I am just testing out Apis in my local and they all seem to work pretty good with localhost:8080. So i just uploaded the whole application to ec2 instance.
I uploaded my Local Springboot Application to the Ec2 instance, got the vpc, public & private subnets, got proper route tables, and when i try java -jar demoApplication-SNAPSHOT.jar from my SSH terminal, it seems to be running on port 8081 in the server. But when i try to click on the public ipv4 DNS address on ec2 instance, it says the site is not reachable.
I have allowed the chrome browser through firewall too but even that isn't working. Any help on this will be gladly appreciated!
below is the snippet from postman for the reference.
enter image description here
Related
My problem is that I want to run an application on an AWS EC2 instance on port 3000. I then want to be able to access it from the internet using http:/PUBLIC_IP:3000. The problem is that when I am running the application on the EC2 instance, it runs on the private IP - and therefore I cant access it from the internet. How would I make sure that the app will run on the public ip, or how would I set it up, so I can access the application over the internet?
I tried to find a solution online, but some hours later I find myself in here.
Thank you for your help. It was very helpful in debugging the error. It turned out that the security group of the EC2 instance was not allowing traffic on port 3000 so I had to add that - and then it worked.
I furthermore had trouble putting it behind a Load Balancer. The solution to that was that it was a webpack application and in .webpack there is a configuration file where you can add e.g., allowedHosts: [.amazonaws.com].
I had EC2 server where I was running my existing application. The EC2 instance was on private subnet and ELB was created in public subnet with access to particular VPN IP. So whenever I was on VPN, I was able to access my application and if I am outside that VPN IP then I wasn't able to access the application.
Now I have created EKS cluster and I am deploying my application using kubectl with docker image of the application. Weird thing is the application works fine whenever I am NOT on VPN (I tweaked security group to allow all traffic from all IPs) and whenever I am on VPN, I receive "ERR_CONNECTION_RESET" in chrome and curl shows - empty response received from server.
Till now I have tried below things. As I am relatively new with EKS, I am not able to find much.
1. Same security group applied - Not resolving
2. Checked logs of all pods - whichever pods I received from "kubectl get po --all-namespaces" - No issues showing up
3. Checked /var/log/messages
4. Tried to change application port
5. kubectl get events not showing anything on why server is sending back empty response.
6. Tried to SSH to node and tried to curl localhost:30080 and it works fine, but when tried to curl from my machine (which is on VPN), it fails with empty response.
Please again note that, the application runs totally fine when I am outside VPN. Further my old application (that is on EC2) runs fine with VPN.
Thanks in advance!
Finally found the issue was with the corporate VPN which was blocking all ports other than 80 and 443. When I was creating the service, I wanted to have ELB to expose port 5000. So I was thinking elb-host:5000 will point to dev service nodeport which was 30080. This was perfectly working when I was NOT on the VPN. But when I was connecting the site using VPN, corporate traffic was blocking port 5000 on ELB. After I changed the port to 80, it started working as expected.
While using nginx, it was creating ELB with port 80 instead of my intended port 5000. I didn't notice that port change and thought that this is happening due to IP blocking.
I have Windows EC2 instance I use for my public-facing C# API. The VPC(and related Internet Gateway, subnets, etc) are all default.
I've now setup an AWS ElasticSearch service using their more secure VPC Endpoint option (instead of public-facing) and I've associated it to the same subnet and vpc as my above Windows EC2 instance.
I'd like to get them to talk to each other.
Reading from https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html
It seems what you'd do is ssh tunnel / port forward traffic from localhost:9200 on the EC2 instance to the actual Elastic Search service (via that VPC endpoint).
It seems this command is where the magic happens:
ssh -i ~/.ssh/your-key.pem ec2-user#your-ec2-instance-public-ip -N -L 9200:vpc-your-amazon-es-domain.region.es.amazonaws.com:443
but that is for a Linux EC2 instance.
If I am Remote Desktopped into my Windows EC2 instance (the API), how can I make it so when I go to a browser, http://localhost:9200
will send traffic to my VPC Endpoint:
vpc-your-amazon-es-domain.region.es.amazonaws.com:443
Thanks!
Alright, so I'll answer my two questions:
First, it's actually quite easy, just RDP to your box and access the instance directly via the VPC endpoint. You don't need to do anything wacky like port forwarding using the netsh command or anything like that. Simply make sure the server (in my case my API) is on the same VPC and you're fine. I just had an error in my connection string that's why it didn't connect. To confirm, I RDP'D in and was able to hit the endpoint directly in a browser on port 80. While it's true the actual Elasticsearch runs on port 9200, you don't need to forward to localhost:9200 --> vpc:9200.
Now, regarding the second question, about hitting it locally, I think the problem is that because this service lacks a public IP address and you can't access it, that you can go through some complicated setup on AWS, or easier is just set it up to run locally for now until you are ready to use the VPC one (and thus your code will just run). Another option is to use security groups and make a publicly accessible cluster for now, and then when your code is done, search service/layer done, etc, you can start anew with a VPC/secure Elasticsearch service and that should be it.
Another thing that many mention is that it is cheaper/you have more control of things if you setup your own Elasticsearch on your local machine, and then set one up on EC2 (this is just reading blogs and seeing people mention how much frustration they had with it).
I am facing a few issues.
I initially had assigned an elastic IP to my micro instance i-38cbc940, but for some reason, after I did that the webpages I had uploaded were not functioning properly (images not loading correctly, etc).
I tested this prior to the elastic IP assignment and such problems were not occurring. So I dissociated the elastic IP address and released it. Then, I reboot my instance.
The problem is, now I cannot view my site in a browser using the public DNS address listed (ec2-23-23-18-52.compute-1.amazonaws.com) or any of its sub-directories.
Things I Know:
My security settings have not changed - I still have the same security group identified with the instance.
httpd.conf file still shows "/var/www/html" as the DocumentRoot.
Every time I navigate to the public DNS address listed...it shows "could not connect" but if I ping it, it works.
If I SSH into the instance in the var/www/html directory, everything is still there, including an index.html file that was viewable before. Also, I can get into the instance through PuTTY.
Also, no sure if it's important, but this is an AmazonEC2-AMI/Apache/MySQL server with Wordpress CMS installed.
Any ideas on what could be going on here?
you need to check the apache conf for any hardocoded dns entries of your instance amazon dns and also check your code for any referrals to the amazon dns of your instance.
I have a free Amazon EC2 instance. And I installed Apache web server on it. I have the DNS record for my domain point to the ip for the EC2 instance. I can not access to my website. Then I looked up and allow the http inbound. But I still failed to access my web? What might be the reason. Anybody gives me a clue?
Go to the AWS management console and look at the Security Group the instance is in. Then make sure you have the port open that you are trying to connect to (most likely 80). To open it to the world set the ip range to 0.0.0.0/0 and to open it to a specific ip (like only your house) set it to xxx.xxx.xxx.xxx/32.
That is almost always the reason people have problems connecting when they are new to AWS. I wrote this post, which should help get you setup.