Forums

Home / Forums

You need to log in to create posts and topics. Login · Register

Outgoing internet connections from petasan nodes

I have noticed outgoing internet connections from my petasan nodes. These go to various ip addresses but always to port 443. I have tried to connect to several of these ip addresses via a browser as port 443 is usually https, but there are no web pages.

I get thes connections even on a clean build.

Is this expected behavior? If so, why hide it?

No it is something we are not aware of. It could be from one of the installed packages. Can you list the outgoing addresses, what client process and any more detail such as how often and how to check for this ?

Maybe could be this

https://github.com/grafana/grafana/issues/5079

 

try this:
on all nodes /opt/petasan/config/stats/grafana/grafana.ini

# Set to false to disable all checks to https://grafana.net
# for new vesions (grafana itself and plugins), check is used
# in some UI views to notify that grafana or plugin update exists
# This option does not cause any auto updates, nor send any information
# only a GET request to http://grafana.com to get latest versions
;check_for_updates = true

change to
check_for_updates = false
Only on the node running grafana
systemctl status grafana-server

do a restart
/opt/petasan/scripts/stats-stop.sh
/opt/petasan/scripts/stats-setup.sh.sh
/opt/petasan/scripts/stats-start.sh

I found it on our gateway routers while tracing a problem. The subnet that the petasan cluster is on should not originate any outgoing connections but the servers do have to connect to our NTP servers and our syslog servers which are not on the same subnet and must use the gateway subnet to connect to these services.

When I checked the petasan nodes, I couldnt find a log record of the connections nor which script had initiated the connection.

 

I will try to get as full of a list of IP addresses as we have, site names would be problematic due to our dns log sizes assuming that the petasan servers are even using our dns servers.

you can also stop the grafana updates as per above and re-check this.