[Box-Admins] squeaksource.com move to Rackspace

David T. Lewis lewis at mail.msen.com
Tue Oct 4 10:35:42 UTC 2016 

Tobias,

Thanks for your patient explanation.

To summarize in case anyone else needs this for reference:

1) I made a .ssh/config file containing the following:

Host ssh.squeak.org
        User ssh
        Port 1022

Host *.box.squeak.org
        User davidlewis
        ProxyCommand ssh -W %h:%p ssh.squeak.org

2) I connected to the 'dan' server with the following command, which makes
and interactive login to dan, and also sets up the port forwarding for the
two additional ports (8888 and 5900) that I wanted to test:

  ssh -L8888:localhost:8888 -L5900:localhost:5900 dan.box.squeak.org

3) With the above shell session active, I can connect to the web server
on port 8888 on server dan with http://localhost:8080, and I can connect
to a VNC server on dan by connecting to VNC display 0 on localhost.

(Note - the actual squeaksource.com image will use VNC display 1, so
port 5901 rather than 5900)

Thanks,
Dave


On Tue, Oct 04, 2016 at 09:26:45AM +0200, Tobias Pape wrote:
> Hi Dave
> 
> 
> On 04.10.2016, at 03:49, David T. Lewis <lewis at mail.msen.com> wrote:
> 
> > Hi Tobias,
> > 
> > I am now running a test image on 'dan' that is listening for http connections
> > on port 8888, and for VNC connections on 5900. I installed telnet on 'dan' so
> > that I can verify that both listening ports are active on the server. But
> > I am unable to make TCP connections to either port from an outside machine.
> 
> That is expected.
> BTW: You can use netstat to see who is listening where:
> 
> # netstat -neptl
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode       PID/Program name
> tcp        0      0 10.176.197.150:22       0.0.0.0:*               LISTEN      0          20788       7726/sshd       
> tcp        0      0 0.0.0.0:8888            0.0.0.0:*               LISTEN      1003       566790      30950/squeakvm  
> tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      0          17561       6275/exim4      
> tcp        0      0 0.0.0.0:5900            0.0.0.0:*               LISTEN      1003       546769      30950/squeakvm  
> tcp6       0      0 ::1:25                  :::*                    LISTEN      0          17562       6275/exim4      
> 
> Next, ufw will tell you which ports are open:
> 
> # ufw status verbose
> Status: active
> Logging: on (low)
> Default: deny (incoming), allow (outgoing)
> New profiles: skip
> 
> To                         Action      From
> --                         ------      ----
> 10.176.197.150 22/tcp      ALLOW IN    10.0.0.0/8
> 10.176.197.150 8888/tcp    ALLOW IN    10.0.0.0/8
> 
> 
> > 
> > I assume that I am missing some sort of port forwarding configuration, but
> > nothing I have tried so far has worked. Ideally I would like to connect to
> > the web server with http://104.130.170.38:8888 and use SSH local forwards
> > for the VNC connection.
> 
> The web server variant via http://104.130.170.38:8888 is not intended.
> Please lets have as few ports open to the public as possible.
> But there's help:
> 
> > 
> > Could you please try making connections to those two ports on 'dan' and
> > let me know the specific ssh port forwarding commands that made it work?
> 
> so, this works for me:
> 
> ssh -L8888:localhost:8888 -L5900:localhost:5900 dan.box.squeak.org
> 
> (given the ssh config outlined some days ago, otherwise it is
> 
> ssh -L8888:localhost:8888 -L5900:localhost:5900 -o ProxyCommand "ssh -W %h:%p ss at ssh.squeak.org:10225" 10.176.197.150
> )
> 
> you can then see squeaksource on localhost:8888 and the VNC on Display 0 on localhost.
> 
> Best regards
> 	-Tobias
> 
> 
> 
> 
> > 
> > Thanks,
> > Dave
> > 
> > On Mon, Oct 03, 2016 at 08:40:30PM +0200, Tobias Pape wrote:
> >> 
> >> On 03.10.2016, at 01:25, David T. Lewis <lewis at mail.msen.com> wrote:
> >> 
> >>> On Wed, Sep 28, 2016 at 11:31:36AM +0200, Tobias Pape wrote:
> >>>> 
> >>>> with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace.
> >>>> Here's the overview:
> >>>> 
> >>>> =======================================================================================================================
> >>>> Name 	Name (ext)	intended use	Unix Users	Public Ports	Private Ports	Public IPv4	Private IPv4
> >>>> -----------------------------------------------------------------------------------------------------------------------
> >>>> ian	ssh.squeak.org	ssh-gateway	ssh     	1022    	22      	104.130.6.82	10.208.225.29
> >>>> alan	*.squeak.org	webserver	webteam  	80, 443  	22      	104.239.229.92	10.176.200.8
> >>>> adele	lists....	mailinglists	(tbd)   	25, 587, 465	22, 8080	162.242.237.43	10.208.160.56
> >>>> andreas	--------	source.squeak	chrismuller*	--------	22, 8080	irrelevant	10.208.161.222
> >>>> dan	--------	squeaksource	davidlewis*	--------	22, 8080	irrelevant	10.176.197.150
> >>>> ted	--------	squeak wiki+map	(tbd)   	--------	22, 8080, 8081	irrelevant	10.176.130.111
> >>>> david	--------	jenkins 	(tbd)   	--------	22, 8080	irrelevant	10.208.194.45
> >>>> scott	--------	misc    	(tbd)   	--------	22, 8080, 8081	irrelevant	10.176.199.169
> >>>> =======================================================================================================================
> >>> 
> >>> 
> >>> I installed a new interpreter VM on dan, with the deb in /root/localdebs and
> >>> notes added to /root/admin-log.txt:
> >>> 
> >>>  ========================
> >>>  20161002 davidlewis
> >>> 
> >>>  Install 64-bit interpreter VM for squeaksource.com. This is an up to date
> >>>  VM compiled on my personal Ubuntu laptop according to instructions at
> >>>  http://wiki.squeak.org/squeak/6354, with "make deb" to create the local
> >>>  debian package installed here.
> >>> 
> >>>  The debian install package is /root/localdebs/squeakvm_4.15.8-3749-1_amd64.deb
> >>> 
> >>>  The run script is /usr/local/bin/squeak, as distinct from Cog/Spur VMs
> >>>  that are expected to be installed as /usr/bin/squeak.
> >>> 
> >>>  ========================
> >>> 
> >>> This is the same as used on box3, except that it is a 64-bit VM to suit
> >>> the new Rackspace server.
> >>> 
> >>> The squeaksource.com image serves on local port 8888 (not 8080). I would
> >>> prefer to keep that convention so that the image can be copied directly
> >>> from box3 without modification.
> >>> 
> >> 
> >> 8888 is there now. 8080 gone.
> >> 
> >>> Is it possible to open some local ports on server dan during the transition
> >>> period? It would be helpful if I could connect to 8888, 5900, and 5901 for
> >>> the next couple of weeks or so.
> >> 
> >> Please use SSH local forwards for that.
> >> 
> >> like this: 
> >> ssh -L5901:localhost:5901 dan.box.squeak.org
> >> 
> >> and then connect you VNC-viewer to Display 1 on localhost.
> >> 
> >> 
> >>> 
> >>> Thanks,
> >>> Dave
> >>>

More information about the Box-Admins mailing list