I am installing the ELK stack on an EC2 instance. I think my install was successful, but I can't load Kibana in my web browser. I think there are issues with my network setting but I am new to aws and I am not sure.
When I run
curl localhost:5601
I get
<script>var hashRoute = '/app/kibana';
var defaultRoute = '/app/kibana';
var hash = window.location.hash;
if (hash.length) {
window.location = hashRoute + hash;
} else {
window.location = defaultRoute;
}</script>
When I then run this command on my instance ip
curl 174.129.93.100:5601
I get this, but I can ping successfully
curl: (7) Failed to connect to 174.129.93.100 port 5601: Connection refused”
I've had this problem for like a week and really need help solving it.
Well, the port in security group is open as it says Connection Refused. Either the service is not running on the designated port or it is listening on localhost only.
In the kibana configuration, change from localhost or 127.0.0.1 to Private IP of the EC2 Instance and restart the service.
Check this link: https://www.elastic.co/guide/en/kibana/4.5/kibana-server-properties.html
Related
I am setting up a Virtual Machine node.js server at Google Cloud Platform. I have set up SSH keys so that I can log into my VM. I can successfully log into my VM using SSH-in-browser and start my server.
I can't access my public IP address through Chrome. I get this message:
This site can’t provide a secure connection.
When I try to connect to the IP within SSH-in-browser, I get the following:
$ curl -vso /dev/null --connect-timeout 5 34.68.254.120:8080
* Trying 34.68.254.120:8080...
* connect to 34.68.254.120 port 8080 failed: Connection refused
* Failed to connect to 34.68.254.120 port 8080: Connection refused
* Closing connection 0
I'm new at this. Any ideas would be appreciated. Thanks!
Edit1: Some more details --
Linux VM
port 8080 ingress is open on the firewall
I'm using OSLogin (`enable-oslogin = TRUE' 'enable-oslogin-sk = FALSE')
I can successfully log into console with both SSH-in-Browser and PuTTY, and I can start my server on port 8080
In both, I get the error above when I try to connect to the IP address
EDIT:
Follow below steps to fix “This Site Can’t Provide a Secure Connection” Error :
This error typically indicates a problem with either your browser’s configuration or the SSL certificate on your site.
1) Your local environment doesn’t have an SSL certificate.
2) Outdated SSL caches in the browser : (This is one of the more popular causes. Web browsers store SSL certificates in a cache, much
like other data. This means they don’t have to verify the certificate
every time you visit a site, which speeds up browsing. However, if
your SSL certificate changes and the browser is still loading an
older, cached version, it can cause this error to pop up).
3) Incorrect time and date settings on your computer.
4) Rogue browser extensions.
5) Overzealous antivirus software.
6) An invalid or expired SSL certificate.
If your firewall rules prevent external access:
Check your firewall rules with the following command: gcloud compute firewall-rules list with this, you can review the VPC where
the VM instance was migrated; and if it has allowed the Ingress TCP:
22 Port.
If this firewall rule is missing, you can add the firewall rule in the GCP console -> VPC Networks ->select your VPC network _Click on
the firewall rules to double check that the tcp: 22 port is allowed.
If the issue still is ongoing after checking the firewall rules, you
can follow this guide to start troubleshooting SSH connection.
Let me explain my use-case here,
I wanted to give a try to vault in my local, so I configured VAULT_ADDR as:
$ echo $VAULT_ADDR
http://127.0.0.1:8200
then I started vault in dev mode (vault server -dev) and everything was ok, I was able to connect to the server.
Then I wrote a really simple config file:
$ cat vault.config
backend "inmem" {}
listener "tcp" {
address = "127.0.0.1:8200"
tls_disable = 1
}
disable_mlock = true
and I restarted the server with vault server -config=vault.config, This too worked fine.
Now I want to use vault server which is deployed in remote server (aws ec2 instance). I have changed content my config file to below
backend "inmem" {}
listener "tcp" {
address = "123.456.789.1:8200" (aws ec2 public ip)
tls_disable = 1
}
disable_mlock = true
now this is throwing error
Error checking seal status: Get "http://123.456.789.1:8200/v1/sys/seal-status": dial tcp 123.456.789.1:8200: connect: connection refused'
when i am trying to check connectivity using telnet command, that too failed.
telnet 123.456.789.1 8200
telnet: Unable to connect to remote host: Connection refused
I have opened 8200 port in security group of aws, and both instances are in same vpc. What I am missing here? Any help?
I was able to figure out solution for above issue. Basically I executed below steps.
First I started vault server in above machine ( '123.456.XXX.X' ) by below command
vault server -dev -dev-listen-address="123.456.789.1:8200"
here 123.456.789.1 --> This is private IP of my ec2 instance, where my vault server is running.
Next, In my source machine (the one from which i am invoking vault server in 123.456.XXX.X ), I set below parameters
export VAULT_ADDR='http://123.456.789.1:8200'
export VAULT_TOKEN='*****************'
Now when I am trying to do telnet to 123.456.XXX.X server, it is working as expected
telnet 123.456.789.1 8200
output
Trying 123.456.789.1...
Connected to 123.456.789.1.
Escape character is '^]'.
I had the same problem
I was trying to reach my remote vault server this helps me https://stackoverflow.com/a/67218570/19887897
You just have to start your server like this
vault server -dev -dev-listen-address="0.0.0.0:8200"
How to configure ssh server on jenkins using jump host?
Publish over SSH pluginprovide for a jump host option but not working.
I set up
Hostname : public ip (bastion server ip)
Username : ec2-user
in advance setting
Jump host: private ip (web application deployed server's private ip)
I opened ssh port on my was server. (open jenkins server ip connection)
and test connection result is here.
jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [private]. Message [java.net.ConnectException: Connection timed out (Connection timed out)]]
How to deploy web application to server which is in private subnet.
There is a jenkins bug that seems to be still open:
https://issues.jenkins.io/browse/JENKINS-56119
I got the same error on testing configuration, but actual job is working over ssh jumphost.
I successfully created a Compute Engine VM instance, and installed MySQL on it using this guide:
https://cloud.google.com/solutions/setup-mysql
Now I want to connect to it from App Engine and from my home too if possible.
Using this guide: https://cloud.google.com/appengine/docs/standard/python/connecting-vpc
I created the connector, giving it the suggested 10.x.x.x/28 IP address.
In my app engine's app.yaml I inserted:
vpc_access_connector:
name: projects/xxxxxxxxxx/locations/europe-west3/conectors/xxxxxx
The VM instance shows an internal IP of 10.x.x.x and an external IP of 34.x.x.x
I am trying to connect from PHP using this line:
new mysqli($servername, $username, $password, $dbname, 3306, null);
but I get different errors.
When connecting to 34.x.x.x from my home:
mysqli::__construct(): (HY000/2002): No connection could be made because the target machine actively refused it.
(I even created a Firewall rule to allow all traffic from my home IP)
When connecting to10.x.x.x from app engine:
2002: Connection timed out
When connecting to 10.x.x.x from app engine:
2002: Connection refused
How can I make a connection?
My first guess is that the service inside the instance is not up and running, check if the service of MySQL is running and listening, you can try this by doing a nmap test vs. the public IP of your MySQL VM instance nmap 34.0.0.0. You should see something like this (if you are using the standard port):
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
3306/tcp open mysql
Remember that there are two firewalls you need to take care of on GCP, (VPC firewall & OS firewall). So if you are not able to see this port start the SQL service by connecting into your VM instance and typing sudo systemctl start mysql, now run again nmap 34.0.0.0 and you should see the service.
To connect from App Engine to MySQL on Compute Engine VM instance just follow this other guide .
To connect from your home It will be better for you to connect to the instance via SSH and then to access your database, or you can keep connecting by a VPN to access it with the internal IP address if you need to connect directly to the socket, just take care to avoid hitting the limitations or missing something like IAM roles and permission needed for this connection.
I have created my ec2 instance successfully in AWS.
here my instance end point is ec2-18-222-211-176.us-east-2.compute.amazonaws.com
The problem is when I try to hit this end point it is showing refused to connect. I don't have any Idea why it is not working like this
where as I successfully connect instance using SSH key, here it is working fine.
here my instance security group inbound rules are listed below
Looks like it is working on both the DNS and the public IP http://18.222.211.176
It was the Apache web server not running. To find this, type this from your root#ip directory:
service httpd status
To start the server, type:
service httpd start