Centos7

Munin伺服器無法連接到節點

  • December 22, 2020

我想添加一個執行 CentOS 7 的新節點,由我的 munin 伺服器(CentOS 7)監控,但它無法連接到它。它可以很好地連接到我的其他節點(也是 CentOS 7),並且能夠 ping 有問題的新節點:

[root@australium ~]# ping my-munin-node
PING my-munin-node (132.229.44.220) 56(84) bytes of data.
64 bytes from my-munin-node (132.229.44.220): icmp_seq=1 ttl=63 time=0.597 ms
[root@australium ~]# ncat 132.229.44.220 4949
Ncat: No route to host.

據我所知,我的防火牆不應該阻止它:

[root@my-munin-node ~]# iptables -S | grep 4949
-A IN_public_allow -p tcp -m tcp --dport 4949 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT

這是詳細的 ncat 輸出:

[root@australium ~]# ncat -vvvv 132.229.44.220 4949
Ncat: Version 7.50 ( https://nmap.org/ncat )
NCAT DEBUG: Using system default trusted CA certificates and those in /usr/share/ncat/ca-bundle.crt.
NCAT DEBUG: Unable to load trusted CA certificates from /usr/share/ncat/ca-bundle.crt: error:02001002:system library:fopen:No such file or directory
libnsock nsi_new2(): nsi_new (IOD #1)
libnsock msevent_new(): msevent_new (IOD #1) (EID #8)
libnsock nsock_connect_tcp(): TCP connection requested to 132.229.44.220:4949 (IOD #1) EID 8
libnsock nsp_add_event(): NSE #8: Adding event
libnsock nsock_loop(): nsock_loop() started (no timeout). 1 events pending
libnsock nsock_trace_handler_callback(): Callback: CONNECT ERROR [No route to host (113)] for EID 8 [132.229.44.220:4949]
Ncat: No route to host.

任何潛在的解決方案或指針都將受到歡迎。

顯然,我的客戶仍然阻止了該 IP。我無法找到如何查看或確認這一點,但明確添加我的 munin 伺服器的 ip 已經解決了這個問題:

[root@my-munin-node ~]# firewall-cmd --permanent --add-source=132.229.44.132
You're performing an operation over default zone ('public'),
but your connections/interfaces are in zone 'internal,external' (see --get-active-zones)
You most likely need to use --zone=internal option.

success
[root@my-munin-node ~]# firewall-cmd --permanent --zone=internal --add-source=132.229.44.132
Error: ZONE_CONFLICT: 132.229.44.132
[root@my-munin-node ~]# systemctl restart firewalld

引用自:https://serverfault.com/questions/1046945