[英]Can't connect to Jfrog artifactory instance in GCP centos7 vm
I installed Jfrog artifactory as a docker container in GCP vm.我在 GCP vm 中安装了 Jfrog artifactory 作为 docker 容器。 But i am unable to access it through external ip.但我无法通过外部 ip 访问它。 both http and https is enabled. http 和 https 均已启用。 i was able to curl localhost but can't access from browser.我能够 curl localhost 但无法从浏览器访问。 How do i troubleshoot this?我该如何解决这个问题?
[sksabit_faisal@instance-1 ~]$ systemctl status artifactory
● artifactory.service - Setup Systemd script for Artifactory Container
Loaded: loaded (/etc/systemd/system/artifactory.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2022-08-29 06:08:38 UTC; 17min ago
Main PID: 1402 (docker)
Tasks: 8
Memory: 72.2M
CGroup: /system.slice/artifactory.service
└─1402 /usr/bin/docker run --name artifactory -p 8081:8081 -p 8082:8082 -v /jfrog/artifactory:/var/opt/jfrog/artifactory docker.bintray.io/jfrog/artifactory-oss:latest
Aug 29 06:24:55 instance-1 docker[1402]: [168B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [205B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [176B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [253B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [202B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [209B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [168B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [205B blob data]
Aug 29 06:25:03 instance-1 docker[1402]: 2022-08-29T06:25:03.160Z [jffe ] [INFO ] [ ] [ ] [main ] - fetchAndUpdateAllConfi...onfigurations
Aug 29 06:25:33 instance-1 docker[1402]: 2022-08-29T06:25:33.159Z [jffe ] [INFO ] [ ] [ ] [main ] - fetchAndUpdateAllConfi...onfigurations
Hint: Some lines were ellipsized, use -l to show in full.
[sksabit_faisal@instance-1 ~]$ ss -tunelp | grep 8081
tcp LISTEN 0 128 *:8081 *:* ino:28010 sk:ffff8e4bb3c72e80 <->
tcp LISTEN 0 128 [::]:8081 [::]:* ino:27367 sk:ffff8e4c37940840 v6only:1 <->
[sksabit_faisal@instance-1 ~]$
[sksabit_faisal@instance-1 ~]$ curl -v http://localhost:8081/artifactory
* About to connect() to localhost port 8081 (#0)
* Trying ::1...
* Connected to localhost (::1) port 8081 (#0)
> GET /artifactory HTTP/1.1
> User-Agent: curl/7.29.0
> Host: localhost:8081
> Accept: */*
>
< HTTP/1.1 302
< Location: /artifactory/
< Transfer-Encoding: chunked
< Date: Mon, 29 Aug 2022 06:29:58 GMT
<
* Connection #0 to host localhost left intact
as what @John Hanley suggested creating a firewall rule.正如@John Hanley 建议的那样创建防火墙规则。
see the steps on Creating Firewall rules :请参阅创建防火墙规则的步骤:
Click Logs > On.单击日志 > 开启。
To omit metadata, expand Logs details and then clear Include metadata.要省略元数据,请展开日志详细信息,然后清除包括元数据。
For the Direction of traffic , choose ingress or egress.对于流量方向,选择入口或出口。
For the Action on match , choose allow or deny.对于匹配操作,选择允许或拒绝。
Specify the Targets of the rule.指定规则的目标。
All instances in the network.
如果您希望规则应用于网络中的All instances in the network.
Specified target tags,
then type the tags to which the rule should apply into the Target tags field.如果您希望通过网络(目标)标签将规则应用于 select 实例,请选择Specified target tags,
然后在目标标签字段中键入应应用规则的标签。Specified service account,
indicate whether the service account is in the current project or another one under Service account scope , and choose or type the service account name in the Target service account field.如果您希望通过关联的服务帐户将规则应用于 select 实例,请选择Specified service account,
在服务帐户 scope下指明服务帐户是在当前项目中还是在另一个项目中,然后在目标服务中选择或键入服务帐户名称帐户字段。 To filter incoming traffic by source IPv4 ranges, select IPv4 ranges
and enter the CIDR blocks into the Source IPv4 ranges field.要按源 IPv4 范围过滤传入流量,select IPv4 ranges
并在源 IPv4 范围字段中输入 CIDR 块。 Use 0.0.0.0/0
for any IPv4 source.对任何 IPv4 源使用0.0.0.0/0
。
To filter incoming traffic by source IPv6 ranges, select IPv6 ranges
and enter the CIDR blocks into the Source IPv6 ranges field.要按源 IPv6 范围过滤传入流量,select IPv6 ranges
并在源 IPv6 范围字段中输入 CIDR 块。 Use ::/0
for any IPv6 source.对任何 IPv6 源使用::/0
。
To filter outgoing traffic by destination IPv4 ranges, select IPv4 ranges
and enter the CIDR blocks into the Destination IPv4 ranges field.要按目标 IPv4 范围过滤传出流量,select IPv4 ranges
并在目标 IPv4 范围字段中输入 CIDR 块。 Use 0.0.0.0/0
for any IPv4 destination.将0.0.0.0/0
用于任何 IPv4 目标。
To filter outgoing traffic by destination IPv6 ranges, select IPv6 ranges and enter the CIDR blocks into the Destination IPv6 ranges field.要按目标 IPv6 范围过滤传出流量,select IPv6 范围并将 CIDR 块输入到目标 IPv6 范围字段。 Use ::/0
for any IPv6 destination.对任何 IPv6 目标使用::/0
。
Select Allow all
or Deny all
, depending on the action, to have the rule apply to all protocols and destination ports. Select Allow all
或Deny all
,具体取决于操作,将规则应用于所有协议和目标端口。
Define specific protocols and destination ports:定义特定的协议和目标端口:
Select tcp to include the TCP protocol and destination ports. Select tcp包括 TCP 协议和目标端口。 Enter all or a comma-delimited list of destination ports, such as 20-22, 80, 8080.
输入全部或以逗号分隔的目标端口列表,例如20-22, 80, 8080.
Select udp to include the UDP protocol and destination ports. Select udp包括 UDP 协议和目标端口。 Enter all or a comma-delimited list of destination ports, such as 67-69, 123.
输入全部或以逗号分隔的目标端口列表,例如67-69, 123.
Select Other protocols to include protocols such as icmp
, sctp
, or a protocol number. Select其他协议,包括icmp
、 sctp
或协议号等协议。 Use protocol 58
for ICMPv6.对 ICMPv6 使用协议58
。 See protocols and destination ports for more information.有关详细信息,请参阅协议和目标端口。
(Optional) You can create the firewall rule but not enforce it by setting its enforcement state to disabled. (可选)您可以通过将其强制执行 state 设置为禁用来创建防火墙规则但不强制执行它。 Click Disable rule , then select Disabled .单击禁用规则,然后单击 select禁用。
Click Create.单击创建。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.