I have created an instance of marklogic via Market place and can't connect to 8001 port. Also tried to create ti via Cloud Formation and the same problem can't connect to 8001. I used the guides https://developer.marklogic.com/products/cloud/aws
I double checked several time Security groups and make sure 22 and 8001 are available publicly, but still no luck to connect. Could you advise me what could be the problem?
Believe it or not, but it looks like the answer is in the little note in brackets (NB: MarkLogic AMIs will not run on micro instances). Therefore, I simply tried to create a small instance instead of micro and all worked.
Related
I'm just looking for advice, I can do most of my own research, but I'm not sure where to start. Here's the situation:
I want to be able to deploy 3 vms that have 2 nic's a piece. 1 nic will have a standard IP that AWS provides. The second nic will have a pre-configured internal static IP. Let's say, 192.168.0.100, 101, and 102. That way each vm can talk to each other automatically without needing to know what the external IP is. The purpose of this is so that I can have a small cluster already configured and I won't have to do a lot of work every time I deploy the cluster.
I want this to be repeatable. Let's say I want this for a classroom. Each student has the identical set of clustered VMs. All they need to do is power them on and start working.
So, I think I can do this with Terreform. I don't know if AWS has it's own tooling that can do this also. If it has, I haven't been able to find it yet.
Any suggestions would be greatly appreciated!
In general, every VM gets a private IP, if the VM is public you can assign a public IP which makes the VM accessible from external and also provides internet access, this is be done by source/destination NAT.
https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html
As long as they are part of you VPC CIDR and available you can specify the IP addresses on instance launch. This can be done via AWS Console, API, CLI, CloudFormation and also with Terraform. The AWS native tools for doing it at scale / repeatable is CloudFormation or maybe also a script that runs AWS CLI commands would work.
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/opsworks/create-instance.html
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-network-interface-privateipspec.html
I have Windows EC2 instance I use for my public-facing C# API. The VPC(and related Internet Gateway, subnets, etc) are all default.
I've now setup an AWS ElasticSearch service using their more secure VPC Endpoint option (instead of public-facing) and I've associated it to the same subnet and vpc as my above Windows EC2 instance.
I'd like to get them to talk to each other.
Reading from https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html
It seems what you'd do is ssh tunnel / port forward traffic from localhost:9200 on the EC2 instance to the actual Elastic Search service (via that VPC endpoint).
It seems this command is where the magic happens:
ssh -i ~/.ssh/your-key.pem ec2-user#your-ec2-instance-public-ip -N -L 9200:vpc-your-amazon-es-domain.region.es.amazonaws.com:443
but that is for a Linux EC2 instance.
If I am Remote Desktopped into my Windows EC2 instance (the API), how can I make it so when I go to a browser, http://localhost:9200
will send traffic to my VPC Endpoint:
vpc-your-amazon-es-domain.region.es.amazonaws.com:443
Thanks!
Alright, so I'll answer my two questions:
First, it's actually quite easy, just RDP to your box and access the instance directly via the VPC endpoint. You don't need to do anything wacky like port forwarding using the netsh command or anything like that. Simply make sure the server (in my case my API) is on the same VPC and you're fine. I just had an error in my connection string that's why it didn't connect. To confirm, I RDP'D in and was able to hit the endpoint directly in a browser on port 80. While it's true the actual Elasticsearch runs on port 9200, you don't need to forward to localhost:9200 --> vpc:9200.
Now, regarding the second question, about hitting it locally, I think the problem is that because this service lacks a public IP address and you can't access it, that you can go through some complicated setup on AWS, or easier is just set it up to run locally for now until you are ready to use the VPC one (and thus your code will just run). Another option is to use security groups and make a publicly accessible cluster for now, and then when your code is done, search service/layer done, etc, you can start anew with a VPC/secure Elasticsearch service and that should be it.
Another thing that many mention is that it is cheaper/you have more control of things if you setup your own Elasticsearch on your local machine, and then set one up on EC2 (this is just reading blogs and seeing people mention how much frustration they had with it).
I have a spring boot api running on google cloud kubernetes cluster, I wanna have a caching server to use for my api so I thought to use memcache.
I tried two ways of doing it:
I downloaded the memcache from the google launcher which is basically deploying an instance of memcache on a vm. And then I assigned an external IP to my vm, whitelisted my ip to try it locally and ofc opened the port 11211 (the default one). For the client side I used, this guy, specified the ip address but I still get connection cancelled : java.util.concurrent.CancellationException: Cancelled and the doc is bad so I could find anything that helps.
I decided to try another way, which is following this tutorial and now I have the memcached cluster but I don't know how to consume these pods from my other cluster or should the pods be on the same cluster i have the api running on?
I would appreciate any help, this is my first encounter with the global caching.
So I figured it out based on Jonah Benton's advice.
It was actually pretty simple, i used this tutorial to create a new pod running memcached in my cluster and then I used this client to connect on it and it worked like a charm!
Hope it helps someone.
I am trying to set up my JMeter master/slave set up on AWS EC2 instances using windows. Out of the box integration didn't work (connection refused errors) and after some investigation I got to know that RMI communication only works if the machines are on same subnet (is this true?). I found this great article and I tried to follow it as is on windows (tried running ssh port forward tunneling via cygwin) but not have any luck. So I was hoping if someone already done this with Windows and can share their experience.
Out of the box integration didn't work (connection refused errors) and
after some investigation I got to know that RMI communication only
works if the machines are on same subnet (is this true?)
It is not necessary. Even if the machines are in a different subnet and addressable via the network, RMI should work. Here make sure the Security Groups and NACLs are properly set so that both EC2 instances can communicate with each other via the network.
You can check whether you can ping(For this you need to enable ICMP in your Security Groups and also make sure other needed ports are opened for RMI) from one EC2 instance to another. If the servers can communicate with each other, then you need to troubleshoot internal firewall configuration in windows EC2 instances.
We have used https://testable.io/ AMI's from the marketplace. It takes care of all configuration and just needs to worry only about testing and the results.
https://aws.amazon.com/marketplace/pp/B073JNTVKP
All our endpoints are secured to certain IP-ranges from testable.io. If you have internal, still you need to setup those security settings.
Hope it helps.
I'm trying to setup Realm Object Server on Amazon EC2.
I've used the public AMI on North Virginia, and I have a running instance. I'm doing all this from Europe as most of my users are in the USA.
Now I'm trying to access ec2-xx-xx-xx-xx.compute-1.amazonaws.com:9080.
I've tried to open the different ports as indicated but I feel that what I've done is incorrect.
I've also tried to open all traffic but I still have a timeout on the page. I'm probably doing something wrong here, I'm not sure what.
Thanks for your help!
Thanks for trying out our AWS AMI! It would be helpful to know the AMI ID that you ran, as that can help us track down problems for others. In fact, we've released new AMIs this morning. Check our website for the latest available AMI IDs.
In the meantime, can you check if the realm-object-server service is running? You can check this via SSH and by running:
sudo service realm-object-server status
So I managed to make things work!
I guess my issue is that I was somehow on the wrong security group.
When looking at your running instances, be sure to hit your security group at the right of the instance row, in order to be able to configure the correct one.
Then, configure a Custom TCP Rule with port 9080.
That's it!