堆栈内存溢出
  简体   繁体   English

无法连接到 GCP centos7 vm 中的 Jfrog 工件实例

[英]Can't connect to Jfrog artifactory instance in GCP centos7 vm

 原文  2022-08-29 06:32:43       linux/ docker/ google-cloud-platform/ centos7/ artifactory

问题描述

I installed Jfrog artifactory as a docker container in GCP vm.我在 GCP vm 中安装了 Jfrog artifactory 作为 docker 容器。 But i am unable to access it through external ip.但我无法通过外部 ip 访问它。 both http and https is enabled. http 和 https 均已启用。 i was able to curl localhost but can't access from browser.我能够 curl localhost 但无法从浏览器访问。 How do i troubleshoot this?我该如何解决这个问题?

[sksabit_faisal@instance-1 ~]$ systemctl status artifactory
● artifactory.service - Setup Systemd script for Artifactory Container
   Loaded: loaded (/etc/systemd/system/artifactory.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2022-08-29 06:08:38 UTC; 17min ago
 Main PID: 1402 (docker)
    Tasks: 8
   Memory: 72.2M
   CGroup: /system.slice/artifactory.service
           └─1402 /usr/bin/docker run --name artifactory -p 8081:8081 -p 8082:8082 -v /jfrog/artifactory:/var/opt/jfrog/artifactory docker.bintray.io/jfrog/artifactory-oss:latest

Aug 29 06:24:55 instance-1 docker[1402]: [168B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [205B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [176B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [253B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [202B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [209B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [168B blob data]
Aug 29 06:24:55 instance-1 docker[1402]: [205B blob data]
Aug 29 06:25:03 instance-1 docker[1402]: 2022-08-29T06:25:03.160Z [jffe ] [INFO ] [                ] [                              ] [main                ] - fetchAndUpdateAllConfi...onfigurations
Aug 29 06:25:33 instance-1 docker[1402]: 2022-08-29T06:25:33.159Z [jffe ] [INFO ] [                ] [                              ] [main                ] - fetchAndUpdateAllConfi...onfigurations
Hint: Some lines were ellipsized, use -l to show in full.
[sksabit_faisal@instance-1 ~]$ ss -tunelp | grep 8081
tcp    LISTEN     0      128       *:8081                  *:*                   ino:28010 sk:ffff8e4bb3c72e80 <->
tcp    LISTEN     0      128    [::]:8081               [::]:*                   ino:27367 sk:ffff8e4c37940840 v6only:1 <->
[sksabit_faisal@instance-1 ~]$ 


[sksabit_faisal@instance-1 ~]$ curl -v http://localhost:8081/artifactory
* About to connect() to localhost port 8081 (#0)
*   Trying ::1...
* Connected to localhost (::1) port 8081 (#0)
> GET /artifactory HTTP/1.1
> User-Agent: curl/7.29.0
> Host: localhost:8081
> Accept: */*
> 
< HTTP/1.1 302 
< Location: /artifactory/
< Transfer-Encoding: chunked
< Date: Mon, 29 Aug 2022 06:29:58 GMT
< 
* Connection #0 to host localhost left intact

1 个解决方案

解决方案1
 1  2022-08-31 22:28:17

as what @John Hanley suggested creating a firewall rule.正如@John Hanley 建议的那样创建防火墙规则。

see the steps on Creating Firewall rules :请参阅创建防火墙规则的步骤:

  1. From your navigation menu go to the Firewall page.从导航菜单 go 到防火墙页面。
  2. Click Create firewall rule.单击创建防火墙规则。
  3. Enter a Name for the firewall rule.输入防火墙规则的名称 This name must be unique for the project.此名称对于项目必须是唯一的。
  4. (Optional) You can enable firewall rules logging: (可选)您可以启用防火墙规则日志记录:

  • Click Logs > On.单击日志 > 开启。

  • To omit metadata, expand Logs details and then clear Include metadata.要省略元数据,请展开日志详细信息,然后清除包括元数据。

  1. Specify the Network for the firewall rule.指定防火墙规则的网络
  2. Specify the Priority of the rule.指定规则的优先级
  • The lower the number, the higher the priority.数字越小,优先级越高。

  1. For the Direction of traffic , choose ingress or egress.对于流量方向,选择入口或出口。

  2. For the Action on match , choose allow or deny.对于匹配操作,选择允许或拒绝。

  3. Specify the Targets of the rule.指定规则的目标

  • If you want the rule to apply to all instances in the network, choose All instances in the network.如果您希望规则应用于网络中的All instances in the network.
  • If you want the rule to apply to select instances by network (target) tags, choose Specified target tags, then type the tags to which the rule should apply into the Target tags field.如果您希望通过网络(目标)标签将规则应用于 select 实例,请选择Specified target tags,然后在目标标签字段中键入应应用规则的标签。
  • If you want the rule to apply to select instances by associated service account, choose Specified service account, indicate whether the service account is in the current project or another one under Service account scope , and choose or type the service account name in the Target service account field.如果您希望通过关联的服务帐户将规则应用于 select 实例,请选择Specified service account,服务帐户 scope下指明服务帐户是在当前项目中还是在另一个项目中,然后在目标服务中选择或键入服务帐户名称帐户字段。
  1. For an ingress rule, specify the Source filter :对于入口规则,指定源过滤器

  • To filter incoming traffic by source IPv4 ranges, select IPv4 ranges and enter the CIDR blocks into the Source IPv4 ranges field.要按源 IPv4 范围过滤传入流量,select IPv4 ranges并在源 IPv4 范围字段中输入 CIDR 块。 Use 0.0.0.0/0 for any IPv4 source.对任何 IPv4 源使用0.0.0.0/0

  • To filter incoming traffic by source IPv6 ranges, select IPv6 ranges and enter the CIDR blocks into the Source IPv6 ranges field.要按源 IPv6 范围过滤传入流量,select IPv6 ranges并在源 IPv6 范围字段中输入 CIDR 块。 Use ::/0 for any IPv6 source.对任何 IPv6 源使用::/0

  1. For an egress rule, specify the Destination filter :对于出口规则,指定目标过滤器

  • To filter outgoing traffic by destination IPv4 ranges, select IPv4 ranges and enter the CIDR blocks into the Destination IPv4 ranges field.要按目标 IPv4 范围过滤传出流量,select IPv4 ranges并在目标 IPv4 范围字段中输入 CIDR 块。 Use 0.0.0.0/0 for any IPv4 destination.0.0.0.0/0用于任何 IPv4 目标。

  • To filter outgoing traffic by destination IPv6 ranges, select IPv6 ranges and enter the CIDR blocks into the Destination IPv6 ranges field.要按目标 IPv6 范围过滤传出流量,select IPv6 范围并将 CIDR 块输入到目标 IPv6 范围字段。 Use ::/0 for any IPv6 destination.对任何 IPv6 目标使用::/0

  1. Define the Protocols and ports to which the rule applies:定义规则适用的协议和端口

  • Select Allow all or Deny all , depending on the action, to have the rule apply to all protocols and destination ports. Select Allow allDeny all ,具体取决于操作,将规则应用于所有协议和目标端口。

  • Define specific protocols and destination ports:定义特定的协议和目标端口:

  • Select tcp to include the TCP protocol and destination ports. Select tcp包括 TCP 协议和目标端口。 Enter all or a comma-delimited list of destination ports, such as 20-22, 80, 8080.输入全部或以逗号分隔的目标端口列表,例如20-22, 80, 8080.

  • Select udp to include the UDP protocol and destination ports. Select udp包括 UDP 协议和目标端口。 Enter all or a comma-delimited list of destination ports, such as 67-69, 123.输入全部或以逗号分隔的目标端口列表,例如67-69, 123.

  • Select Other protocols to include protocols such as icmp , sctp , or a protocol number. Select其他协议,包括icmpsctp或协议号等协议。 Use protocol 58 for ICMPv6.对 ICMPv6 使用协议58 See protocols and destination ports for more information.有关详细信息,请参阅协议和目标端口。

  1. (Optional) You can create the firewall rule but not enforce it by setting its enforcement state to disabled. (可选)您可以通过将其强制执行 state 设置为禁用来创建防火墙规则但不强制执行它。 Click Disable rule , then select Disabled .单击禁用规则,然后单击 select禁用

  2. Click Create.单击创建。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在 GCP VPS 实例,CentOS7 中使用专用 IP 设置 GRE 隧道 - Setup a GRE tunnel with dedicated IP in GCP VPS instance, CentOS7 计算引擎VM实例CENTOS7中的Bq命令行错误 - Bq command line error in compute engine VM instance CENTOS7 无法连接到 GCP VM 权限被拒绝(公钥)错误 - Can't connect to GCP VM Permission denied (publickey) error GCP 无法连接到 MongoDB - GCP Can't Connect to MongoDB 如何防止我的 GCP VM 实例中的用户成为 root? - How can prevent users in my GCP VM Instance to become root? SSH 在 GCP VM 实例上过期 - SSH Expired on GCP VM Instance 无法通过 IAP 连接到运行 Ubuntu 22.04 LST 的 GCP 实例 - Can't connect via IAP to GCP instance running Ubuntu 22.04 LST 新 VM 不能使用未分配的 Static 内部 IP GCP - New VM can't use unassigned Static Internal IP GCP 无法在公共 IP 和 SSH 上运行 GCP VM - Can't run GCP VM on public IP with SSH GCP VM启动脚本sed:无法读取:没有这样的文件或目录 - GCP VM startup script sed: can't read : No such file or directory
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM