[Box-Admins] squeaksource.com move to Rackspace

Tobias Pape Das.Linux at gmx.de
Tue Oct 4 12:24:47 UTC 2016 

On 04.10.2016, at 12:35, David T. Lewis <lewis at mail.msen.com> wrote:

> Tobias,
> 
> Thanks for your patient explanation.
> 
> To summarize in case anyone else needs this for reference:
> 
> 1) I made a .ssh/config file containing the following:
> 
> Host ssh.squeak.org
>        User ssh
>        Port 1022
> 
> Host *.box.squeak.org
>        User davidlewis
>        ProxyCommand ssh -W %h:%p ssh.squeak.org
> 
> 2) I connected to the 'dan' server with the following command, which makes
> and interactive login to dan, and also sets up the port forwarding for the
> two additional ports (8888 and 5900) that I wanted to test:
> 
>  ssh -L8888:localhost:8888 -L5900:localhost:5900 dan.box.squeak.org
> 
> 3) With the above shell session active, I can connect to the web server
> on port 8888 on server dan with http://localhost:8080, and I can connect
> to a VNC server on dan by connecting to VNC display 0 on localhost.
> 
> (Note - the actual squeaksource.com image will use VNC display 1, so
> port 5901 rather than 5900)
> 

Thanks for the summary. It's completely correct.

Best regards
	-Tobias

> Thanks,
> Dave
> 
> 
> On Tue, Oct 04, 2016 at 09:26:45AM +0200, Tobias Pape wrote:
>> Hi Dave
>> 
>> 
>> On 04.10.2016, at 03:49, David T. Lewis <lewis at mail.msen.com> wrote:
>> 
>>> Hi Tobias,
>>> 
>>> I am now running a test image on 'dan' that is listening for http connections
>>> on port 8888, and for VNC connections on 5900. I installed telnet on 'dan' so
>>> that I can verify that both listening ports are active on the server. But
>>> I am unable to make TCP connections to either port from an outside machine.
>> 
>> That is expected.
>> BTW: You can use netstat to see who is listening where:
>> 
>> # netstat -neptl
>> Active Internet connections (only servers)
>> Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode       PID/Program name
>> tcp        0      0 10.176.197.150:22       0.0.0.0:*               LISTEN      0          20788       7726/sshd       
>> tcp        0      0 0.0.0.0:8888            0.0.0.0:*               LISTEN      1003       566790      30950/squeakvm  
>> tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      0          17561       6275/exim4      
>> tcp        0      0 0.0.0.0:5900            0.0.0.0:*               LISTEN      1003       546769      30950/squeakvm  
>> tcp6       0      0 ::1:25                  :::*                    LISTEN      0          17562       6275/exim4      
>> 
>> Next, ufw will tell you which ports are open:
>> 
>> # ufw status verbose
>> Status: active
>> Logging: on (low)
>> Default: deny (incoming), allow (outgoing)
>> New profiles: skip
>> 
>> To                         Action      From
>> --                         ------      ----
>> 10.176.197.150 22/tcp      ALLOW IN    10.0.0.0/8
>> 10.176.197.150 8888/tcp    ALLOW IN    10.0.0.0/8
>> 
>> 
>>> 
>>> I assume that I am missing some sort of port forwarding configuration, but
>>> nothing I have tried so far has worked. Ideally I would like to connect to
>>> the web server with http://104.130.170.38:8888 and use SSH local forwards
>>> for the VNC connection.
>> 
>> The web server variant via http://104.130.170.38:8888 is not intended.
>> Please lets have as few ports open to the public as possible.
>> But there's help:
>> 
>>> 
>>> Could you please try making connections to those two ports on 'dan' and
>>> let me know the specific ssh port forwarding commands that made it work?
>> 
>> so, this works for me:
>> 
>> ssh -L8888:localhost:8888 -L5900:localhost:5900 dan.box.squeak.org
>> 
>> (given the ssh config outlined some days ago, otherwise it is
>> 
>> ssh -L8888:localhost:8888 -L5900:localhost:5900 -o ProxyCommand "ssh -W %h:%p ss at ssh.squeak.org:10225" 10.176.197.150
>> )
>> 
>> you can then see squeaksource on localhost:8888 and the VNC on Display 0 on localhost.
>> 
>> Best regards
>> 	-Tobias
>> 
>> 
>> 
>> 
>>> 
>>> Thanks,
>>> Dave
>>> 
>>> On Mon, Oct 03, 2016 at 08:40:30PM +0200, Tobias Pape wrote:
>>>> 
>>>> On 03.10.2016, at 01:25, David T. Lewis <lewis at mail.msen.com> wrote:
>>>> 
>>>>> On Wed, Sep 28, 2016 at 11:31:36AM +0200, Tobias Pape wrote:
>>>>>> 
>>>>>> with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace.
>>>>>> Here's the overview:
>>>>>> 
>>>>>> =======================================================================================================================
>>>>>> Name 	Name (ext)	intended use	Unix Users	Public Ports	Private Ports	Public IPv4	Private IPv4
>>>>>> -----------------------------------------------------------------------------------------------------------------------
>>>>>> ian	ssh.squeak.org	ssh-gateway	ssh     	1022    	22      	104.130.6.82	10.208.225.29
>>>>>> alan	*.squeak.org	webserver	webteam  	80, 443  	22      	104.239.229.92	10.176.200.8
>>>>>> adele	lists....	mailinglists	(tbd)   	25, 587, 465	22, 8080	162.242.237.43	10.208.160.56
>>>>>> andreas	--------	source.squeak	chrismuller*	--------	22, 8080	irrelevant	10.208.161.222
>>>>>> dan	--------	squeaksource	davidlewis*	--------	22, 8080	irrelevant	10.176.197.150
>>>>>> ted	--------	squeak wiki+map	(tbd)   	--------	22, 8080, 8081	irrelevant	10.176.130.111
>>>>>> david	--------	jenkins 	(tbd)   	--------	22, 8080	irrelevant	10.208.194.45
>>>>>> scott	--------	misc    	(tbd)   	--------	22, 8080, 8081	irrelevant	10.176.199.169
>>>>>> =======================================================================================================================
>>>>> 
>>>>> 
>>>>> I installed a new interpreter VM on dan, with the deb in /root/localdebs and
>>>>> notes added to /root/admin-log.txt:
>>>>> 
>>>>> ========================
>>>>> 20161002 davidlewis
>>>>> 
>>>>> Install 64-bit interpreter VM for squeaksource.com. This is an up to date
>>>>> VM compiled on my personal Ubuntu laptop according to instructions at
>>>>> http://wiki.squeak.org/squeak/6354, with "make deb" to create the local
>>>>> debian package installed here.
>>>>> 
>>>>> The debian install package is /root/localdebs/squeakvm_4.15.8-3749-1_amd64.deb
>>>>> 
>>>>> The run script is /usr/local/bin/squeak, as distinct from Cog/Spur VMs
>>>>> that are expected to be installed as /usr/bin/squeak.
>>>>> 
>>>>> ========================
>>>>> 
>>>>> This is the same as used on box3, except that it is a 64-bit VM to suit
>>>>> the new Rackspace server.
>>>>> 
>>>>> The squeaksource.com image serves on local port 8888 (not 8080). I would
>>>>> prefer to keep that convention so that the image can be copied directly
>>>>> from box3 without modification.
>>>>> 
>>>> 
>>>> 8888 is there now. 8080 gone.
>>>> 
>>>>> Is it possible to open some local ports on server dan during the transition
>>>>> period? It would be helpful if I could connect to 8888, 5900, and 5901 for
>>>>> the next couple of weeks or so.
>>>> 
>>>> Please use SSH local forwards for that.
>>>> 
>>>> like this: 
>>>> ssh -L5901:localhost:5901 dan.box.squeak.org
>>>> 
>>>> and then connect you VNC-viewer to Display 1 on localhost.
>>>> 
>>>> 
>>>>> 
>>>>> Thanks,
>>>>> Dave
>>>>>

More information about the Box-Admins mailing list