I created a java app and I deployed into a Google Cloud Compute Engine, then I created a Load Balancer, but when I try to access to Load Balancer Frontend IP with port 443 it redirect to port 80
You can create forwarding rules that reference an IP address and port(s) on which Load balancer accepts traffic. Here are the conceps for forwarding rules 1.
IP address specification 2
To add a forwarding rule, please follow the steps here 3
Related
I have created Load Balancer on AWS EC2. But when I open URL with https I get such error:
ERR_SSL_PROTOCOL_ERROR
I have port following port conf. for LB
My app is running on port 3000. Can anyone help to solve this issue?
port 80 should redirect to port 443
443 should talk to an endpoints using port 3000
please remember about opening up relevant ports on security groups.
I have a domain name mydomain.com registered on amazon route 53.
I have an EC2 instance in which I installed a docker portainer image under 9000 port.
My docker image run perfectly under ec2 public ip address:
http://xxx.xxx.xxx.xxx:9000
What I want now is to create a subdomain: portainer.mydomain.com and pointed it to my EC2 portainer instance.
When I try to create a new record set portainer.mydomaon.com and point it to my docker image instance I can't specify the port value.
I know I miss something, I'm on my beginning on DNS domains.
Route 53 is a DNS resolver. Its job is to resolve domain to ip address. It has nothing to do with port.
But there are some alternatives:
Add a secondary ip to the instance to host multiple websites and bind them to port 80. You add an additional ip by attaching elastic network interface (ENI).
Add Application Load Balancer with host based routing (you will get much more control, you can even do path based routing as well). See: Listeners for Your Application Load Balancers - Elastic Load Balancing
S3 redirection (Route 53 Record Set on Different Port)
I have created VM instance on google cloud platform in which I have installed NiFi. There are two types of Ip addresses:
1) Internal IP
2) External IP
Now, when I start NiFi services it is hosting its services on Internal IP but when I try to access external IP via local browser I am unable to access it since its a private IP. I tried creating a firewall rule with Ingress option and which will listen to all IP's and port number 8080 but of no use.
So where am I going wrong?? I tried searching for relevant solutions but no luck.
Attaching screenshot of the firewall config:
Please help me with some links / solutions.
Your issue is a misunderstanding of how ip works in google cloud.
You have two types of ip as you stated, internal ip is for communication between the computes instances and services inside the google cloud vpc. The important part is that it works only in google cloud on your project and that is the internal ip of your instance.
External ip is an optional ip that is attributed to the instance to allow external communication, so not from google cloud, as from your browser for example. But this external IP is not really known to your instance, that's what confused you, but don't worry, if you try to access your 8080 port on the external ip you won't have any errors and should see your app.
I solved my problem in below ways:
1) I edited my VM and unchecked allow https traffic option.
2) I changed my NiFi listener port from 8080 to 80 since 8080 is blocked in my organization.
No firewalls added. Atleast it worked for me
I have a single ec2 instance running a website behind an elastic load balancer in aws. Mainly because I want to use Amazon's new and free ssl for https.
my challenge is, I need to whitelist my IP address in the security groups so that I am the only person that can see this website (and I can selectively add people as needed).
I've successfully whitelisted my IP address without a load balancer. my challenge is white listing my IP address with the load balancer proxy between my IP address and my ec2 instance.
it appears as if my ec2 instance will not register with the load balancer because the security group for my ec2 does not allow incoming traffic from any IP address except for my own.
I am looking for a way for my load balancer to be able to health check my ec2, yet only allow specific whitelisted ips actually see the website.
If you are using a VPC (which you really should be) then you will have a Security Group attached to the load balancer. That's where you will whitelist IP addresses. The EC2 server just needs to whitelist the Load Balancer's security group.
You can visualize it like this:
Your IP -> Security Group 1 -> Load Balancer -> Security Group 2 -> EC2 Instance(s)
Security Group 1 verifies the IP address is on the whitelist, and allows the traffic through to the load balancer. The Load Balancer sends the traffic along to one of the instances in the pool. Security Group 2 verifies that the traffic is coming from something that belongs to Security Group 1 (the load balancer), which has been whitelisted, and allows it to pass through to the EC2 instance.
I was able to solve the issue, by changing the security group of the EC2 to allow incoming http connections on port 80 from the security group assigned to my load balancer.
and then my load balancer itself allows incoming HTTP traffic on port 80 from anywhere.
so I guess the trick here is, you can allow incoming connections from an IP or a security group.
I tried to set up a network load balancer on google cloud but the heath check always returns unhealthy.
I give you the steps that i did follow
I created two windows servers 2012 R2 instances
I checked that the port 80 is open to public over both instances
I created the forwarding rules and Google Cloud gave me a External IP
I set up the external IP in a Network loopback interface on both server instances
I created a Network Route that forwarding the traffic on both instances (route menu)
I created another Network Route for the 169.254.169.254/32 (Source of Network load balancer traffic) and Pointing to both windows instances server
I created the same site (example.com) on IIS 8 in both instances server and the site is running correctly.
The DNS settings of the domain example.com is pointing to the external IP google cloud that I using for Network load balancer
I configured the health check
PATH : /
Protocol : HTTP
HOST: example.com
Session Afinity : Client IP
I created a Target Pool and I added both server instances and heath check
I Asigned the target pool to forwarding rule
When I select the Target Pool option, both instances marked as Unhealthy for the external IP that Google cloud gave me and I don't know why this happens.
I see the web page is switching the server instances randomly all the time.
Your Help is apreciated!, thank you!
You don't need to add any GCE Network Route.
The GCE agent is taking care of adding the load balancer IP to the VM's network configuration. There is no need to do it manually. https://github.com/GoogleCloudPlatform/compute-image-windows
IIS must respond to requests on the LB IP:
Check the IIS bindings from IIS manager. Reset IIS.
Confirm from netstat that IIS is listening on 0.0.0.0 or the load balanced IP.
Access the LB IP from one of the servers. It should work.
The GCE firewall must allow traffic from the clients' IPs and also from the metadata server (169.254.169.254). The metadata server is used for healthchecks.
Network Load Balancing tutorial. https://cloud.google.com/compute/docs/load-balancing/network/example