Connecting observer to remote mahcine via public IP

Fl4m3Ph03n1x · January 24, 2019, 4:35pm

Background

Hello all, I have a machine in production running an elixir application (no access to iex, only to erl) and I am tasked with running an analysis on why we are consuming so much CPU. The idea here would be to launch observer, check the processes tab and see the processes with the most reductions.

How am I connecting?

To connect I am following a tutorial from a blog:

Elixir/Erlang, Running OTP Observer Remotely

Their instructions are as follows:

launch the app in the production machine with a cookie and a name
from local run: ssh user@public_ip "epmd -names" to get the name of the app and the port used
create a ssh tunel to the remote machine: ssh -L 4369:user@public_ip:4369 -L 42877:user@public_ip:42877 user@public_ip (4369 is the epmd port by default, 42877 is the port of the app)
connect to the remote machine via public ip: erl -name "user@public_ip" -setcookie "mah_cookie" -hidden -run observer

Problem

And now in theory I should be able to use observer on the machine. Instead however I am greeted with the following error:

Protocol ‘inet_tcp’: register/listen error: epmd_close

Questions

What am I doing wrong?
I read that in older version of erlang I can’t monitor a machine with observer if they are in different networks (which is the case, because I want to monitor this machine from my localhost) but I didn’t find any information regarding modern days.
If this is in fact impossible, what alternatives do I have?

idi527 · January 24, 2019, 6:21pm

At which step do you get this error? erl -name "user@public_ip" -setcookie "mah_cookie" -hidden -run observer?

Fl4m3Ph03n1x · January 28, 2019, 10:13am

Right after typing it. I assume it would be step 0
In the remote machine, when I try to connect and fail, I get the following error message:

channel 5: open failed: administratively prohibited: open failed

What does it all mean?

After an hour of scouring the dark side of internet, I decided to use sudo journalctl -f to check all the logs of the machine and I found this:

erlang -name: my_app_name
machine user: flame
machine public ip: 99.999.99.999 (obviously not real)

channel 3: open failed: administratively prohibited: open failed
my_app_name sshd[8917]: error: connect_to flame@99.999.99.999: unknown host (Name or service not known)
/scripts/watchdog.sh")
my_app_name CRON[9985]: pam_unix(cron:session): session closed for user flame

so it tells me, unknown host ?? I am confused since 99.999.99.999 is the public IP of the machine itself!

idi527 · January 28, 2019, 8:23pm

What does ifconfig show? Maybe the machine you are running on doesn’t know its public ip.

Fl4m3Ph03n1x · January 28, 2019, 8:32pm

shows the following:

ens4      Link encap:Ethernet  HWaddr 42:01:0a:84:00:10  
          inet addr:10.132.0.16  Bcast:10.132.0.16  Mask:255.255.255.255
          inet6 addr: fe80::4001:aff:fe84:10/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1460  Metric:1
          RX packets:11755 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11770 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:31795901 (31.7 MB)  TX bytes:8658486 (8.6 MB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:57 errors:0 dropped:0 overruns:0 frame:0
          TX packets:57 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:3801 (3.8 KB)  TX bytes:3801 (3.8 KB)

Don’t ask me what any of it means

The public IP is indeed not shown anywhere in the list …

idi527 · January 28, 2019, 9:09pm

Maybe try using the loopback interface to connect to the erlang node after you’ve setup the ssh connection to the remote machine.

Fl4m3Ph03n1x · January 28, 2019, 9:29pm

Can you give a detailed example on how to do that?