I have created a simple java spring boot application and created a jar to host it on aws. The app simply displays "hello world" when the user enters http://localhost:8080/hello, so I wanted to turn it widely, but after severels attempts i simply get "red" flag on aws console.
I have configured the port at aws to listen on 5000
Thank you.
Your application is running on port 8080, but it should be on port 5000. As explained in the AWS blog:
By default, Spring Boot applications will listen on port 8080. Elastic Beanstalk assumes that the application will listen on port 5000. There are two ways to fix this discrepancy: change the port Elastic Beanstalk is configured to use, or change the port the Spring Boot application listens on. For this post, we will change the port the Spring Boot application listens on.
The easiest way to do this is to specify the SERVER_PORT environment variable in the Elastic Beanstalk environment and set the value to 5000. (The configuration property name is server.port, but Spring Boot allows you to specify a more environment variable-friendly name).
Related
I uploaded my jar to elastic beanstack it started I pressed its given url ,then it gives me 502 nginx error
I tried to add SERVER_PORT in configuration ,didn't help ,then attached policy to its created role : aws-elasticbeanstalk-ec2-role this policy AmazonSSMReadOnlyAccess
,but again didn't help
I assume the problem is that your jar expects connections on port 8081, in the other hand Elastic Beanstalk expects that your app has port 5000 opened.
From the docs:
By default, Elastic Beanstalk configures the nginx proxy to forward requests to your application on port 5000. You can override the default port by setting the PORT environment property to the port on which your main application listens.
You can set an environment variable in the configurations:
First, let me say that this is the first time I have written an ASP.NET Core 3.1 web app and first time learning AWS with Elastic Beanstalk. So if it seems like I'm confused... it's because I am. ;-)
I have two AWS environments - one is Staging and one is Production. The Staging environment has no SSL certificate and no load balancer. It only listens on port 80.
Production has a load balancer set up with my SSL certificate, and is set up to redirect all port 80 traffic to port 443.
Port 80 = Redirect to https://#{host}:443/#{path}?#{query}
Status code:HTTP_301
Port 443 = Forward to my-target-group: 1 (100%)
Group-level stickiness: Off
When I generated the new web app in VS 2019, I opted in on HTTPS/HSTS by checking "Configure for HTTPS". So it has this in Startup.cs:
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
I am getting this error in my Windows event log in Staging and Production: “Failed to determine the https port for redirect”
I tried the suggestion from Enforce HTTPS in ASP.NET Core
services.AddHttpsRedirection(options =>
{
options.HttpsPort = 443;
});
But that messed up the Staging environment because there's nothing listening on port 443.
Since Staging is only using HTTP, and Production is redirecting to HTTPS at the load balancer, should I just remove the UseHsts() and UseHttpsRedirection() altogether from my Startup? Will that pose any security problems - I do want traffic encrypted over the internet but I don't think it's necessary between the load balancer and the EC2 instance, correct?
Or do I need Forwarded headers, as suggested at Configure ASP.NET Core to work with proxy servers and load balancers?
I do want traffic encrypted over the internet but I don't think it's necessary between the load balancer and the EC2 instance, correct?
Correct. That's how it is usually setup. So you usually would have SSL termination on your load balancer (LB), and then from LB to your instance it would be regular http traffic:
Client----(https)---->LB----(http)---->instances
does my app still need UseHttpsRedirection() and UseHsts()?
No, as your app is just recieving http traffic only from the LB.
I deployed application based on this stack on AWS where under Rout 53 DNS is set. I want to point my domain (exampl.com) to web server (any apache/nginx) running in docker container. I want to know how can i bind domain to that web server?
I am not sure it's good or bad way to deploy an application on production but it will help me to understand.
as #mipnw suggested, you can easily run your Docker containers in Amazon ECS.
Since you are not using ECS, here is how you can point the domain to the ec2 instance.
Assign an elastic IP address to the ec2 instance
Reference: https://aws.amazon.com/premiumsupport/knowledge-center/ec2-associate-static-public-ip/
Create an A record in AWS Route53 to point to the elastic IP address.
Reference: https://aws.amazon.com/premiumsupport/knowledge-center/route-53-create-alias-records/
if your docker is exposing for e.g port 80 to the host machine.
Now you can access your application via http://example.com (since http default port is 80), for that you should enable port 80 in your instance's security group
Reference: https://aws.amazon.com/premiumsupport/knowledge-center/connect-http-https-ec2/
If your docker is exposing port for e.g 8080 and you want to access the website via http://example.com, you will need to configure apache/nginx proxy to accept the traffic via port 80 or 443 and forward the request to the port exposed by docker (8080 in this example)
Reference: https://dev.to/kevbradwick/how-to-setup-a-reverse-proxy-to-your-host-machine-using-docker-mii
The most difficult part of your setup is setting up SSL, you would need to configure the SSL certificate inside the nginx proxy.
Hope this helps.
You need to host your docker container somewhere. Since you're already using AWS I'd suggest running your container inside AWS ECS.
Then you'll have expose a port on the container, and configure Route53 to point to your container etc... It looks like ECS Service Discovery makes it easier to register your service running inside ECS with Route53.
I have created a Windows instance in EC2, also installed the Bitnami WAMP stack there. The web app runs on the instance, however it does not display on a browser outside the instance with the public IP of the instance.
I have configured the Security Groups this way:
Port 80 (HTTP inbound and outbound)
Port 443 (HTTPS inbound and outbound).
What else need to be done, in order to display the web app on a browser? Thanks
The issue was solved by disable the Firewalls on the Windows O.S directly (instance).
Hi I am new AWS and trying to deploy spring boot application in Elastic Beanstalk . Deployment is successful but not able to access application .Getting 502 Bad Request Gateway nginx/1.10.1 error. Deployment is done on Configuration
64bit Amazon Linux 2016.09 v2.2.0 running Java 8 (nginx proxy server). Is thier any way to solve this issue. After doing googling i found it is because of port mismatch.I wanted to know where i should change the port numbers.
From AWS documentation:
By default, Spring Boot applications will listen on port 8080. Elastic
Beanstalk assumes that the application will listen on port 5000. There
are two ways to fix this discrepancy: change the port Elastic
Beanstalk is configured to use, or change the port the Spring Boot
application listens on.
You can set the port in server.port property in application.properties or set it through environment as described in the document referred above by setting SERVER_PORT environment property.
I also had the same issue. And the reason was the fact that i didn't correctly generate my jar. Instead of taking the classic jar from an clean install take the one from a clean package spring-boot:repackage
For me setting PORT (instead of SERVER_PORT) as environment variable with value 8080 worked for me.