distinct from Cog/Spur VMs
>>>  that are expected to be installed as /usr/bin/squeak.
>>> 
>>>  ========================
>>> 
>>> This is the same as used on box3, except that it is a 64-bit VM to suit
>>> the new Rackspace server.
>>> 
>>> The squeaksource.com image serves on local port 8888 (not 8080). I would
>>> prefer to keep that convention so that the image can be copied directly
>>> from box3 without modification.
>>> 
>> 
>> 8888 is there now. 8080 gone.
>> 
>>> Is it possible to open some local ports on server dan during the transition
>>> period? It would be helpful if I could connect to 8888, 5900, and 5901 for
>>> the next couple of weeks or so.
>> 
>> Please use SSH local forwards for that.
>> 
>> like this: 
>> ssh -L5901:localhost:5901 dan.box.squeak.org
>> 
>> and then connect you VNC-viewer to Display 1 on localhost.
>> 
>> 
>>> 
>>> Thanks,
>>> Dave
>>>

More information about the Box-Admins mailing list