Just spun an EC2 ubunto on AWS. Installed Docker. Pulled my test springboot image and run it on the host. Can't access the app via browser. When I curl on the host, it does respond with valid http response. Is there a network or firewall that I should be looking at?
ubuntu#ip-172-31-4-157:~$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ea9879c1b38c parikshit123/docker-spring-boot:firsttry "java -jar docker-sp…" 20 minutes ago Up 20 minutes 0.0.0.0:8085->8085/tcp frosty_sammet
ubuntu#ip-172-31-4-157:~$ curl localhost:8085/test/hello
Hello from Mitalubuntu#ip-172-31-4-157:~$
Just figured out.
By default, AWS Ec2 instances have ALL TCP tranffic (inbound and outbound) blocked. I learned that it has to be g opened. I added security group and it worked. Now I can access the endpoint via browser. Bingo!
Related
I got a task to deploy a static website on an AWS Ubuntu Server, I was given the username and the SSH key for it. Using PuTTy I got access to the server, setup django, postgres nginx and gunicorn. However now I need to check the progress and whichever tutorial I looked up, I found them checking their deployment progress with a dns address, but since I have connected to the server remotely, I do not have that. So please help me check my deployment status. I am attaching some screenshots of the PuTTy terminal below
Image of the final Gunicorn command to finish the deployment
I'm new to docker, and I'm trying to run an instance on AWS using EC2.
I ran the following command:
sudo docker run -dit -p 80:80 httpd:2.4
With docker ps I have the following:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
04f62e26594e httpd:2.4 "httpd-foreground" 5 seconds ago Up 4 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp kind_cray
The security group is configured as below:
However when trying to access the instance through the browser using the address https://ec2-a-b-c-d.us-east-1.compute.amazonaws.com I get the error ERR_CONNECTION_REFUSED.
What could be happening?
https://ec2-15-229-1-156.sa-east-1.compute.amazonaws.com I get the error ERR_CONNECTION_REFUSED.
You get error because you are using HTTPS. You have to use only HTTP, as by default ec2 instances do not support https.
I want to setup a self managed docker private registry on an EC2 instance without using AWS ECR/ECS services i.e. using the docker registry:2 container image and make it accessible to the development team so that they can push/pull docker images remotely.
The development team has windows laptop with "docker for windows" installed in it.
Please note:
The EC2 instance is hosted on private subnet.
I have already created a AWS-ALB with openssl self-signed certificate and attached it to the EC2 so that the server can be accessed over HTTPS Listener.
I have deployed docker registry using below command:
docker run -d -p 8080:5000 --restart=always --name registry registry:2
I think pre-routing of 443 to 8080 is done because when I hit the browser with
https:///v2/_catalog I get an output in json format.
Currently, the catalog is empty because there is no image pushed in the registry.
I expect this docker-registry hosted on AWS-EC2 instance to be accessible remotely i.e. from windows remote machine as well.
Any references/suggestions/steps to achieve my task would be really helpful.
Hoping for a quick resolution.
Thanks and Regards,
Rohan Shetty
I have resolved the issue by following the below steps:
added --insecure-registry parameter in the docker.service file
created a new directory "certs.d/my-domain-name" at path /etc/docker.
( Please note: Here domain name is the one at which docker-registry is to be accessed)
Placed the self-signed openssl certificate and key for the domain-name inside the above mentioned directory
restart docker
I have an EC2 instance with Ubuntu image.
I've logged into my EC2 instance and ran the following command:
docker run -d --name jira -p 11111:11111 ivantichy/jira:7.9.0
It should start JIRA container.
It looks like it started OK:
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b628a71a6ad2 ivantichy/jira:7.9.0 "/entrypoint.sh" 9 minutes ago Up About a minute 8080/tcp, 0.0.0.0:11111->11111/tcp jira
But it's not available from the browser.
I've allowed inbound traffic for this instance for 11111 port.
Do I need to setup any nginx, etc. or there are some issues with my configuration?
Can you access locally on server? Try
lynx http://localhost:11111
(Or whatever url you've set)
You can try wget, curl or telnet otherwise.
If you can connect, would look into your AWS settings.
Well, the issue was with the port number.
I just started my JIRA container on 8080 port instead of 11111 and it works fine.
Both 8080 and 11111 were opened via AWS console.
I need to put sonatype nexus3 up on AWS. Following an old tutorial for nexus 2, I was led to try this on EC2. What I'm currently trying is an instance with a security group that allows inbound requests from anywhere on ports 80,8080,22,4000,443, and 8081. I'm using a Amazon Linux AMI 2016.09.0 (HVM), SSD Volume Type instance. I install docker using the instructions from here http://docs.aws.amazon.com/AmazonECS/latest/developerguide/docker-basics.html#install_docker. I then simply use the official docker image from here https://hub.docker.com/r/sonatype/nexus3/ with the following command.
docker run -d -p 8081:8081 --name nexus sonatype/nexus3
Using docker ps I can confirm that this seems to be running. When I try to connect to the provided public DNS url ending with amazonaws.com on port 8081, I simply get connection refused. Same thing on port 80 or any of the other ports and the same thing when I add /nexus to the end of the URL.
Attempting the quick test that documentation for this image suggests:
>curl -u admin:admin123 http://localhost:8081/service/metrics/ping
curl: (56) Recv failure: Connection reset by peer
Using the exact same docker command on my local machine (OS X) I am able to access nexus on localhost. Why can't I get this working?
The issue appears to have been with Sonatype's official image. This image which works the exact same way, works perfectly with the exact same process.