Skip to Content.
Sympa Menu

rare-dev - Re: [rare-dev] Exposing docker port on a vm with freeRouter

Subject: Rare project developers

List archive

Re: [rare-dev] Exposing docker port on a vm with freeRouter


Chronological Thread 
  • From: mc36 <>
  • To: Gabriel Tetzner <>
  • Cc:
  • Subject: Re: [rare-dev] Exposing docker port on a vm with freeRouter
  • Date: Tue, 16 Aug 2022 23:54:36 +0200

hi,
so as it seems, the 172.31.7.243:9090 is freerouter's forwarder server...
that is, once a connection hits this one, freerouter will accept it, and
initiate a new connection to the same ip:port,
resulting in a new connection to the forwarder, and so on... and in general,
this forwarder server is mostly useful
when you want to bridge in between two separated vrfs, or publish a service
between two isolated interfaces...
if you simply want to query the counters from the prometheus container, imho
you can already do so without the
forwarder server: assuming your eth2 is working properly, that is, you can
ping the from prometheus container
the freerouter's 172.18.0.5 ip, then you can simply bind the server prom in
freerouter to eth2 and then the
container should be able to read the endpoint...
br,
cs



On 8/16/22 23:46, Gabriel Tetzner wrote:

image.png

image.png

That Eth2 there, was the interface created from the docker network interface.

Em ter., 16 de ago. de 2022 s 18:38, mc36 < <>>
escreveu:

could you please give us the following:
sho ipv4 route inet
sho ipv4 arp eth1
thanks,
cs


On 8/16/22 23:35, Gabriel Tetzner wrote:
> Hi,
>
> I used port 9080 from the host to 9090 from prometheus:
> image.png
>
> forwarder freerouter:
> server forwarder prom
> port 9080
> target vrf inet
> target interface ethernet1
> target address 172.31.7.243
> target port 9080
> interface ethernet1
> vrf inet
> exit
> !
>
> When I try to access http://18.230.37.188:9080/ <http://18.230.37.188:9080/>
<http://18.230.37.188:9080/ <http://18.230.37.188:9080/>> from the browser, it keeps
loading and
gives this memory error.
>
>
> Em ter., 16 de ago. de 2022 s 18:27, mc36 < <>
< <>>> escreveu:
>
> hi,
> could you please share the relevant parts of your config?
> thanks,
> cs
>
> On 8/16/22 23:25, Gabriel Tetzner wrote:
> > Hi all,
> >
> > Following what Csaba recommended, freeRouter was installed
on top of the docker interfaces, but it gives the following error:
> >
> > java.lang.OutOfMemoryError: unable to create native thread:
possibly out of memory or process/resource limits reached at
> >
> java.lang.Thread.start0:Thread.java:-2/java.lang.Thread.start:Thread.java:1535/pipeConnectDoer.<init>:pipeConnect.java:75/pipeConnect.connect:pipeConnect.java:21/servForwarder.doConnStart:servForwarder.java:383/servForwarderDoer.run:servForwarder.java:404/java.lang.Thread.run:Thread.java:1589/
> >
> > What could this be?
> >
> > Em seg., 15 de ago. de 2022 s 18:18, Gabriel Tetzner
< <>
<
<>>
> <
<>
<
<>>>> escreveu:
> >
> > Hi,
> >
> > I will test that possibility, it really makes
sense....
> >
> > Thanks Csaba.
> >
> > Em seg., 15 de ago. de 2022 s 18:05, mc36 <
<> < <>> <
<>
< <>>>> escreveu:
> >
> > okkk, so as i see 172.31.32.29/32
<http://172.31.32.29/32> <http://172.31.32.29/32 <http://172.31.32.29/32>>
<http://172.31.32.29/32
<http://172.31.32.29/32> <http://172.31.32.29/32
<http://172.31.32.29/32>>> is LOC, that is, freerouter got it from dhcp...
> >
> > so now, if you look at your forwarder,
it's an infinite loop: you binded it to eth1:9090,
> > which is 172.31.32.29:9090 <http://172.31.32.29:9090>
<http://172.31.32.29:9090 <http://172.31.32.29:9090>> <http://172.31.32.29:9090
<http://172.31.32.29:9090> <http://172.31.32.29:9090
<http://172.31.32.29:9090>>>, according to your screenshot... then you forwarded it to
> > 172.31.32.29:9090 <http://172.31.32.29:9090> <http://172.31.32.29:9090
<http://172.31.32.29:9090>> <http://172.31.32.29:9090 <http://172.31.32.29:9090>
<http://172.31.32.29:9090 <http://172.31.32.29:9090>>>, which is itself,
and the same port.. so it simply ran out of ram
> > regardless how much you gave it... :)
> >
> > instead, if you want to mix freerouter
and docker, do install freerouter as the last,
> > and let freerouter take over the host's
auto-created docker interfaces too...
> >
> > alternatively, you can re-trigger the
physical interface detection by running the bottom
> > lines of the
https://github.com/rare-freertr/freeRtr/blob/master/misc/service/c.sh
<https://github.com/rare-freertr/freeRtr/blob/master/misc/service/c.sh>
<https://github.com/rare-freertr/freeRtr/blob/master/misc/service/c.sh
<https://github.com/rare-freertr/freeRtr/blob/master/misc/service/c.sh>>
>
<https://github.com/rare-freertr/freeRtr/blob/master/misc/service/c.sh
<https://github.com/rare-freertr/freeRtr/blob/master/misc/service/c.sh>
<https://github.com/rare-freertr/freeRtr/blob/master/misc/service/c.sh
<https://github.com/rare-freertr/freeRtr/blob/master/misc/service/c.sh>>>
script...
> >
> > br,
> > cs
> >
> >
> > On 8/15/22 22:56, Gabriel Tetzner wrote:
> > > image.png
> > >
> > > Em seg., 15 de ago. de 2022 s 17:52, mc36 <
<> < <>> < <>
< <>>> < <> <
<>> < <>
> < <>>>>> escreveu:
> > >
> > > what about show
ipv4 route inet? does freerouter know about that 172.31.32.29 ?
> > >
> > > On 8/15/22 22:50,
Gabriel Tetzner wrote:
> > > > Hi,
> > > >
> > > > sudo nano
docker-compose:
> > > >
> > > > version: '3'
> > > > services:
> > > >
prometheus:
> > > >
image: prom/prometheus:latest
> > > >
container_name: prometheus
> > > >
restart: always
> > > >
ports:
> > > >
- 9090:9090
> > > >
command:
> > > >
- --config.file=/etc/prometheus/prometheus.yml
> > > >
volumes:
> > > >
-
/etc/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro
> > > >
- /etc/prometheus/alert.rules:/etc/prometheus/alert.rules:ro
> > > >
> > > > server
forwarder prometheus:
> > > >
> > > > server
forwarder prometheus
> > > >
access-log
> > > >
access-rate 5 5000
> > > >
access-total 5
> > > >
access-peer 5
> > > >
port 9090
> > > >
logging
> > > >
target vrf inet
> > > >
target interface ethernet1
> > > >
target address 172.31.32.29
> > > >
target port 9090
> > > >
interface ethernet1
> > > >
vrf inet
> > > >
exit
> > > > !
> > > >
> > > >
> > > >
> > > > Em seg., 15 de ago. de 2022
s 17:45, mc36 < <> < <>>
<
<> < <>>> <
<> < <>>
> < <> < <>>>>
< <> < <>> <
<> < <>>> <
<> < <>>
> > < <> <
<>>>>>> escreveu:
> > > >
> > > >
hi,
> > > >
> > > >
On 8/15/22 22:39, Gabriel Tetzner wrote:
> > > >
> I think it is that way, since the public ip is associated with the
freeRouter now, or is there another way to
redirect the debian OS port
> (9090) to the
> > freeRouter so
> > > that it is
> > > >
> accessible externally? Or how to do this?
> > > >
>
> > > >
> > > >
but in generally speaking, yeahh, the forwarder server is a way to do the
work...
> > > >
here is the test for it: http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>
<http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>>
> <http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>
<http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>>>
> > <http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>
<http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>>
<http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>
> <http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>>>>
> > >
<http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>
<http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>>
<http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>
> <http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>>>
<http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>
<http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>>
> > <http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>
<http://sources.freertr.org/cfg/serv-forward.tst
<http://sources.freertr.org/cfg/serv-forward.tst>>>>>
> > > >
> > > >
> But I can't access the prometheus server externally, I tried to
make the server forwarder work to redirect
this port, but I lose
> access to ssh from
> > the vm.
> > > >
> > > >
did you created a new forwarder or reused the one for the ssh?
> > > >
> > > >
br,
> > > >
cs
> > > >
> > >
> >
>




Archive powered by MHonArc 2.6.19.

Top of Page