Hi all, I’m trying to get RedPanda running, but can’t seem to connect unless I ssh into the machine. I can’t telnet to the expected port either, so it seems I’m being blocked somewhere along the lines.
Here’s my fly.toml
# fly.toml file generated for redpanda-1 on 2022-07-20T15:21:47-04:00
app = "redpanda-1"
kill_signal = "SIGINT"
kill_timeout = 5
processes = 
image = "docker.redpanda.com/vectorized/redpanda:v22.1.6"
allowed_public_ports = 
auto_rollback = true
destination = "/var/lib/redpanda/data"
source = "redpanda_poc"
redpanda = "redpanda start --overprovisioned --smp 1 --memory 1G --reserve-memory 0 --node-id 0 --check=false --kafka-addr FLY://0.0.0.0:29092 --advertise-kafka-addr FLY://redpanda-1.internal:29092"
if I fly ssh into the console, I can connect with their cli on 29092 as expected. But if I set up a wireguard connection (that I can use to access a psql box on the same account), I can’t connect:
telnet redpanda-1.internal 29092
telnet: connect to address fdaa:0:4939:a7b:ab2:1:4e05:2: Connection refused
telnet: Unable to connect to remote host
Is there something to configure in my fly.toml to permit access that I’m not seeing? (Not publicly, just privately)
I can ping this machine, but not telnet to that port, which I assume means the port is blocked. Is that a reasonable assumption?
No, we don’t block ports over the internal private network.
I think it’s not listening on IPv6. Does the
--kafka-addr control how it listens? This tells it to listen on IPv4 only:
Thanks @kurt - That does seem like it’s getting at the issue, though I’m still struggling to be able to reach the machine.
They asked me to create a discussion issue on their end. So here’s a little more detail on where I’m at.
The big one is that:
redpanda start --overprovisioned --smp 1 --memory 1G --reserve-memory 0 --node-id 0 --check=false --kafka-addr FLY://[::1]:9092 --advertise-kafka-addr FLY://redpanda-1.internal:9092
Still does not work from my wireguard-connected mac. But
rpk topic list --brokers "[::1]:9092" DOES work if I fly ssh into the machine
Sorry @kurt I did not answer your question regarding --kafka-addr. Yes. --kafka-addr determines what networks it is listening on internally, and --advertise-kafka-addr determines how it’s supposed to be reached from the outside world. the “FLY” prefix just connects the external to the internal listeners.
I’m afraid I don’t really understand why these values need to be set independently. Specifically the --advertise-kafka-addr parameter.