I'd like to configure my coldfusion instance to connect to a MySQL database over SSH but I'm not really sure how.
Basically, I have an EC2 instance in the same region as an RDS instance for the purposes of a development environment. I want to hook into my Production RDS instance so that I can do some tests with production data for a specific feature I'm working on but it's turning out to be quite a bit of trouble since it's in a different region.
I'd rather not alter AWS in any way to achieve this. So far the only thing I could think to try was to SSH into my EC2 instance and setup a tunnel like this
ssh -i ./mykey.pem -N -L 3306:localhost:3306 username#host_ip
When I enter this command I don't see any output but I assume it is running, however when I try to access my EC2 instance via the web I see this error: Timed out trying to establish connection
Is there something wrong with my setup? I know I have the correct key, credentials, and host but I am a bit confused on the ports. I figured my coldfusion admin panel is looking on port 3306 and my database is served on port 3306 so 3306:localhost:3306 seems correct to me but obviously I am doing something wrong.
Related
I am trying to fix a website that is hosted on Google Cloud Platform using VM instance. The website is giving me a connection refused error message. I have checked that the firewall rules are set up and are provided to the VM instance.
The VM external IP is static and the same IP is present on both cloud DNS and GoDaddy.
I'm also unable to SSH into the instance.
The SSH screen is stuck here and is not loading any further
I have given the necessary permissions to the instance and the user (Compute Admin, Compute Instance Admin (v1)), but still no luck.
As the instance is created from a custom image, so later, I tried creating another instance with the same config and I was able to SSH from it. So, please find some screenshots attached below if those could be of any help
netstat -a
route -n
df -h
I am new to this so any help to fix the issue and get the website up and running would be highly appreciated.
If it worked at the second attempt (2nd Instance I mean), I suspect that the SSH service hasn't started properly. I would recommend you to check the Serial Port Output, and Accessing into the Instance through the serial port in order to be able to troubleshoot it.
Note that you'll need a user to access through the serial port. If you don't have any user created, you will be able to do so using an startup-script.
Hope this helps!
Is it possible that redis cli is given less priority to connect when memory consumption is high but application is allowed to communicate?
I am unable to connect via cli so can't check anything. Also, don't have the redis server access.
We connect without authentication -
redis-cli -h <hostname>
I ran a process which inserted too many redis keys and that caused this situation. Now, I am not able to delete those keys. I am afraid, the other necessary keys would get evicted as old and system would start doing processing for things not available in redis.
Not able to connect via telnet as well.
Is it possible to connect via a Python script at this point?
If I restart the Java application, will it be able to connect anymore?
Will redis server access via AWS console be able to delete any of the key patterns? I don't have the access currently, so not able to confirm myself. Never used via it also.
Update
Following are graphs taken from AWS console, over the last 1 day since this issue happened -
Update
I went through the FAQ of elasticache, but did not find any mention of being able to manage the data at key value pair level or presence of some special privilege users like root in case of MySql which is able to connect when no other users are able to connect.
All I found is cluster level management capabilities.
From the question it is not clear whether the redis-cli -h <host> command you're running is from within the EC2 or it is from you local machine (Outside AWS VPC).
Accessing from EC2
You will have to ensure following points:
Both the EC2 instance and Redis Instance are on the same VPC.
The security group on EC2 should be allowing port 6379 (It should already be if an application is able to access Redis on the same EC2)
Accessing from outside Amazon VPC
This is not something that's preconfigured and I will suggest that you go through the Accessing Your Cluster docs under the heading "How to Access ElastiCache Resources from Outside AWS".
First, check the connectivity from source(Generally Ec2 instance) to Target (Redis Host).
We can use simple command for that like
#curl -v hostIP(or dnsName):Port
#curl -v myredis.com:6379 or curl -v 192.17.37.42:6379
If you see "Connected" then there is no issue with the network otherwise you have to look into network configurations like firewalls.
Next, you can connect to Redis using redis-cli with the below command:
#redis-cli -h myredis.com -p 6379
I'm hoping someone could help me out with some questions regarding VPC. I'm pretty new to AWS and I'm just trying to build a sample web app to get my feet wet with everything. I've been roughly following this guide to try and setup a basic project using Zappa + Django. I've gotten to the state where I'm configuring a VPC and trying to add a Postgres instance that Django/zappa can talk to. Per that article, I've setup up my network like this:
Internet Gateway attached to VPC
4 Public subnets
4 Private subnets
Lambda function in 2 of the private subnets
RDS with subnet group in other 2 private subnets
EC2 box in 1 public subnet that allows SSH from my local IP to forward port 5432 to RDS instance
My issue comes when I try and run migrations on my local machine using "python manage.py makemigrations". I keep getting an error that says "Is the server running on host "zappadbinstance.xxxxx.rds.amazonaws.com" (192.168.x.xxx) and accepting TCP/IP connections on port 5432?".
I'm not sure what step I'm missing. I followed this guide and this post to setup the bastion host, and I know it is working because I am able to (1) ssh from my terminal and (2) establish a database connection using PSequel on my local machine.
I feel like I'm really close but I must be missing something. Any help or pointers would be greatly appreciated.
First, nice job on getting this set up - it's quite a challenge. I agree with you that you're almost there. Since you can connect with PSequel from your local system, that validates that your machine is accurately connected to the VPC RDS from a network perspective.
Next area to look at is the Django setup. If the local machine Django settings are incorrect, this would cause the error. So your database section in your settings file should be different on the local machine. As you describe in one of your comments above, I believe you have
'HOST': 'xxxxx.us-east-2.rds.amazonaws.com'
When you run python manage.py makemigrations, django attempts to use that host name and connect to it. Unfortunately, this bypasses your carefully constructed ssh tunnel.
To fix this, you can either:
Edit your local settings.py to have 'HOST':'127.0.0.1'
Edit your /etc/hosts file to point to the FQDN above (but I wouldn't recommend this since often I forget to remove the edits)
Should be easy enough to try #1 above and see if that works.
Yesterday, I updated my Django website (on AWS EC2) to HTTPS by using lets-encrypt. Everything works well. The website has HTTPS green icon as expected.
Today when I try to connect my instance by using SSH. The connection keep hunging. Finally, It give some message like "ssh: connect to host ec2-34-202-93-189.compute-1.amazonaws.com port 22: Resource temporarily unavailable".
I thought it might be security group problem of this instance. So I double checked my security group setting of this instance, the SSH, HTTP and HTTPS port are all open correctly. I created another instance to test if there is any problem on my local. The new instance connected successfully. Then I apply the new instance to the security group that I made for the previous instance and It connected. Then I apply the previous instance to the new security that I made for the new instance, the connection got frozen again. I also tried to connect with putty and it was not working as well.
Now I am really confused. My local machine is Windows subsystem of Linux. My EC2 instance is Ubuntu 16. I am using Nginx as web server. My ssh command is "ssh -i blog_project.pem ubuntu#ec2-34-202-93-189.compute-1.amazonaws.com".
Here is my security group setup for the instance.
This is the result I command "ssh -vvv -i blog_project.pem ubuntu#ec2-34-202-93-189.compute-1.amazonaws.com"
BTW, Is there any way that I can login to my instance without ssh connection? Is there anything like console or shell inside the AWS that I can touch with my instance?
Check if the instance exists on AWS, maybe a new one was created with different Public DNS (xxxx.compute-1.amazonaws.com) than the one you are using in your command.
I had been trying to establish a MongoDB database with an exposed REST API (through Crest, then Sleepy Mongoose), but neither of these had been working. I tried to do a minimal sanity test of "Can I connect to that AWS machine or not?", so here's what I tried:
1) I set up a new Amazon instance (Ubuntu 14.04), and I made sure that all incoming TCP connections were accepted.
2) I tried running sudo python -m SimpleHTTPServer 80.
3) This worked when logged into the machine and doing curl http://localhost:80/ and curl http://XX.XX.XX.XX:80/ (the machine's IP address substituted of course). However, on my local machine, the command just timed out.
I'm really looking forward to any guidance here, so I can hopefully go back to what I was originally doing (MongoDB, exposing a REST API, etc.). Really thankful for any suggestions since this has been driving me crazy!!
This is probably a security group issue.
When doing the curl http://XX.XX.XX.XX:80/ on the machine itself, did you try the internal ip (172.x.x.x / 10.x.x.x / 192.x.x.x) or the external ip?
Also, does the machine have an external ip assigned? (I'm guessing it does, otherwise ssh'ing to it would only be possible from another machine in the same subnet.)
Go to the AWS console, open the instance details and check the instance's security groups. Is port 80 open for the world (0.0.0.0/0) ?