Gcloud SSH problem (need update)
Gcloud firewall understanding and manipulate.
Gcloud default domain bc.googleusercontent ...
Port forwarding, proxy-pass nginx to NodeJS.
Gcloud create routes
https://cloud.google.com/vpc/docs/firewalls
1890 gcloud config set compute/zone asia-southeast1-a
1895 gcloud compute networks create jenkins --mode auto
1896 gcloud container clusters create jenkins-cd --network jenkins --scopes "https://www.googleapis.com/auth/projecthosting,storage-rw"
1897 gcloud container clusters get-credentials jenkins-cd
1899 gcloud compute images create jenkins-home-image --source-uri https://storage.googleapis.com/solutions-public-assets/jenkins-cd/jenkins-home-v3.tgz
1900 gcloud compute disks create jenkins-home --image jenkins-home-image --zone us-east1-d
1901 gcloud compute disks create jenkins-home --image jenkins-home-image --zone asia-southeast1-a
1960 gcloud help
1961 gcloud dataproc help
1962 gcloud clusters help
1970 gcloud project list
1971 gcloud projects list
2007 gcloud projects ls
2008 gcloud list projects
2009 gcloud help
2010 grn gcloud ~/.COPY
2011 grn "gcloud" ~/.COPY
2012 gcloud help
2013 gcloud projects ls
2014 gcloud projects list
https://cloud.google.com/sdk/gcloud/reference/docker
gcloud compute firewall-rules list
gcloud compute firewall-rules update default-allow-internal --allow tcp:1-3305,udp:1-65535,icmp
gcloud compute firewall-rules create "test-remote-access-8043" --allow tcp:8043 --source-tags "expressjs" --target-tags "expressjs"
gcloud compute firewall-rules create "test-ssl-8043" --allow tcp:8043 --source-tags=de-dust-1 --source-ranges=0.0.0.0/0 --description="Test 8043 open port ssl"
Our systems have detected unusual traffic from your computer network. This page checks to see if it's really you sending the requests, and not a robot. Why did this happen?
IP address: 113.190.235.1xx
Time: 2018-06-21T01:52:27Z
URL: https://www.google.co.uk/search?source=hp&ei=1wQrW8zlI4z79QPhj7CwBw&q=gcloud+firewall+rules+not+work&oq=gcloud+firewall+rules+not+work&gs_l=psy-ab.3..33i21k1.2133.2133.0.2497.1.1.0.0.0.0.119.119.0j1.1.0....0...1c.2.64.psy-ab..0.1.118....0.QXpxEMpQi2A
https://cloudplatform.googleblog.com/2015/07/Connection-Refused.html
Clear content display, multi-languages ... => cool web design.
http://manpages.org
Something interesting in NGINX Vhost:
server { #// NodeJS vhost
listen 80; #8086
#listen [::]:80;
#Domain
#server_name chat.crazidays.uat3.pgtest.co;
#server_name 35.240.250.158;
server_name 158.250.240.35.bc.googleusercontent.com;
...
I want to use trick IP and default domain to create 2 virtualhost. But it not work.
domain bc.googleuser.... as above turn to default Nginx page => disable default nginx page.
It turn to default vhost (I think it find first match vhost in order from top to bottom of vhost file). If two vhost separate config file I believe it load by A B C order ? or by timestamp.
So now both IP and domain access point to same Laravel API server.
Here is Laravel API vhost:
server { #// Laravel API vhost
listen 80;
#listen [::]:80;
#Root folder
root /var/www/crazical/public;
index index.php index.html index.htm;
#Domain
#server_name api.uat3.test.co;
server_name 35.240.250.158;
...
I figure out that the listen [::]:80 on Node vhost, and it is the culprit. After comment it out and change /use line " listen 80;" (without [::]) then it work as expected.
Now I have two vhost without need of a subdomain (since bc.googleuser does not have this. I have tried to access sub domain like test....bc.googleuser... but it not work).
Another way is that use different port, ie. nginx 8086 => proxy pass to NodeJS 3013. But Gcloud instance firewall is tedious suck. I have been successful open port for Gcloud instance but do not remember how I did it. And it seem combine of some complex command execute.
gcloud help
gcloud compute instances list
gcloud compute instances describe crazical-3
gcloud compute routes list
gcloud compute instances list
gcloud compute instances describe crazical-3
gcloud compute instances describe crazical-3
gcloud compute instances describe crazical-3
gcloud config set compute/zone asia-southeast1-b
gcloud compute instances add-tags crazical-3 --tags open-8086
gcloud compute instances add-tags crazical-3 --tags open-egress-8086
gcloud compute firewall-rules describe default-allow-https --format="value(targetTags)"
gcloud compute firewall-rules describe open-8086 --format="value(targetTags)"
gcloud compute firewall-rules describe open-8086
gcloud compute firewall-rules list
gcloud compute firewall-rules list --filter network=[NETWORK_NAME] --sort-by priority --format="table(
gcloud compute firewall-rules list --filter network=[NETWORK_NAME] --sort-by priority --format="table(
gcloud compute firewall-rules list --filter network=default --sort-by priority --format="table(
gcloud compute firewall-rules update MY-RULE --allow tcp:20000-25000
gcloud compute firewall-rules update open-8086 --allow tcp:8080-8099
gcloud compute routes create default-internet --destination-range 0.0.0.0/0 --next-hop-gateway default-internet-gateway
Gcloud firewall understanding and manipulate.
Gcloud default domain bc.googleusercontent ...
Port forwarding, proxy-pass nginx to NodeJS.
Gcloud create routes
https://cloud.google.com/vpc/docs/firewalls
1890 gcloud config set compute/zone asia-southeast1-a
1895 gcloud compute networks create jenkins --mode auto
1896 gcloud container clusters create jenkins-cd --network jenkins --scopes "https://www.googleapis.com/auth/projecthosting,storage-rw"
1897 gcloud container clusters get-credentials jenkins-cd
1899 gcloud compute images create jenkins-home-image --source-uri https://storage.googleapis.com/solutions-public-assets/jenkins-cd/jenkins-home-v3.tgz
1900 gcloud compute disks create jenkins-home --image jenkins-home-image --zone us-east1-d
1901 gcloud compute disks create jenkins-home --image jenkins-home-image --zone asia-southeast1-a
1960 gcloud help
1961 gcloud dataproc help
1962 gcloud clusters help
1970 gcloud project list
1971 gcloud projects list
2007 gcloud projects ls
2008 gcloud list projects
2009 gcloud help
2010 grn gcloud ~/.COPY
2011 grn "gcloud" ~/.COPY
2012 gcloud help
2013 gcloud projects ls
2014 gcloud projects list
https://cloud.google.com/sdk/gcloud/reference/docker
gcloud compute firewall-rules list
gcloud compute firewall-rules update default-allow-internal --allow tcp:1-3305,udp:1-65535,icmp
gcloud compute firewall-rules create "test-remote-access-8043" --allow tcp:8043 --source-tags "expressjs" --target-tags "expressjs"
gcloud compute firewall-rules create "test-ssl-8043" --allow tcp:8043 --source-tags=de-dust-1 --source-ranges=0.0.0.0/0 --description="Test 8043 open port ssl"
Our systems have detected unusual traffic from your computer network. This page checks to see if it's really you sending the requests, and not a robot. Why did this happen?
IP address: 113.190.235.1xx
Time: 2018-06-21T01:52:27Z
URL: https://www.google.co.uk/search?source=hp&ei=1wQrW8zlI4z79QPhj7CwBw&q=gcloud+firewall+rules+not+work&oq=gcloud+firewall+rules+not+work&gs_l=psy-ab.3..33i21k1.2133.2133.0.2497.1.1.0.0.0.0.119.119.0j1.1.0....0...1c.2.64.psy-ab..0.1.118....0.QXpxEMpQi2A
https://cloudplatform.googleblog.com/2015/07/Connection-Refused.html
Clear content display, multi-languages ... => cool web design.
http://manpages.org
Something interesting in NGINX Vhost:
server { #// NodeJS vhost
listen 80; #8086
#listen [::]:80;
#Domain
#server_name chat.crazidays.uat3.pgtest.co;
#server_name 35.240.250.158;
server_name 158.250.240.35.bc.googleusercontent.com;
...
I want to use trick IP and default domain to create 2 virtualhost. But it not work.
domain bc.googleuser.... as above turn to default Nginx page => disable default nginx page.
It turn to default vhost (I think it find first match vhost in order from top to bottom of vhost file). If two vhost separate config file I believe it load by A B C order ? or by timestamp.
So now both IP and domain access point to same Laravel API server.
Here is Laravel API vhost:
server { #// Laravel API vhost
listen 80;
#listen [::]:80;
#Root folder
root /var/www/crazical/public;
index index.php index.html index.htm;
#Domain
#server_name api.uat3.test.co;
server_name 35.240.250.158;
...
I figure out that the listen [::]:80 on Node vhost, and it is the culprit. After comment it out and change /use line " listen 80;" (without [::]) then it work as expected.
Now I have two vhost without need of a subdomain (since bc.googleuser does not have this. I have tried to access sub domain like test....bc.googleuser... but it not work).
Another way is that use different port, ie. nginx 8086 => proxy pass to NodeJS 3013. But Gcloud instance firewall is tedious suck. I have been successful open port for Gcloud instance but do not remember how I did it. And it seem combine of some complex command execute.
gcloud help
gcloud compute instances list
gcloud compute instances describe crazical-3
gcloud compute routes list
gcloud compute instances list
gcloud compute instances describe crazical-3
gcloud compute instances describe crazical-3
gcloud compute instances describe crazical-3
gcloud config set compute/zone asia-southeast1-b
gcloud compute instances add-tags crazical-3 --tags open-8086
gcloud compute instances add-tags crazical-3 --tags open-egress-8086
gcloud compute firewall-rules describe default-allow-https --format="value(targetTags)"
gcloud compute firewall-rules describe open-8086 --format="value(targetTags)"
gcloud compute firewall-rules describe open-8086
gcloud compute firewall-rules list
gcloud compute firewall-rules list --filter network=[NETWORK_NAME] --sort-by priority --format="table(
gcloud compute firewall-rules list --filter network=[NETWORK_NAME] --sort-by priority --format="table(
gcloud compute firewall-rules list --filter network=default --sort-by priority --format="table(
gcloud compute firewall-rules update MY-RULE --allow tcp:20000-25000
gcloud compute firewall-rules update open-8086 --allow tcp:8080-8099
gcloud compute routes create default-internet --destination-range 0.0.0.0/0 --next-hop-gateway default-internet-gateway
sudo tcptraceroute -P 8086 35.240.250.158
Traceroute result is open, but what does it mean while nmap show 8086 is closed ?
May be 8086 is not working properly or can not be reached by outside.
I think this is among the most vital info for me. And i am glad reading your article. But should remark on few general things, The website style is perfect, the articles is really nice : D. Good job, cheers
ReplyDeletemagnificent points altogether, you just gained a new reader. What may you recommend about your put up that you simply made some days ago? Any sure?
ReplyDeleteNice articel, I love your WordPress Learn. Thank You.
ReplyDeletecarta de recomendacion personal
ReplyDeleteThanks for this post, I appreciate it. There are times when it can be hard to separate the good from the bad, but you nailed it! Have you considered updating your blog with more information? I have a blog on computer mouse buttons function. it is very useful information to you please visit my site my learn it.
ReplyDeleteWhat an informative article. Tell you what I have bookmarked your website for a regular checkup. Thank you for taking the time to share such great content. There are times when you may need to choose a random number. Maybe you need to decide who gets to go first in the game. For this you can see this profile Number Picker.
ReplyDeleteIf Desktop Gold doesn't launch and you see an "AOL Desktop Gold has stopped working" error message when you open Desktop Gold or try to install it, you'll need to download and run an updated install file. Quick Steps To aol desktop gold troubleshooting All steps.
ReplyDeleteUmno's decision not to cooperate with Parti Pribumi Bersatu Malaysia in the 15th general election (GE15) has been finalized, said its president Datuk Seri Ahmad Zahid Hamidi. Read this news complete at The Malaysia Post.
ReplyDeleteWebsite Development UK
ReplyDeletePay Monthly Websites UK
UK Based Pay Monthly Websites
The Qatari government made a formal request more than a year ago to purchase four MQ-9B Predator armed drones, but the US State Department has refused to complete the sale. If Washington has yet to comply with the Doha request officially, it appears that the Joe Biden administration is opposed to granting MQ-9B Predator armed drones. Moreover, according to many observers, Pentagon defense experts, the Government of Qatar does not offer sufficient guarantees on their use and is concerned for the security of neighboring countries, particularly Israel. Read this complete article at The Arab Post.
ReplyDeleteThe fastest and safest ride to the airport in London.Clean and comfortable cars. Fully licensed taxi services. one of the most trusted taxi services in London. Meet & greet. special airport rates.
ReplyDeleteBook in under 60 seconds. Professional drivers.24 hours assistance. Our services include taxi transfers to Gatwick, Heathrow, London, Luton & Stansted airport. we are here to make you comfortable and hassle less for. Friendly and reliable taxi service at competitive prices. Our commitment to you is quality and long-lasting.
This comment has been removed by the author.
ReplyDelete