Calling node API from other server (VM)?


#1

Is there any way that I can call cardano API from other VM in the same network?

I have a tiny service that listening several coins including ADA so that I can notice who received coin from outside of world.

I am running cardano node on ubuntu machine like below.
$ nix-build -A connectScripts.mainnet.wallet -o connect-to-mainnet
$ ./connect-to-mainnet

netstat shows like this
tcp 0 0 localhost:8090 *:* LISTEN


#2

Discaimer: I’m not that strong on the networking, just a developer here :slight_smile:

I think the most secure way would be to run a “standard” service with an exposed REST API on the server with the running node and create\expose only the endpoints you really need that would proxy calls to the node, or even process data locally and send only what you need.

Maybe @werkof or @_ilap could help more on the networking part? Or other specialists I failed to remember (sorry :slight_smile: ).


#3

as you already showed it’s listening on localhost… so it’s not bound to the public IP/interface of the host.

So @vantuz-subhuman suggestion is a possible solution and could be achieved with https://www.stunnel.org/static/stunnel.html

Or you edit launcher-config.yaml (same location as carano-launcher and cardano-node executables)

- --wallet-address
- 127.0.0.1:8090

by replacing 127.0.0.1 with your VMs LAN/WAN IP address.

Now when you start Daedalus it will launch both the node and the client. Daedalus will not be able to connect to the network, but thats ok, because now you can from remote (don’t forget about iptables and other possible hurdles)


#4

Note: you should expect that (using Charles’ words) “many things will change soon”. And this probably will affect this solution from v1.3 on.


#5

I could solve my issue with the following commands on ubuntu 16.04

$ sudo sysctl -w net.ipv4.conf.all.route_localnet=1
$ sudo iptables -t nat -A PREROUTING -p tcp --dport 8090 -j DNAT --to-destination 127.0.0.1:8090