Unable to open Public IPv4 DNS in AWS EC2 - Linux instance - amazon-web-services

I have a Spring boot project which I want to host on an AWS-EC2 instance. I was able to create its image using Git-hub, Jenkin and docker. I was also able to successfully pull and run this image in the Linux console of my AWS-EC2 instance.
According the tutorial I was following I should have been able to open the project now using the public IPv4 DNS but the response I got was that it refuse to connect.
I know that this usually has to do with Inbound rules so I added a rule to allow all traffic but it didn't help.
For anyone who wants to know:
Git-hub repository: https://github.com/SalahuddinShayan/telecom
Docker-Hub repository: https://hub.docker.com/repository/docker/salahuddinshayan/telecom
Command I used to run the image in AWS:
docker run -p8081:8081 --name final-app --link docker-mysql:mysql salahuddinshayan/telecom
Security Groups:
Networking Details:
Here is the Error:
I am completely stumped by it. Does anyone an idea on what to do to fix this?

Please check if your client is calling the right protocol, e.g. http vs https.

You are transmitting on port 8081. http://3.110.29.193:8081/ works fine from the EC2 side. 404 status is raised, so this is a client side error, not a server side error.
It means that no firewall is blocking traffic and a process (your app) was found that listens on IP:Port that you require. The problem is that the process it encountered (your app) is sending only a WhiteLabel Error Page, which is a generic Spring Boot error page that is displayed when no custom error page is present. So the issue is with the Spring app itself and not with EC2 or with connection. In other words: the traffic can reach your Spring app, but your Spring app has nothing to say in response.
As a side note, after deploying your app I would advise to refine the inbound traffic rules to allow only the traffic you want. There is no need of allowing all traffic on all ports.

Related

Unable to make API requests in AWS EC2 Windows instance

I have made a spring boot REST API (as a jar file) which links to MongoDB compass installed on the same EC2 instance.
When I run the jar file (in cmd) on my Windows 10 laptop (not the EC2 instance), it works totally fine and I'm able to make the http requests with Postman (from my IP). And when I run the jar file on my EC2 instance with cmd, it still runs normal and everything seems fine.
But this time I'm unable to make the http requests from anywhere. Postman says Could not send request Error: Request timed out.
I've tried using both the public IP and Public DNS IP. Going through the other solutions to questions similar as mine, I got to know that I'd to add inbound rules for all the ports which I'm using (8080 and 27017 in my case). I also enabled stuff from Windows Firewall in the EC2 instance but nothing helps me at the end.
Any help would be really appreciated.

Deploying a Go app in AWS ec2 got connection refused

I have a compiled Go project that I want to deploy to an AWS EC2 instance. I just simply upload the application and run ./application on the remote server.
In the terminal, the application is running and says he's listening to localhost:3000.
I've already added the 3000 port to the security group.
However, when I tried to access it in my browser using <public-ip>:3000, it always shows connection refused, whether I've run the application or not.
I tried to run the app locally, it does work.
So is it because I deploy it incorrectly?
It is a bit difficult to help you because of no code being shared.
Some reasons why you got connection refused:
Your application is listening only localhost:3000
EC2 security group does not expose port 3000
How to fix:
Most applications are defining the host address on a config file or env variables. If you have access to change it, change it from localhost:3000 to 0.0.0.0:3000 to accepts connection from all IP or to your_ec2_public_ip:3000
If host address is hardcoded and you have access to code, change the code per above
If you don't have access to config or code to change the host address, then add a reverse proxy to route the incoming call to localhost:3000. This is a good link about using Nginx as reverse proxy https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
Ensure EC2 Security Group allowing inbound connection for the designated port, in this case, is 3000 if you manage to route the incoming to your_ip:3000

How do I access the web GUI of my NiFi instance running on an AWS machine?

I am trying to run NiFi on an AWS machine and access the web GUI on my local computer.
I have followed guides such as: https://community.hortonworks.com/articles/47778/hdf-installation-on-ec2.html but whenever I type in the DNS:8080/nifi into my web browser I get a "connection refused" or timed out message.
I have created an AWS Red Hat machine, installed NiFi + java, and edited the nifi.properties file such that it is now:
# Site to Site properties
nifi.remote.input.host=ec2-34-224-216-146.compute-1.amazonaws.com
nifi.remote.input.secure=false
nifi.remote.input.socket.port=
I have tried leaving the port number blank, as well as other numbers such as: nifi.remote.input.socket.port=8082
but neither work when I enter
ec2-34-224-216-146.compute-1.amazonaws.com:8080/nifi into my browser.
I have also tried adding the domain to my local computer's /etc/hosts file in the form of the Public DNS as well as IPv4. I have also configured the security group on AWS such that I have a "Custom TCP Rule" with the port range 8081, 8082, etc. for the respective ports I have attempted.
I am not sure what I am doing wrong or if I am missing a step. Any help is appreciated.
The properties you are configuring are for site-to-site connections and are not related to the UI. These would be used if another NiFi or MiNiFi was making a site-to-site connection to your NiFi instance.
To control the UI you should be configuring:
nifi.web.http.host=
nifi.web.http.port=8080
nifi.web.https.host=
nifi.web.https.port=

Websockets with AWS and Elastic Beanstalk

I'm trying to get my websockets working with Amazon Web Service and Elastic Beanstalk (ELB).
I set up a proxy protocol according to:
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/enable-proxy-protocol.html
I've opened up all inbound traffic to my load balancer and other security groups on all ports, for all IPs.
I also kept the load balancer listerner as HTTP on port 80.
My websocket connection gives the following error when trying to connect on port 80:
failed: Error during WebSocket handshake: Unexpected response code: 400
And this error on port 8080:
failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
Would appreciate suggestions, I'm stuck at this point.
Thanks!
After configuring EC2 Security group your application will work with public IP.
But you still will get issue with using EB URL.
To solve this issue, you have to change EB configuration.
Go to EB environment page
Configuration
In Load Balancing section change protocol from HTTP to TCP.
Now you can click EB URL.
I was also looking for possible workaround for this issue, but it's quite easy irrespective of what platform language you are using to develop websocket program on AWS EC2, as am using Node.js nginx in my case, this should work for all supporting platforms.
Configure Security Group
In the AWS console, open the EC2 tab.
Select the relevant region and click on Security Group.
You should have an elasticbeanstalk-default security group if you
have launched an Elastic Beanstalk instance in that region for your
app.
click on Actions button at top, and select Edit inbound rules.
here in Type column select All TCP, or you can set some Custom TCP
rule as well to listen at your websocket port.
And that's it!
Note: If something is not working, check the "Events" tab in the Beanstalk application / environments and find out what went wrong.
AWS has launched new Application Load Balancer that supports web sockets. Change your ELB to Application Load Balancer and that will fix your issue.
https://aws.amazon.com/blogs/aws/new-aws-application-load-balancer/
You should create reverse proxy for Nginx server. You can include this config file in you .ebextensions folder to make Nginx support WS.
Also in the EBS's load balancer configuration change the protocol from HTTP to TCP.
Refer this blog to set up secure WebSocket.
This is a very old post but having searched around for answers on this I have found two things you need to do to get websockets on a custom port working with AWS EB.
Under the configuration of your EB environment. Go to Software and add an environment variable there. Make sure this is a case sensitive match with your code.
Again under the configuration of your EB environment. Go to Load Balancer and add the custom port as a listener.
Make sure you save the new listener under the config and on reload it should be routing websocket traffic on a custom port

Connection getting refused to socket.io server on Amazon EC2

I have set up a a micro EC2 instance on AWS. Currently, I am using the free tier in Oregon. There are two problems which I am facing.
When I try to SSH the instance using the public DNS, it says host does not exist but when I try conencting it using the public IP, it connects to it. What setting is needed to use the public DNS ?
I have opened the SSH client using the IP address. I want to set up my application which needs Node.js and MongoDB. I installed Node.js using this
Next I installed MongoDB using this
Then I connected to my instance using Filezilla and uploaded my code to it. I then start my node application which uses socket.io.
When I try to connect to socket.io server using web browser, I get a message which says connection refused "error 111". I have opened TCP port 80 in instance's security groups. In iptables, I have forwarded port 80 to 8080, but still it does not work. I have also checked that the firewall is disabled in ec2. Kindly help me to resolve this issue.
Did you check if all of the necessary ports are open on Amazon Security Policy?
What you can do is to allow all traffic on Amazon Security Policy for test and see if the connection goes well or not.
You might also check if you need access DB from outside. In that case, you also have to open the mongodb port and setup mongodb correctly as well.
Other tools that might useful to test firewall and connection issue will be tcpdump and syslog file
For the dns issue, did you try to nslookup on that name and see if the IP shown matches your server IP?
As Amazon gives a long DNS hostname for the server, I always use my own domain name. It's much easier.
example : ec2.domainname.com, which points to the Amazon IP address
Hope that help.
My problem is resolved now..
For the DNS issue, earlier I needed proxy to access internet, so I guess the DNS name was not getting resolved. When I tried using proxy free internet, I was able to ssh using public DNS.
And regarding connection to socket.io, I used port 8080 instead of 80 and used "sudo node main.js" to run my node file. Now I am able to connect to the socket.io server and MongoDB.
Another thing which I want to ask is that would running the node file with sudo rights create some security issue ?
Thanks for the answer! That also worked for me. I had the same problem trying to connect through sockets (http://myipaddress:3000) to a node.js server, i tried opening ports on the actual ec2 instance and disabling the firewall through SSH but nothing worked. Had to go to Security Groups on the ec2 console and open a new inbound tcp rule enabling that port