Skip to main content

GCP Google Cloud Platform

Gcloud SSH problem (need update)
Gcloud firewall understanding and manipulate.
Gcloud default domain bc.googleusercontent ...
Port forwarding, proxy-pass nginx to NodeJS.
Gcloud create routes

https://cloud.google.com/vpc/docs/firewalls

1890  gcloud config set compute/zone asia-southeast1-a
1895  gcloud compute networks create jenkins --mode auto
1896  gcloud container clusters create jenkins-cd   --network jenkins   --scopes "https://www.googleapis.com/auth/projecthosting,storage-rw"
1897  gcloud container clusters get-credentials jenkins-cd
1899  gcloud compute images create jenkins-home-image --source-uri https://storage.googleapis.com/solutions-public-assets/jenkins-cd/jenkins-home-v3.tgz

1900  gcloud compute disks create jenkins-home --image jenkins-home-image --zone us-east1-d
1901  gcloud compute disks create jenkins-home --image jenkins-home-image --zone asia-southeast1-a
1960  gcloud help
1961  gcloud dataproc help
 1962  gcloud clusters help
 1970  gcloud project list
 1971  gcloud projects list
 2007  gcloud projects ls
 2008  gcloud list projects
 2009  gcloud help
 2010  grn gcloud ~/.COPY
 2011  grn "gcloud" ~/.COPY
 2012  gcloud help
 2013  gcloud projects ls
 2014  gcloud projects list
https://cloud.google.com/sdk/gcloud/reference/docker
gcloud compute firewall-rules list
gcloud compute firewall-rules update default-allow-internal --allow tcp:1-3305,udp:1-65535,icmp
gcloud compute firewall-rules create "test-remote-access-8043" --allow tcp:8043 --source-tags "expressjs" --target-tags "expressjs"
gcloud compute firewall-rules create "test-ssl-8043" --allow tcp:8043 --source-tags=de-dust-1 --source-ranges=0.0.0.0/0 --description="Test 8043 open port ssl"


Our systems have detected unusual traffic from your computer network. This page checks to see if it's really you sending the requests, and not a robot. Why did this happen?

IP address: 113.190.235.1xx
Time: 2018-06-21T01:52:27Z
URL: https://www.google.co.uk/search?source=hp&ei=1wQrW8zlI4z79QPhj7CwBw&q=gcloud+firewall+rules+not+work&oq=gcloud+firewall+rules+not+work&gs_l=psy-ab.3..33i21k1.2133.2133.0.2497.1.1.0.0.0.0.119.119.0j1.1.0....0...1c.2.64.psy-ab..0.1.118....0.QXpxEMpQi2A

https://cloudplatform.googleblog.com/2015/07/Connection-Refused.html

Clear content display, multi-languages ... => cool web design.
http://manpages.org

Something interesting in NGINX Vhost:
server { #// NodeJS vhost
        listen 80; #8086
        #listen [::]:80;

        #Domain
        #server_name chat.crazidays.uat3.pgtest.co;
        #server_name 35.240.250.158;
        server_name 158.250.240.35.bc.googleusercontent.com;
...
I want to use trick IP and default domain to create 2 virtualhost. But it not work.
domain bc.googleuser.... as above turn to default Nginx page => disable default nginx page.
It turn to default vhost (I think it find first match vhost in order from top to bottom of vhost file). If two vhost separate config file I believe it load by A B C order ? or by timestamp.

So now both IP and domain access point to same Laravel API server.
Here is Laravel API vhost:
server { #// Laravel API vhost
        listen 80;
        #listen [::]:80;

        #Root folder
        root /var/www/crazical/public;
        index index.php index.html index.htm;

        #Domain
        #server_name api.uat3.test.co;
        server_name 35.240.250.158;
...
I figure out that the listen [::]:80 on Node vhost, and it is the culprit. After comment it out and change /use line " listen 80;" (without [::]) then it work as expected.
Now I have two vhost without need of a subdomain (since bc.googleuser does not have this. I have tried to access sub domain like test....bc.googleuser... but it not work).

Another way is that use different port, ie. nginx 8086 => proxy pass to NodeJS 3013. But Gcloud instance firewall is tedious suck. I have been successful open port for Gcloud instance but do not remember how I did it. And it seem combine of some complex command execute.

gcloud help
gcloud compute instances list
gcloud compute instances describe crazical-3
gcloud compute routes list
gcloud compute instances list
gcloud compute instances describe crazical-3
gcloud compute instances describe crazical-3
gcloud compute instances describe crazical-3
gcloud config set compute/zone asia-southeast1-b
gcloud compute instances add-tags crazical-3 --tags open-8086
gcloud compute instances add-tags crazical-3 --tags open-egress-8086
gcloud compute firewall-rules describe default-allow-https --format="value(targetTags)"
gcloud compute firewall-rules describe open-8086 --format="value(targetTags)"
gcloud compute firewall-rules describe open-8086
gcloud compute firewall-rules list
gcloud compute firewall-rules list --filter network=[NETWORK_NAME]     --sort-by priority     --format="table(
gcloud compute firewall-rules list --filter network=[NETWORK_NAME]     --sort-by priority     --format="table(
gcloud compute firewall-rules list --filter network=default     --sort-by priority     --format="table(
gcloud compute firewall-rules update MY-RULE       --allow tcp:20000-25000
gcloud compute firewall-rules update open-8086       --allow tcp:8080-8099
gcloud compute routes create default-internet --destination-range 0.0.0.0/0 --next-hop-gateway default-internet-gateway

sudo tcptraceroute -P 8086 35.240.250.158
Traceroute result is open, but what does it mean while nmap show 8086 is closed ?
May be 8086 is not working properly or can not be reached by outside.


Comments

  1. I think this is among the most vital info for me. And i am glad reading your article. But should remark on few general things, The website style is perfect, the articles is really nice : D. Good job, cheers

    ReplyDelete
  2. magnificent points altogether, you just gained a new reader. What may you recommend about your put up that you simply made some days ago? Any sure?

    ReplyDelete
  3. Thanks for this post, I appreciate it. There are times when it can be hard to separate the good from the bad, but you nailed it! Have you considered updating your blog with more information? I have a blog on computer mouse buttons function. it is very useful information to you please visit my site my learn it.

    ReplyDelete
  4. What an informative article. Tell you what I have bookmarked your website for a regular checkup. Thank you for taking the time to share such great content. There are times when you may need to choose a random number. Maybe you need to decide who gets to go first in the game. For this you can see this profile Number Picker.

    ReplyDelete
  5. If Desktop Gold doesn't launch and you see an "AOL Desktop Gold has stopped working" error message when you open Desktop Gold or try to install it, you'll need to download and run an updated install file. Quick Steps To aol desktop gold troubleshooting All steps.

    ReplyDelete
  6. Umno's decision not to cooperate with Parti Pribumi Bersatu Malaysia in the 15th general election (GE15) has been finalized, said its president Datuk Seri Ahmad Zahid Hamidi. Read this news complete at The Malaysia Post.

    ReplyDelete
  7. The Qatari government made a formal request more than a year ago to purchase four MQ-9B Predator armed drones, but the US State Department has refused to complete the sale. If Washington has yet to comply with the Doha request officially, it appears that the Joe Biden administration is opposed to granting MQ-9B Predator armed drones. Moreover, according to many observers, Pentagon defense experts, the Government of Qatar does not offer sufficient guarantees on their use and is concerned for the security of neighboring countries, particularly Israel. Read this complete article at The Arab Post.

    ReplyDelete
  8. The fastest and safest ride to the airport in London.Clean and comfortable cars. Fully licensed taxi services. one of the most trusted taxi services in London. Meet & greet. special airport rates.
    Book in under 60 seconds. Professional drivers.24 hours assistance. Our services include taxi transfers to Gatwick, Heathrow, London, Luton & Stansted airport. we are here to make you comfortable and hassle less for. Friendly and reliable taxi service at competitive prices. Our commitment to you is quality and long-lasting.

    ReplyDelete
  9. This comment has been removed by the author.

    ReplyDelete

Post a Comment

Popular posts from this blog

AWS Elasticache Memcached connection

https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/accessing-elasticache.html#access-from-outside-aws http://hourlyapps.blogspot.com/2010/06/examples-of-memcached-commands.html Access memcached https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/GettingStarted.AuthorizeAccess.html Zip include hidden file https://stackoverflow.com/questions/12493206/zip-including-hidden-files phpmemcachedadmin ~ phpMyAdmin or phpPgAdmin ... telnet mycachecluster.eaogs8.0001.usw2.cache.amazonaws.com 11211 stats items stats cachedump 27 100 https://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/VPCs.EC.html https://lzone.de/cheat-sheet/memcached VPC ID Security Group ID (sg-...) Cluster: The identifier for the cluster memcached1 Creation Time: The time (UTC) when the cluster was created January 9, 2019 at 11:47:16 AM UTC+7 Configuration Endpoint: The configuration endpoint of the cluster memcached1.ahgofe.cfg.usw1.cache.amazonaws.com:11211 St...

Notes Windows 10 Virtualbox config, PHP Storm Japanese, custom PHP, Apache build, Postgresql

 cmd => Ctrl + Shift + Enter mklink "C:\Users\HauNT\Videos\host3" "C:\Windows\System32\drivers\etc\hosts" https://www.quora.com/How-to-create-a-router-in-php https://serverfault.com/questions/225155/virtualbox-how-to-set-up-networking-so-both-host-and-guest-can-access-internet 1 NAT + 1 host only config https://unix.stackexchange.com/questions/115464/how-to-properly-set-up-2-network-interfaces-in-centos-running-in-virtualbox DEVICE=eth0 TYPE=Ethernet #BOOTPROTO=dhcp BOOTPROTO=none #IPADDR=10.9.11.246 #PREFIX=24 #GATEWAY=10.9.11.1 #IPV4_FAILURE_FATAL=yes #HWADDR=08:00:27:CC:AC:AC ONBOOT=yes NAME="System eth0" [root@localhost www]# cat /etc/sysconfig/network-scripts/ifcfg-eth1 # Advanced Micro Devices, Inc. [AMD] 79c970 [PCnet32 LANCE] DEVICE=eth1 IPADDR=192.168.56.28 <= no eff => auto like DHCP #GATEWAY=192.168.56.1 #BOOTPROTO=dhcp BOOTPROTO=static <= no eff ONBOOT=yes HWADDR=08:00:27:b4:20:10 [root@localhost www]# ...

Rocket.Chat DB schema

_raix_push_notifications avatars.chunks avatars.files instances meteor_accounts_loginServiceConfiguration meteor_oauth_pendingCredentials meteor_oauth_pendingRequestTokens migrations rocketchat__trash rocketchat_cron_history rocketchat_custom_emoji rocketchat_custom_sounds rocketchat_import rocketchat_integration_history rocketchat_integrations rocketchat_livechat_custom_field rocketchat_livechat_department rocketchat_livechat_department_agents rocketchat_livechat_external_message rocketchat_livechat_inquiry rocketchat_livechat_office_hour rocketchat_livechat_page_visited rocketchat_livechat_trigger rocketchat_message rocketchat_oauth_apps rocketchat_oembed_cache rocketchat_permissions rocketchat_raw_imports rocketchat_reports rocketchat_roles rocketchat_room rocketchat_settings rocketchat_smarsh_history rocketchat_statistics rocketchat_subscription rocketchat_uploads system.indexes users usersSessions https://rocket.chat/docs/developer-guides/sc...