RedPanda (Kafka clone) - Can't connect

Hi all, I’m trying to get RedPanda running, but can’t seem to connect unless I ssh into the machine. I can’t telnet to the expected port either, so it seems I’m being blocked somewhere along the lines.

Here’s my fly.toml

# fly.toml file generated for redpanda-1 on 2022-07-20T15:21:47-04:00

app = "redpanda-1"
kill_signal = "SIGINT"
kill_timeout = 5
processes = []

  image = ""


  allowed_public_ports = []
  auto_rollback = true

  destination = "/var/lib/redpanda/data"
  source = "redpanda_poc"

  redpanda = "redpanda start --overprovisioned --smp 1 --memory 1G --reserve-memory 0 --node-id 0 --check=false --kafka-addr FLY:// --advertise-kafka-addr FLY://redpanda-1.internal:29092"

if I fly ssh into the console, I can connect with their cli on 29092 as expected. But if I set up a wireguard connection (that I can use to access a psql box on the same account), I can’t connect:

telnet redpanda-1.internal 29092
Trying fdaa:0:4939:a7b:ab2:1:4e05:2...
telnet: connect to address fdaa:0:4939:a7b:ab2:1:4e05:2: Connection refused
telnet: Unable to connect to remote host

Is there something to configure in my fly.toml to permit access that I’m not seeing? (Not publicly, just privately)

I can ping this machine, but not telnet to that port, which I assume means the port is blocked. Is that a reasonable assumption?

No, we don’t block ports over the internal private network.

I think it’s not listening on IPv6. Does the --kafka-addr control how it listens? This tells it to listen on IPv4 only: --kafka-addr FLY://

Thanks @kurt - That does seem like it’s getting at the issue, though I’m still struggling to be able to reach the machine.

They asked me to create a discussion issue on their end. So here’s a little more detail on where I’m at.

The big one is that:

redpanda start --overprovisioned --smp 1 --memory 1G --reserve-memory 0 --node-id 0 --check=false --kafka-addr FLY://[::1]:9092 --advertise-kafka-addr FLY://redpanda-1.internal:9092

Still does not work from my wireguard-connected mac. But rpk topic list --brokers "[::1]:9092" DOES work if I fly ssh into the machine

Sorry @kurt I did not answer your question regarding --kafka-addr. Yes. --kafka-addr determines what networks it is listening on internally, and --advertise-kafka-addr determines how it’s supposed to be reached from the outside world. the “FLY” prefix just connects the external to the internal listeners.

I’m afraid I don’t really understand why these values need to be set independently. Specifically the --advertise-kafka-addr parameter.