I have a NodeJS API application running on a single instance (no load balancer) on AWS Elastic Beanstalk. Previously the app was on the old Amazon Linux environment which was deprecated, so this is now just freshly created in a brand new "Node.js 16 running on 64bit Amazon Linux 2/5.6.0" environment. I verified the new environment is up and running properly and now the domain is pointing to the new version. When using normal HTTP traffic the application responds normally.
The previous version had SSL enabled. The certificate purchased a year ago was just reissued for another year (from NameCheap - third-party CA). I generated the new cert/key per NameCheap's instructions. To configure EB for using SSL, I followed these instructions from Amazon exactly: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-singleinstance-nodejs.html And currently have the contents of the cert, the ca_bundle, and the private key in my .ebextensions/https-instance.config file (just to get it working... for production this would reference files on S3). I ran the contents through a YAML formatter to make sure the spacing was correct.
While my application responds OK without HTTPS, if I simply add the S I get ERR_CONNECTION_REFUSED. I've looked through all the logs available from Elastic Beanstalk and there are no errors.
How can I get more detail on why the traffic is not forwarding? How would I be able to determine if the problem is the certificate, or the key, or some other error in a config file, etc?
Related
In my AWS environment I have 2 hosted zones:
aaa.nl
bbb.nl
I have an elastic beanstalk (NodeJS) application running. It works fine. I want this EB application to be available via the domain name:
my-app.bbb.nl
I followed this approach:
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-beanstalk-environment.html#routing-to-beanstalk-environment-create-alias-procedure
Configuring a new record is easy. I can select my EB application and the record is created successfully. And i see it listed in the record list of hosted zone bbb.nl (A Record)
Now I open up my browser and navigate to:
my-app.bbb.nl
To my great surprise, what I get to see in the browser is a different application that I have running at https://my-other-app.aaa.nl, but the url is https://app.bbb.nl (my-other-app is listed as an A record in hosted zone aaa.nl)
I did get some certificate warnings in my browser as well (in the browser I see that it has the ssl certificate of aaa.nl coming along),
I do have something else running correctly at https://bbb.nl
I have no idea how this is possible and how to debug this. Anyone any clues?
Use browser development tools to trace the request to my-app.bbb.nl
Look for redirection in response.
Check if my-other-app.aaa.nl isn't hardcoded into app itself.
I have a web application running on Elastic Beanstalk in load balanced environment however when I changed the configuration to a "single instance" environment the application returns a 408 Request Timeout with every https browser request to the server (custom domain).
The environment health in my AWS console shows everything is running okay so I am baffled by what could be causing the problem. When I change the configuration back to 'load balanced' everything works fine again.
When I change the configuration back to 'load balanced' everything works fine again.
Since you are using HTTPS with custom domain, when you switch to a single instance, the HTTPS functionality is lost. To make HTTPS work on a single instance, you need to obtained new SSL certificate (AWS ACM can't be used), and deploy it on your instance though re-configured Nginx:
How to Setup SSL(HTTPS) on Elastic Beanstalk Single Instance Environment
I've a nice little ec2 instance, I've logged in the console, updated the YUM, started the httpd, but the IP doesn't work in the browser.
my httpd is up on chkconfig: httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Thought it would be as listed on my connect from public DNS, same as I connect to console through. I've used the S3 server into the properties on the instance and enabled static website hosting, just to test it before using PHP. Even created a like bucket, trying to use my domain name from the Route 53, but the Route 53 also shows "No Targets Available" in the S3 (or any other).
Alrighty, found it. Was a security issue, but here is the process, in two quick url's.
Tutorial: Installing a LAMP Web Server on Amazon Linux
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/install-LAMP.html?shortFooter=true
But it says if it doesn't work, check the security groups, and a couple of clicks later you're looking at this.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html?shortFooter=true
Go into the security group settings and add http from pull down and it's done.
Also, the second part where there isn't a target, be sure and associate the elasticIP (created in the AWS services console) and sure enough a web server is up and running. Once you've the elasticIP address simply add it to the route 53 rule set(s).
I'm a pretty new developer and deployed my first Django app via Elastic Beanstalk. I want to serve https requests and have configured my SSL certificate and have my load balancer set up correctly. When I go into EB > Configuration > Secure listener port and set it to 443 I'm getting the error upon saving:
LoadBalancerHTTPSPort: You have specified both the #deprecated(:default.aws:elb:loadbalancer:LoadBalancerHTTPSPort)
option as well as one in the new aws:elb:listener:443 namespace.
The :default.aws:elb:loadbalancer:LoadBalancerHTTPSPort option will be ignored.
Not sure what I'm missing because I'm still not able to serve https requests
I had the same problem with a NodeJS Elastic Beanstalk app. However, I was able to get around it by updating the Listener/Certificate settings via the AWS EC2 console (https://console.aws.amazon.com/ec2/), via the Load Balancers section (under LOAD BALANCING).
I was updating the certificate for a staging version of a cloned environment. This was the only way I could assign a different certificate to the staging environment.
See more at http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html
I am trying to set up an Amazon Server to host a dynamic website I'm currently creating. I have the domain bought on GoDaddy.com, and I believe that what I've done so far has linked the domain to my Amazon account.
I followed this tutorial : http://www.mycowsworld.com/blog/2013/07/29/setting-up-a-godaddy-domain-name-with-amazon-web-services/
In short, this walked me through setting up and Amazon S3 (Simple Storage Service) and Amazon Route 53. I then configured the DNS Servers, and my website now launches properly on the domain.
I'm not sure on the next step from here, but I would like to set up:
-A database server
-Anything else that might be necessary to run a dynamic website.
I am very new to hosting websites, and semi-new to web development in general, so the more in depth the better.
Thanks a lot
You have two options on AWS. Run an EC2 server and setup your application or continue to use the AWS managed services like S3.
Flask apps can be hosted on Elastic Beanstalk and
your database can be hosted on RDS (Relational Database Service). Then the two can be integrated.
Otherwise, spin up your own t2.micro instance in EC2. Log in via ssh and set up the database server and application like you have locally. This server could also host the (currently S3 hosted) static files too.
I have no idea what your requirements are, personally I would start with setting up the EC2 instance and go from there as integrating AWS services is without knowing what you need is probably not the easiest first step.
Heroku might be another option. They host their services on AWS and give you an end to end solution for deploying and running your python code without getting your hands dirty setting up servers.