[Box-Admins] squeaksource.com move to Rackspace
Tobias Pape
Das.Linux at gmx.de
Tue Oct 4 12:24:47 UTC 2016
On 04.10.2016, at 12:35, David T. Lewis <lewis at mail.msen.com> wrote:
> Tobias,
>
> Thanks for your patient explanation.
>
> To summarize in case anyone else needs this for reference:
>
> 1) I made a .ssh/config file containing the following:
>
> Host ssh.squeak.org
> User ssh
> Port 1022
>
> Host *.box.squeak.org
> User davidlewis
> ProxyCommand ssh -W %h:%p ssh.squeak.org
>
> 2) I connected to the 'dan' server with the following command, which makes
> and interactive login to dan, and also sets up the port forwarding for the
> two additional ports (8888 and 5900) that I wanted to test:
>
> ssh -L8888:localhost:8888 -L5900:localhost:5900 dan.box.squeak.org
>
> 3) With the above shell session active, I can connect to the web server
> on port 8888 on server dan with http://localhost:8080, and I can connect
> to a VNC server on dan by connecting to VNC display 0 on localhost.
>
> (Note - the actual squeaksource.com image will use VNC display 1, so
> port 5901 rather than 5900)
>
Thanks for the summary. It's completely correct.
Best regards
-Tobias
> Thanks,
> Dave
>
>
> On Tue, Oct 04, 2016 at 09:26:45AM +0200, Tobias Pape wrote:
>> Hi Dave
>>
>>
>> On 04.10.2016, at 03:49, David T. Lewis <lewis at mail.msen.com> wrote:
>>
>>> Hi Tobias,
>>>
>>> I am now running a test image on 'dan' that is listening for http connections
>>> on port 8888, and for VNC connections on 5900. I installed telnet on 'dan' so
>>> that I can verify that both listening ports are active on the server. But
>>> I am unable to make TCP connections to either port from an outside machine.
>>
>> That is expected.
>> BTW: You can use netstat to see who is listening where:
>>
>> # netstat -neptl
>> Active Internet connections (only servers)
>> Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
>> tcp 0 0 10.176.197.150:22 0.0.0.0:* LISTEN 0 20788 7726/sshd
>> tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 1003 566790 30950/squeakvm
>> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 0 17561 6275/exim4
>> tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 1003 546769 30950/squeakvm
>> tcp6 0 0 ::1:25 :::* LISTEN 0 17562 6275/exim4
>>
>> Next, ufw will tell you which ports are open:
>>
>> # ufw status verbose
>> Status: active
>> Logging: on (low)
>> Default: deny (incoming), allow (outgoing)
>> New profiles: skip
>>
>> To Action From
>> -- ------ ----
>> 10.176.197.150 22/tcp ALLOW IN 10.0.0.0/8
>> 10.176.197.150 8888/tcp ALLOW IN 10.0.0.0/8
>>
>>
>>>
>>> I assume that I am missing some sort of port forwarding configuration, but
>>> nothing I have tried so far has worked. Ideally I would like to connect to
>>> the web server with http://104.130.170.38:8888 and use SSH local forwards
>>> for the VNC connection.
>>
>> The web server variant via http://104.130.170.38:8888 is not intended.
>> Please lets have as few ports open to the public as possible.
>> But there's help:
>>
>>>
>>> Could you please try making connections to those two ports on 'dan' and
>>> let me know the specific ssh port forwarding commands that made it work?
>>
>> so, this works for me:
>>
>> ssh -L8888:localhost:8888 -L5900:localhost:5900 dan.box.squeak.org
>>
>> (given the ssh config outlined some days ago, otherwise it is
>>
>> ssh -L8888:localhost:8888 -L5900:localhost:5900 -o ProxyCommand "ssh -W %h:%p ss at ssh.squeak.org:10225" 10.176.197.150
>> )
>>
>> you can then see squeaksource on localhost:8888 and the VNC on Display 0 on localhost.
>>
>> Best regards
>> -Tobias
>>
>>
>>
>>
>>>
>>> Thanks,
>>> Dave
>>>
>>> On Mon, Oct 03, 2016 at 08:40:30PM +0200, Tobias Pape wrote:
>>>>
>>>> On 03.10.2016, at 01:25, David T. Lewis <lewis at mail.msen.com> wrote:
>>>>
>>>>> On Wed, Sep 28, 2016 at 11:31:36AM +0200, Tobias Pape wrote:
>>>>>>
>>>>>> with retroactive blessing of Levente, I have now prepared eight VMs on Rackspace.
>>>>>> Here's the overview:
>>>>>>
>>>>>> =======================================================================================================================
>>>>>> Name Name (ext) intended use Unix Users Public Ports Private Ports Public IPv4 Private IPv4
>>>>>> -----------------------------------------------------------------------------------------------------------------------
>>>>>> ian ssh.squeak.org ssh-gateway ssh 1022 22 104.130.6.82 10.208.225.29
>>>>>> alan *.squeak.org webserver webteam 80, 443 22 104.239.229.92 10.176.200.8
>>>>>> adele lists.... mailinglists (tbd) 25, 587, 465 22, 8080 162.242.237.43 10.208.160.56
>>>>>> andreas -------- source.squeak chrismuller* -------- 22, 8080 irrelevant 10.208.161.222
>>>>>> dan -------- squeaksource davidlewis* -------- 22, 8080 irrelevant 10.176.197.150
>>>>>> ted -------- squeak wiki+map (tbd) -------- 22, 8080, 8081 irrelevant 10.176.130.111
>>>>>> david -------- jenkins (tbd) -------- 22, 8080 irrelevant 10.208.194.45
>>>>>> scott -------- misc (tbd) -------- 22, 8080, 8081 irrelevant 10.176.199.169
>>>>>> =======================================================================================================================
>>>>>
>>>>>
>>>>> I installed a new interpreter VM on dan, with the deb in /root/localdebs and
>>>>> notes added to /root/admin-log.txt:
>>>>>
>>>>> ========================
>>>>> 20161002 davidlewis
>>>>>
>>>>> Install 64-bit interpreter VM for squeaksource.com. This is an up to date
>>>>> VM compiled on my personal Ubuntu laptop according to instructions at
>>>>> http://wiki.squeak.org/squeak/6354, with "make deb" to create the local
>>>>> debian package installed here.
>>>>>
>>>>> The debian install package is /root/localdebs/squeakvm_4.15.8-3749-1_amd64.deb
>>>>>
>>>>> The run script is /usr/local/bin/squeak, as distinct from Cog/Spur VMs
>>>>> that are expected to be installed as /usr/bin/squeak.
>>>>>
>>>>> ========================
>>>>>
>>>>> This is the same as used on box3, except that it is a 64-bit VM to suit
>>>>> the new Rackspace server.
>>>>>
>>>>> The squeaksource.com image serves on local port 8888 (not 8080). I would
>>>>> prefer to keep that convention so that the image can be copied directly
>>>>> from box3 without modification.
>>>>>
>>>>
>>>> 8888 is there now. 8080 gone.
>>>>
>>>>> Is it possible to open some local ports on server dan during the transition
>>>>> period? It would be helpful if I could connect to 8888, 5900, and 5901 for
>>>>> the next couple of weeks or so.
>>>>
>>>> Please use SSH local forwards for that.
>>>>
>>>> like this:
>>>> ssh -L5901:localhost:5901 dan.box.squeak.org
>>>>
>>>> and then connect you VNC-viewer to Display 1 on localhost.
>>>>
>>>>
>>>>>
>>>>> Thanks,
>>>>> Dave
>>>>>
More information about the Box-Admins
mailing list