Re: unable to nodetool to remote EC2

[ramesh]

On 05/22/2012 12:45 AM, Tamar Fraenkel wrote: Thanks for the response. But it still does not work. I am running the script from a git bash on my windows 7. adding some debug prints, this is what I am running ssh -i key.pem -N -f -D8123 ubuntu@ec2-*.amazonaws.com ssh pid = 11616 /c/PROGRA~2/Java/jdk1.7.0_02/bin/jconsole.exe -J-DsocksProxyHost=localhost -J-DsocksProxyPort=8123 service:jmx:rmi:///jndi/rmi://ec2-*.amazonaws.com:7199/jmxrmi Still getting "channel 2: open failed: connect failed: Connection timed out" Any further idea? Where are you running the script. Thanks Tamar Fraenkel  Senior Software Engineer, TOK Media  ta...@tok-media.com Tel:   +972 2 6409736  Mob:  +972 54 8356490  Fax:   +972 2 5612956  On Mon, May 21, 2012 at 11:00 PM, ramesh <dbgroup...@gmail.com> wrote: On 05/21/2012 03:55 AM, Tamar Fraenkel wrote: Hi! I am trying the tunnel and it fails. Will be gratefull for some hints: I defined proxy_host = ubuntu@my_ec2_cassandra_node_public_ip proxy_port = 22 I do: ssh -N -f -i /c/Users/tamar/.ssh/Amazon/tokey.openssh -D22 ubuntu@my_ec2_cassandra_node_public_ip I put some debug prints and I can see that the ssh_pid is indeed the correct one. I run jconsole -J-DsocksProxyHost=localhost -J-DsocksProxyPort=22 service:jmx:rmi:///jndi/rmi://my_ec2_cassandra_node_public_ip:7199/jmxrmi I get errors and it fails: channel 2: open failed: connect failed: Connection timed out One note though, I can ssh to that vm using  ssh -i /c/Users/tamar/.ssh/Amazon/tokey.openssh -D22 ubuntu@my_ec2_cassandra_node_public_ip without being prompted for PW. Any help appreciated Tamar Fraenkel  Senior Software Engineer, TOK Media  ta...@tok-media.com Tel:   +972 2 6409736  Mob:  +972 54 8356490  Fax:   +972 2 5612956  On Fri, May 18, 2012 at 9:49 PM, ramesh <dbgroup...@gmail.com> wrote: On 05/18/2012 01:35 PM, Tyler Hobbs wrote: Your firewall rules need to allow TCP traffic on any port >= 1024 for JMX to work.  It initially connects on port 7199, but then the client is asked to reconnect on a randomly chosen port. You can open the firewall, SSH to the node first, or set up something like this: http://simplygenius.com/2010/08/jconsole-via-socks-ssh-tunnel.html On Fri, May 18, 2012 at 1:31 PM, ramesh <dbgroup...@gmail.com> wrote: I updated the cassandra-env.sh $JMX_HOST="10.20.30.40" JVM_OPTS="$JVM_OPTS -Djava.rmi.server.hostname=$JMX_HOST" netstat -ltn shows port 7199 is listening. I tried both public and private IP for connecting but neither helps. However, I am able to connect locally from within server.  I get this error when I remote: Error connection to remote JMX agent! java.rmi.ConnectException: Connection refused to host: 10.20.30.40; nested exception is: java.net.ConnectException: Connection timed out at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:601) at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:198) at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:184) at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:110) at javax.management.remote.rmi.RMIServerImpl_Stub.newClient(Unknown Source) at javax.management.remote.rmi.RMIConnector.getConnection(RMIConnector.java:2329) at javax.management.remote.rmi.RMIConnector.connect(RMIConnector.java:279) at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:248) at org.apache.cassandra.tools.NodeProbe.connect(NodeProbe.java:144) at org.apache.cassandra.tools.NodeProbe. (NodeProbe.java:114) at org.apache.cassandra.tools.NodeCmd.main(NodeCmd.java:623) Caused by: java.net.ConnectException: Connection timed out at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:351) at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:213) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:200) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366) at java.net.Socket.connect(Socket.java:529) at java.net.Socket.connect(Socket.java:478) at java.net.Socket. (Socket.java:375) at java.net.Socket. (Socket.java:189) at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:22) at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:128) at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:595) ... 10 more Any help appreciated. Regards Ramesh -- Tyler Hobbs DataStax   It helped. Thanks Tyler for the info and the link to the post. Regards Ramesh Hello Tamar, In your bash file, where you ssh , pass the .pem as well :  # start up a background ssh tunnel on the desired port     ssh -i mypem.pem -N -f -D$proxy_port $proxy_host Here is the entire code --------------------------------------------------------------------------------------------------- #!/bin/bash function jc {  # set this to the host you'll proxy through.     proxy_host="ubu...@ec2-xx-xx-xx-xx.compute-1.amazonaws.com"     host=$1     jmxport=7199 # as specified by JMX_PORT in cassandra-env.sh     proxy_port=${2:-8123}     if [ "x$host" = "x" ]; then         echo "Usage: jc  [proxy port]"         return 1     fi     # start up a background ssh tunnel on the desired port     ssh -i mypem.pem -N -f -D$proxy_port $proxy_host     # if the tunnel failed to come up, fail gracefully.     if [ $? -ne 0 ]; then         echo "Ssh tunnel failed"         return 1     fi     ssh_pid=`ps awwwx | grep "[s]sh -N -f -D$proxy_port" | awk '{print $1}'`     echo "ssh pid = $ssh_pid"     # Fire up jconsole to your remote host     jconsole -J-DsocksProxyHost=localhost -J-DsocksProxyPort=$proxy_port \         service:jmx:rmi:///jndi/rmi://${host}:${jmxport}/jmxrmi     # tear down the tunnel     kill $ssh_pid } Hi Tamar, Not very sure about windows. But I guess Cygwin does help run scripts on windows. Try to keep the script file in the same directory where your pem files are and then try to ssh from within directory where your pem file and script file is, that might prevent any conflict while accessing either of the files. HTH regards, Ramesh