Connect to my first target

Hey everyone,

I’m a new user to Boundary and i wanted to know if it’s possible firstly how could i connect to another ip address from my network. I already succeeded the 1st step to start a development environment but i don’t really know how to proceed to start another environment with another ip.

Thank’s in advance.

You don’t really need a whole environment, even, just a single other host would do for creating a target. Are you running boundary dev on your own machine, or are you running one of the Boundary reference architectures from the GitHub repo of them?

Yes i’m running boundary on my own machine and i would like to host another Boundary server on another one.

You have a couple of options:

  • start an application in a container on your machine, and use that as a target
  • provision a cloud instance or service with a public IP you can access from your machine, and use that as a target

But the easiest in dev mode is:

  • run an application directly on your machine, and set that up as a target

Dev mode already creates a host catalog, host set, and host for you that point to localhost. It even creates a target to SSH to localhost, but if your machine isn’t running SSH that won’t work.

What kind of host are you running Boundary on?

I’m running Boundary on my localhost and yes on my machine i’m connecting to my Boundary server on SSH. I followed the tutorial when you show the terminal with creating a token to authenticate yourself on the Boundary website.

If you just want a target that points somewhere else, you can actually define a host that points to a public website hostname and use that for your target – if you’re going to browse through the Boundary proxy with a regular web browser instead of curl, make sure you set the allowed connections in the session to -1 so it’s unlimited. (You might have to deal with TLS warnings in the browser for secure websites since you’ll be browsing to a localhost URL which won’t match any TLS certificate a public website presents.)

If you want a real host that you control to use as a target, I’d probably look at running a free-tier instance in a public cloud (make sure it has a public IP associated so you can connect to it but also make sure you lock down SSH access and network rules so only you can connect to it).

Alright i’ll try by this way then thank’s for helping.

Hey sorry to be back but i don’t know why i still can’t connect my boundary interface on another host than mine. I still can’t launch a boundary dev to another machine and the TLS isn’t a problem from now cause i don’t need to launch more than one session at the same time.
I have that error if you maybe know what does it mean.

image

What command are you using to start Boundary in dev mode and is 192.168.0.200 the correct IP address of the host you’re running it on?

I’m using « boundary dev -api-listen-address=theip:theport ».
And yes i have a machine with that ip address.

There are a large number of reasons why you could be getting that error, unfortunately. It could be that something is already listening on that port; it could be that you don’t have permissions to bind to that interface and/or port via some security policy; etc.

Does boundary dev work if you don’t specify an address, so it binds to localhost?

Yes it works for my localhost if i put " boundary dev " or if i put localhost as the address.

By the way i have a question do we have to install boundary on the target machine or it’s not necessary to start Boundary on the target ip address ?

Nope, you don’t need Boundary installed on target machines. You simply need the worker to be able to make a connection to the target endpoint(s).

Actually i was also trying something similar to @benachour ,so was trying to connect to target with different ip rather than the localhost,and my localhost machine has boundary running in dev and i am using ssh,
so this is the command i am using to connect the target
./boundary connect ssh -target-id ttcp_DuyBXO1E85 -addr=http://xxxxxxxx username boundary

and the session is getting automatically closed
this what the message is:
ssh_exchange_identification: Connection closed by remote host

@omkensey @jeff could you help me out in this

That’s an SSH error. It sounds like whatever authentication you’re trying to use with the remote host (password or SSH keypair) isn’t being accepted by it. Are you sure you have the right credentials or key to log in to it?

yes , I am sure about the credentials , could you tell me what is exactly causing this error

It’s not possible to tell what the cause is from here. Check the SSH server logs on the target, that might give you some info on why it’s rejecting authentication.

Actually going back and looking at this:

./boundary connect ssh -target-id ttcp_DuyBXO1E85 -addr=http://xxxxxxxx username boundary

…if that’s the literal command you’re using except for the XXXX’ed out Boundary URL, you might just be missing the - in front of the -address flag.