This is an automated email from the ASF dual-hosted git repository. duncangrant pushed a commit to branch ruby-3 in repository https://gitbox.apache.org/repos/asf/brooklyn-docs.git
commit 22ef529063c3b7beb3e681fa42f240b65c2064ca Merge: c26c8b9 ba27cf1 Author: Alex Heneveld <[email protected]> AuthorDate: Tue Sep 4 14:13:56 2018 +0100 Merge commit 'ba27cf1b' into release-5.0-reverted-222 merged with conflicts, will be reverted guide/_layouts/website/page.html | 15 +++ guide/blueprints/index.md | 3 + guide/blueprints/setting-locations.md | 3 + guide/blueprints/test/test-entities.md | 3 + guide/blueprints/test/usage-examples.md | 3 + guide/ops/gui/blueprints.md | 3 + guide/ops/gui/index.md | 3 + guide/ops/index.md | 3 + guide/ops/production-installation.md | 3 + guide/ops/troubleshooting/connectivity.md | 153 ++++++++++++++++++++++++++++++ guide/ops/troubleshooting/index.md | 3 + guide/start/index.md | 3 + guide/start/managing.md | 3 + 13 files changed, 201 insertions(+) diff --cc guide/blueprints/index.md index 01ab184,a34c4c2..8d8e1dc --- a/guide/blueprints/index.md +++ b/guide/blueprints/index.md @@@ -1,29 -1,4 +1,32 @@@ --- title: Writing Blueprints -partial-summary-depth: 1 +layout: website-normal +children: +- creating-yaml.md +- entity-configuration.md +- setting-locations.md +- configuring-vms.md +- multiple-services.md +- custom-entities.md +- catalog/ +- clusters.md +- enrichers.md +- policies.md +- effectors.md +- clusters-and-policies.md +- java/ +- winrm/ +- test/ +- ansible/ +- chef/ +- salt/ +- advanced-example.md +- blueprinting-tips.md +- { path: yaml-reference.md, title: YAML Blueprint Reference } --- ++<<<<<<< HEAD + + +{% include list-children.html %} ++======= ++>>>>>>> ba27cf1b diff --cc guide/blueprints/setting-locations.md index 91efc5f,9f6f53f..41162fd --- a/guide/blueprints/setting-locations.md +++ b/guide/blueprints/setting-locations.md @@@ -1,11 -1,6 +1,14 @@@ --- title: Setting Locations +layout: website-normal +toc: ../guide_toc.json +categories: [use, guide, defining-applications] --- ++<<<<<<< HEAD + +{% include fields.md %} ++======= ++>>>>>>> ba27cf1b Brooklyn supports a very wide range of target locations. With deep integration to [Apache jclouds](https://jclouds.apache.org), most well-known clouds diff --cc guide/blueprints/test/test-entities.md index 37604a1,e29f4e2..02ec3d6 --- a/guide/blueprints/test/test-entities.md +++ b/guide/blueprints/test/test-entities.md @@@ -1,10 -1,6 +1,13 @@@ --- title: Blueprint Test Entities +title_in_menu: Test Entities +layout: website-normal --- ++<<<<<<< HEAD + +{% include fields.md %} ++======= ++>>>>>>> ba27cf1b ## Structural Test Entities diff --cc guide/blueprints/test/usage-examples.md index 08d88e3,11302aa..f5b6fa1 --- a/guide/blueprints/test/usage-examples.md +++ b/guide/blueprints/test/usage-examples.md @@@ -1,17 -1,11 +1,20 @@@ --- title: Example Blueprint Tests +title_in_menu: Example Tests +layout: website-normal --- ++<<<<<<< HEAD + +{% include fields.md %} ++======= ++>>>>>>> ba27cf1b ## Introduction -This section describes some simple tests based on the [Getting Started]({{book.path.docs}}/start/blueprints.md#launching-from-a-blueprint) example blueprint: +This section describes some simple tests based on the [Getting Started]({{ site.path.guide }}/start/blueprints.html#launching-from-a-blueprint) example blueprint: -!CODEFILE "../../start/_my-web-cluster.yaml" +{% highlight yaml %} +{% readj /guide/start/_my-web-cluster.yaml %} +{% endhighlight %} The following sections contain yaml snippets that be appended to the list of services in the blueprint above, a complete blueprint is also provided [below](#full-example). diff --cc guide/ops/gui/blueprints.md index 8c67f9b,19cd16b..d4f5633 --- a/guide/ops/gui/blueprints.md +++ b/guide/ops/gui/blueprints.md @@@ -1,13 -1,6 +1,16 @@@ --- title: Deploying Blueprints +layout: website-normal +menu_parent: index.md +children: +- { section: Launching from a Blueprint, title: Launching from a Blueprint } +- { section: Launching from the Catalog, title: Launching from the Catalog } --- ++<<<<<<< HEAD + +{% include fields.md %} ++======= ++>>>>>>> ba27cf1b ## Launching from a Blueprint diff --cc guide/ops/gui/index.md index 48bd620,39f8666..e009324 --- a/guide/ops/gui/index.md +++ b/guide/ops/gui/index.md @@@ -1,11 -1,4 +1,14 @@@ --- +layout: website-normal title: GUI Guide -partial-summary-depth: 1 +children: +- running.md +- blueprints.md +- managing.md +- policies.md --- ++<<<<<<< HEAD + +{% include list-children.html %} ++======= ++>>>>>>> ba27cf1b diff --cc guide/ops/index.md index 29b5061,08da813..3087a2f --- a/guide/ops/index.md +++ b/guide/ops/index.md @@@ -1,23 -1,4 +1,26 @@@ --- title: Reference Guide -partial-summary-depth: 1 +started-pdf-exclude: true +layout: website-normal +children: +- production-installation.md +- starting-stopping-monitoring.md +- server-cli-reference.md +- cli/ +- gui/ +- rest.md +- configuration/ +- persistence/ +- high-availability/ +- logging.md +- externalized-configuration.md +- requirements.md +- upgrade.md +- security-guidelines.md +- troubleshooting/ --- ++<<<<<<< HEAD + +{% include list-children.html %} ++======= ++>>>>>>> ba27cf1b diff --cc guide/ops/production-installation.md index 7825bdc,33aa80e..ede0774 --- a/guide/ops/production-installation.md +++ b/guide/ops/production-installation.md @@@ -1,9 -1,6 +1,12 @@@ --- +layout: website-normal title: Production Installation --- ++<<<<<<< HEAD + +{% include fields.md %} ++======= ++>>>>>>> ba27cf1b To install Apache Brooklyn on a production server: diff --cc guide/ops/troubleshooting/connectivity.md index 0ec7139,6da18ec..cfe477c --- a/guide/ops/troubleshooting/connectivity.md +++ b/guide/ops/troubleshooting/connectivity.md @@@ -1,7 -1,154 +1,160 @@@ --- +layout: website-normal title: Troubleshooting Server Connectivity Issues in the Cloud +toc: /guide/toc.json --- ++<<<<<<< HEAD ++======= + + A common problem when setting up an application in the cloud is getting the basic connectivity right - how + do I get my service (e.g. a TCP host:port) publicly accessible over the internet? + + This varies a lot - e.g. Is the VM public or in a private network? Is the service only accessible through + a load balancer? Should the service be globally reachable or only to a particular CIDR? + + This guide gives some general tips for debugging connectivity issues, which are applicable to a + range of different service types. Choose those that are appropriate for your use-case. + + ## VM reachable + If the VM is supposed to be accessible directly (e.g. from the public internet, or if in a private network + then from a jump host)... + + ### ping + Can you `ping` the VM from the machine you are trying to reach it from? + + However, ping is over ICMP. If the VM is unreachable, it could be that the firewall forbids ICMP but still + lets TCP traffic through. + + ### telnet to TCP port + You can check if a given TCP port is reachable and listening using `telnet <host> <port>`, such as + `telnet www.google.com 80`, which gives output like: + + ~~~ + Trying 31.55.163.219... + Connected to www.google.com. + Escape character is '^]'. + ~~~ + + If this is very slow to respond, it can be caused by a firewall blocking access. If it is fast, it could + be that the server is just not listening on that port. + + ### DNS and routing + If using a hostname rather than IP, then is it resolving to a sensible IP? + + Is the route to the server sensible? (e.g. one can hit problems with proxy servers in a corporate + network, or ISPs returning a default result for unknown hosts). + + The following commands can be useful: + + * `host` is a DNS lookup utility. e.g. `host www.google.com`. + * `dig` stands for "domain information groper". e.g. `dig www.google.com`. + * `traceroute` prints the route that packets take to a network host. e.g. `traceroute www.google.com`. + + ## Proxy settings + Depending on the type of location, brooklyn might use HTTP to provision machines (clocker, jclouds). If the host environment defines proxy settings, these might interfere with the reachability of the respective HTTP service. + + One such case is using VirtualBox with host-only or private internal network settings, while using an external proxy for accessing the internet. It is clear that the external proxy won't be able to route HTTP calls properly, but that might not be clear when reading the logs (although brooklyn will present the failing URL). + + Try accessing the web-service URLs from a browser via the proxy, or perhaps try running brooklyn with proxy disabled: + + ~~~ + export http_proxy= + bin/brooklyn launch + ~~~ + + If a system-level proxy server has been configured, you can instruct brooklyn to use the proxy server by passing `-Djava.net.useSystemProxies=true` to the JVM + + ## Service is listening + + ### Service responds + Try connecting to the service from the VM itself. For example, `curl http://localhost:8080` for a + web-service. + + On dev/test VMs, don't be afraid to install the utilities you need such as `curl`, `telnet`, `nc`, + etc. Cloud VMs often have a very cut-down set of packages installed. For example, execute + `sudo apt-get update; sudo apt-get install -y curl` or `sudo yum install -y curl`. + + ### Listening on port + Check that the service is listening on the port, and on the correct NIC(s). + + Execute `netstat -antp` (or on OS X `netstat -antp TCP`) to list the TCP ports in use (or use + `-anup` for UDP). You should expect to see the something like the output below for a service. + + ~~~ + Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name + tcp 0 0 :::8080 :::* LISTEN 8276/java + ~~~ + + In this case a Java process with pid 8276 is listening on port 8080. The local address `:::8080` + format means all NICs (in IPv6 address format). You may also see `0.0.0.0:8080` for IPv4 format. + If it says 127.0.0.1:8080 then your service will most likely not be reachable externally. + + Use `ip addr show` (or the obsolete `ifconfig -a`) to see the network interfaces on your server. + + For `netstat`, run with `sudo` to see the pid for all listed ports. + + ## Firewalls + On Linux, check if `iptables` is preventing the remote connection. On Windows, check the Windows Firewall. + + If it is acceptable (e.g. it is not a server in production), try turning off the firewall temporarily, + and testing connectivity again. Remember to re-enable it afterwards! On CentOS, this is `sudo service + iptables stop`. On Ubuntu, use `sudo ufw disable`. On Windows, press the Windows key and type 'Windows + Firewall with Advanced Security' to open the firewall tools, then click 'Windows Firewall Properties' + and set the firewall state to 'Off' in the Domain, Public and Private profiles. + + If you cannot temporarily turn off the firewall, then look carefully at the firewall settings. For + example, execute `sudo iptables -n --list` and `iptables -t nat -n --list`. + + ## Cloud firewalls + Some clouds offer a firewall service, where ports need to be explicitly listed to be reachable. + + For example, [security groups for EC2-classic] + (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html#ec2-classic-security-groups) + have rules for the protocols and ports to be reachable from specific CIDRs. + + Check these settings via the cloud provider's web-console (or API). + + ## Quick test of a listener port + It can be useful to start listening on a given port, and to then check if that port is reachable. + This is useful for testing basic connectivity when your service is not yet running, or to a + different port to compare behaviour, or to compare with another VM in the network. + + The `nc` netcat tool is useful for this. For example, `nc -l 0.0.0.0 8080` will listen on port + TCP 8080 on all network interfaces. On another server, you can then run `echo hello from client + | nc <hostname> 8080`. If all works well, this will send "hello from client" over the TCP port 8080, + which will be written out by the `nc -l` process before exiting. + + Similarly for UDP, you use `-lU`. + + You may first have to install `nc`, e.g. with `sudo yum install -y nc` or `sudo apt-get install netcat`. + + ### Cloud load balancers + For some use-cases, it is good practice to use the load balancer service offered by the cloud provider + (e.g. [ELB in AWS](http://aws.amazon.com/elasticloadbalancing/) or the [Cloudstack Load Balancer] + (http://docs.cloudstack.apache.org/projects/cloudstack-installation/en/latest/network_setup.html#management-server-load-balancing)) + + The VMs can all be isolated within a private network, with access only through the load balancer service. + + Debugging techniques here include ensuring connectivity from another jump server within the private + network, and careful checking of the load-balancer configuration from the Cloud Provider's web-console. + + ### DNAT + Use of DNAT is appropriate for some use-cases, where a particular port on a particular VM is to be + made available. + + Debugging connectivity issues here is similar to the steps for a cloud load balancer. Ensure + connectivity from another jump server within the private network. Carefully check the NAT rules from + the Cloud Provider's web-console. + + ### Guest wifi + It is common for guest wifi to restrict access to only specific ports (e.g. 80 and 443, restricting + ssh over port 22 etc). + + Normally your best bet is then to abandon the guest wifi (e.g. to tether to a mobile phone instead). + + There are some unconventional workarounds such as [configuring sshd to listen on port 80 so you can + use an ssh tunnel](http://askubuntu.com/questions/107173/is-it-possible-to-ssh-through-port-80). + However, the firewall may well inspect traffic so sending non-http traffic over port 80 may still fail. ++>>>>>>> ba27cf1b +{% readj _connectivity.md %} diff --cc guide/ops/troubleshooting/index.md index 331e267,fa080e4..1b4f28a --- a/guide/ops/troubleshooting/index.md +++ b/guide/ops/troubleshooting/index.md @@@ -1,18 -1,4 +1,21 @@@ --- title: Troubleshooting -partial-summary-depth: 1 +layout: website-normal +children: +- { path: overview.md, title: Overview } +- { path: web-console-issues.md, title: Web Console Issues } +- { path: deployment.md, title: Deployment } +- { path: connectivity.md, title: Server Connectivity } +- { path: slow-unresponsive.md, title: Brooklyn Slow or Unresponsive } +- { path: increase-entropy.md, title: Increase Entropy } +- { path: increase-system-resource-limits.md, title: Increase System Resource Limits } +- { path: detailed-support-report.md, title: Detailed Support Report } +- { path: softwareprocess.md, title: SoftwareProcess Entities } +- { path: going-deep-in-java-and-logs.md, title: Going Deep in Java and Logs } +- { path: memory-usage.md, title: Monitoring Memory Usage } --- ++<<<<<<< HEAD + +{% include list-children.html %} ++======= ++>>>>>>> ba27cf1b diff --cc guide/start/index.md index aa14f22,bc89a5a..331aec8 --- a/guide/start/index.md +++ b/guide/start/index.md @@@ -1,15 -1,4 +1,18 @@@ --- +layout: website-normal title: Getting Started -partial-summary-depth: 1 +usermanual-pdf-exclude: true +children: +- running.md +- blueprints.md +- managing.md +- policies.md +- concept-quickstart.md --- ++<<<<<<< HEAD + +{% include list-children.html %} + + ++======= ++>>>>>>> ba27cf1b diff --cc guide/start/managing.md index c1f432e,eb5072c..5f667cb --- a/guide/start/managing.md +++ b/guide/start/managing.md @@@ -1,15 -1,3 +1,18 @@@ ++<<<<<<< HEAD +--- +title: Monitoring and Managing Applications +title_in_menu: Monitoring and Managing Applications +layout: website-normal +menu_parent: index.md +children: +- { section: Applications } +- { section: Entities } +- { section: Sensors } +- { section: Effectors } +- { section: Activities } +--- ++======= ++>>>>>>> ba27cf1b
