Flask app cannot open server to Google Cloud Compute instance external IP - flask

I can't get my Flask API to respond to API calls using my instance external IP.
I've setup an instance using the Google Cloud Compute running Ubuntu 18.04, already opened up HTTP / HTTPS traffic in the firewall and set a static external IP to my instance, but I can not get my Flask app to listen to any incoming HTTP requests.
Running ifconfig does not show the instance's external IP, only the local IP, but I can ping the external IP.
I've already tried using app.run(host="0.0.0.0", port=8888) but it doesn't matter which port I choose to run the server on, the problem persists.
I can access my intance via internet running python -m SimpleHTTPServer 80, so I don't really know what is going on here anymore.
I'm clueless as to why this is happening, I would greatly appreciate any help :)
SOLVED: Turns out I'm actually dumb. Like I said, my Flask server was running on the 8888 port, so all I had to do was create a firewall rule that used the same port. Now everything's working like it's supposed to! :)

Related

ec2 web server on port 80 not reachable

ec2 instance is not publically available
I have a simple flask server open to port 80
there is even a public ip address but if I curl remotely to it connection get refused
but strangely ssh works just fine
and if I curl to public ip inside ec2 ssh it works
tried editing security group inboud rules but doesn't work...
googled bunch but all solutions say to edit inbound rules but it doesn't work for me...
am I doing something wrong?
The most common reason for this is that your Flask app is listening on localhost only, which is the default, and so is not reachable from outside the machine it's running on.
To fix this, make the server externally visible, by using:
app.run(host='0.0.0.0')

Could not able to access flask application deployed in GCP compute engine

I deployed flask application in GCP compute engine. It is exposed at 5000 port. When I tried to do curl from vm, curl "localhost:5000/health", I am getting response "service up". But when I tried accessing through public IP, I am not able to access. I have created network firewall rule allowing both http & https traffic and for all the ports and for all IP (0.0.0.0/0).
Please let me know, if I am missing anything here.
Posting this answer based on the solution that was provided by #Rakesh.
Issue got resolved by changing the local host in the flask code to 0.0.0.0.
So the final configuration looks as follows:
app.run(host='0.0.0.0',debug=True,port=5000)

Whats the difference between IP's from DigitalOcean and IP's from Google Cloud?

I've got some questions about ip's from Digital Ocean and Google Cloud, I have little knowledge about IP's and networks, i have two apps, one is running on a DigitalOcean server (dropplet) and the other is running on a VM Instance of Google Cloud, i was trying to setup code-server on each server.
In the droplet of DigitalOcean I configure successfully code-server, when i was running the command code-server code server got online on the address: http://127.0.0.1:8080 so i couldn't get into the app 'cause it was the local IP of the droplet, so i couldn't write that IP on my browser for obvious reasons, doing a little research i found the flag --bind-addr for code-sever, then i tried this command: code-server --bind-addr=192.231.24.04:8080 (That IP is an IP example) and it works, i was able to access code server writing in my navigator http://192.231.24.04:8080 and also i can access with mydomain.com:8080
In Google Cloud i tried to do the same, but i couldn't, i configured succesfully code-server on the VM Instance, when i run code-server code server got online on the address: http://127.0.0.1:8080 (As in DigitalOcean) obviously, that's the local IP
of the VM Instance, then i proceeded to do the same thing that i did in DigitalOcean, use the ---bind-addr flag, so i wrote this on the console: code-server --bind-addr=104.652.18.64:8080 (That IP is an IP example) and the console put this: error listen EADDRNOTAVAIL: address not available 104.652.18.64:8080, I thought Google Cloud was blocking the port 8080, so i unlock it, but still wasn't working, doing a little research i found that i had to use the IP 0.0.0.0:8080, so i wrote this command: code-server --bind-addr=0.0.0.0:8080 and i tried to access on my browsing using http://104.652.18.64:8080 and it works... i don't know why, i also tried using myseconddomain.com:8080 and also works
So i don't know what's the difference, What does IP 0.0.0.0 mean?
I returned to DigitalOcean droplet and i tried to do the same, i wrote: code-server --bind-addr=0.0.0.0:8080 and in the digital ocean droplet says: error listen EADDRINUSE: address already in use 0.0.0.0:8080
So... what's the difference?
Why does DigitalOcean work in a way that Google Cloud does not work and Google Cloud works in a way that DigitalOcean does not work?
I appreciate your responses
Google Cloud's networking has a distinction between internal and external IP addresses. In particular, a GCE VM won't actually have an interface with the externally visible IP address. Instead, Google Cloud Networking will transparently route from the external IP address to the internal IP address, assuming such routing is allowed by the firewall for that port. Thus, when you tried to start code-server listening to the external IP address specifically, the VM didn't know what that was referring to, as the interface did not exist inside the VM.
Generally on a host (in the context of starting a service on a given interface), 0.0.0.0 refers to any/all of the IP addresses on the machine. In your case, it means that you have started code-server listening to the internal IP address, and since you have removed the 8080 block in the GCP firewall, GCP networking will route requests to the external address to the VM.
I am not certain about DigitalOcean, but I presume that they do not have a different internal and external IP address, and thus when you start code-server listening to the external IP address directly, it attaches to the correct address. The error you are getting when trying 0.0.0.0 indicates something else is already listening on port 8080. Check that you stopped all the prior code-server process first, as well as anything else that may be listening on 8080 on any IP already.

Deploying a Go app in AWS ec2 got connection refused

I have a compiled Go project that I want to deploy to an AWS EC2 instance. I just simply upload the application and run ./application on the remote server.
In the terminal, the application is running and says he's listening to localhost:3000.
I've already added the 3000 port to the security group.
However, when I tried to access it in my browser using <public-ip>:3000, it always shows connection refused, whether I've run the application or not.
I tried to run the app locally, it does work.
So is it because I deploy it incorrectly?
It is a bit difficult to help you because of no code being shared.
Some reasons why you got connection refused:
Your application is listening only localhost:3000
EC2 security group does not expose port 3000
How to fix:
Most applications are defining the host address on a config file or env variables. If you have access to change it, change it from localhost:3000 to 0.0.0.0:3000 to accepts connection from all IP or to your_ec2_public_ip:3000
If host address is hardcoded and you have access to code, change the code per above
If you don't have access to config or code to change the host address, then add a reverse proxy to route the incoming call to localhost:3000. This is a good link about using Nginx as reverse proxy https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
Ensure EC2 Security Group allowing inbound connection for the designated port, in this case, is 3000 if you manage to route the incoming to your_ip:3000

Connection getting refused to socket.io server on Amazon EC2

I have set up a a micro EC2 instance on AWS. Currently, I am using the free tier in Oregon. There are two problems which I am facing.
When I try to SSH the instance using the public DNS, it says host does not exist but when I try conencting it using the public IP, it connects to it. What setting is needed to use the public DNS ?
I have opened the SSH client using the IP address. I want to set up my application which needs Node.js and MongoDB. I installed Node.js using this
Next I installed MongoDB using this
Then I connected to my instance using Filezilla and uploaded my code to it. I then start my node application which uses socket.io.
When I try to connect to socket.io server using web browser, I get a message which says connection refused "error 111". I have opened TCP port 80 in instance's security groups. In iptables, I have forwarded port 80 to 8080, but still it does not work. I have also checked that the firewall is disabled in ec2. Kindly help me to resolve this issue.
Did you check if all of the necessary ports are open on Amazon Security Policy?
What you can do is to allow all traffic on Amazon Security Policy for test and see if the connection goes well or not.
You might also check if you need access DB from outside. In that case, you also have to open the mongodb port and setup mongodb correctly as well.
Other tools that might useful to test firewall and connection issue will be tcpdump and syslog file
For the dns issue, did you try to nslookup on that name and see if the IP shown matches your server IP?
As Amazon gives a long DNS hostname for the server, I always use my own domain name. It's much easier.
example : ec2.domainname.com, which points to the Amazon IP address
Hope that help.
My problem is resolved now..
For the DNS issue, earlier I needed proxy to access internet, so I guess the DNS name was not getting resolved. When I tried using proxy free internet, I was able to ssh using public DNS.
And regarding connection to socket.io, I used port 8080 instead of 80 and used "sudo node main.js" to run my node file. Now I am able to connect to the socket.io server and MongoDB.
Another thing which I want to ask is that would running the node file with sudo rights create some security issue ?
Thanks for the answer! That also worked for me. I had the same problem trying to connect through sockets (http://myipaddress:3000) to a node.js server, i tried opening ports on the actual ec2 instance and disabling the firewall through SSH but nothing worked. Had to go to Security Groups on the ec2 console and open a new inbound tcp rule enabling that port