[Pulp-list] Access Pulp 3 Api from a remote machine

Mike DePaulo mikedep333 at redhat.com
Fri Sep 27 14:03:27 UTC 2019 

Hi Bin,

In pulplift, which probably uses the default values for these settings in
ansible-pulp, this is how the servers listen by default:
[vagrant at pulp3-source-fedora30 ~]$ sudo netstat -lntp | grep -E ":248|:80"
tcp        0      0 127.0.0.1:24816         0.0.0.0:*               LISTEN
     11871/python3
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
     594/nginx: master p
tcp        0      0 127.0.0.1:24817         0.0.0.0:*               LISTEN
     12007/python3

So when I tried to connect to <ipaddress>:24817 rather than <ipaddress>:80,
I got "connection refused" / "no route to host", not HTTP 403.

And note that under such a setup (with nginx in front), port 80 is the
preferred way to access both pulp-api and pulp-content.

Can you confirm that your netstat looks similar to that? If so, then let's
start looking for reasons why it would differ based on <ipaddress> vs
localhost.

Also, you can run:
sudo journalctl -u pulp-api.service

-Mike

On Thu, Sep 26, 2019 at 1:48 PM Bin Li (BLOOMBERG/ 120 PARK) <
bli111 at bloomberg.net> wrote:

> Mike, we have the .netrc configured. On the pulp server, it works if we
> use localhost:24817 but got 403 error when use <ipaddress>:24817. It looks
> like the Django only allows connection to localhost. We are looking for a
> way to connect from a different host.
>
> From: mikedep333 at redhat.com At: 09/25/19 19:21:51
> To: Bin Li (BLOOMBERG/ 120 PARK ) <bli111 at bloomberg.net>
> Cc: pulp-list at redhat.com
> Subject: Re: [Pulp-list] Access Pulp 3 Api from a remote machine
>
> The http client needs to authenticate with username (default: "admin") and
> password (default: "password" or "admin").
>
> On Linux, Mac and Windows, you can create a ~/.netrc (Windows:
> %HOME%\_netrc ) file that httpie, curl, etc will use:
> https://github.com/bagder/everything-curl/blob/master/usingcurl-netrc.md
>
> -Mike
>
> On Wed, Sep 25, 2019, 4:35 PM Bin Li (BLOOMBERG/ 120 PARK) <
> bli111 at bloomberg.net> wrote:
>
>> Hi, We are trying to access the api on :24817 from remote server. We have
>> add ALLOWED_HOSTS = ['*'] to settings.py and update the gunicorn to bind
>> 0.0.0.0:24817. Still getting a 403 Forbidden error. What else should we
>> update to enable the remote api access?
>>
>> Thanks
>> _______________________________________________
>> Pulp-list mailing list
>> Pulp-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/pulp-list
>
>
>

-- 

Mike DePaulo

He / Him / His

Service Reliability Engineer, Pulp

Red Hat <https://www.redhat.com/>

IM: mikedep333

GPG: 51745404
<https://www.redhat.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20190927/78eb063b/attachment.htm>

More information about the Pulp-list mailing list