I've created Kubernetes cluster in AWS.
I'm working on guestbook example based on coreos. After creating frontend service I'm able to curl localhost and access guestbook application from minion where application is built but failing to do so through browser or master.
I have tried putting diffrent publicIp in frontend service such as Public IP, Private IP assigned to instance by AWS.
Note:
Checked Security group in AWS and all needed ports are enabled
To check if minion is accessible through browser and other setting are correct, i tested nginx "Welcome to Kubernetes" application, it was successfully accessed through browser.
Running kubectl cluster-info should give you a proxy endpoint on the master which you can hit to access the application. That should give an idea if there is a problem with your app in the first place.
this link helped : https://github.com/GoogleCloudPlatform/kubernetes/issues/6158 see hack solution by kcao3.
Following are the changes :
add redis-master IP in slaves container /etc/hosts file
add redis-slave IP and redis-master IP in frontend containers in /etc/hosts file
checked firewall settings.
NOTE: Its a hack so DNS settings will be the correct solution
Related
I deployed flask application in GCP compute engine. It is exposed at 5000 port. When I tried to do curl from vm, curl "localhost:5000/health", I am getting response "service up". But when I tried accessing through public IP, I am not able to access. I have created network firewall rule allowing both http & https traffic and for all the ports and for all IP (0.0.0.0/0).
Please let me know, if I am missing anything here.
Posting this answer based on the solution that was provided by #Rakesh.
Issue got resolved by changing the local host in the flask code to 0.0.0.0.
So the final configuration looks as follows:
app.run(host='0.0.0.0',debug=True,port=5000)
I am new to AWS and I am trying to deploy simple app to AWS ECS. I have two simple docker containers, running in ECS Fargate:
‘Frontend’: Vue Js app, which makes a single request to backend;
‘Backend’: Django app, which serves the request;
Both services were launched within the same cluster, in default VPC and the same, single public subnet. For ‘Backend’ I configured Service Discovery: Namespace – test, Service Discovery Name – backend. Security group configured to allow All Traffic.
So, the problem is when frontend makes request:
axios.get('http://backend.test:8000/api/get-test/')
I got error: Failed to load resource: net::ERR_NAME_NOT_RESOLVED backend.test:8000/api/get-test/
However, executing in AWS Cloud9 command: dig +short backend.test returns correct private IP of the backend container.
When I change request to something like
axios.get('http://172.17.3.85:8000/api/get-test/')
where 172.17.3.85 is valid private IP of the backend container, I got following error:
GET http://172.17.3.85:8000/api/get-test/ net::ERR_CONNECTION_TIMED_OUT
However, if I spin out EC2 instance in the same VPC and subnet and SSH to it, I can ping backend container, and requests -
curl -v http://172.17.3.85:8000/api/get-test/
as well as
curl -v http://backend.test:8000/api/get-test/
return desired response.
The only case when everything is working as expected is when the request is like
axios.get('http://3.18.59.133:8000/api/get-test/'),
where 3.18.59.133 is valid Public IP of the backend container.
I would appreciate any suggestion where look further or how to connect two containers via service discovery as right now I am out of ideas.
Based on the discussion in comments and description of the problem, the reason is that the Frontend’: Vue Js app executes on the client side, for example, in the browser.
This explains all the issues described and discussed:
axios.get('http://backend.test:8000/api/get-test/') does not work as on the client side you can't resolve privte hosted zone.
axios.get('http://172.17.3.85:8000/api/get-test/') does not work because the 172.17.3.85 is valid only in the VPC, not on the client's network.
spin out EC2 instance in the same VPC and subnet and SSH works because private hosted zones can be resolved inside VPC.
axios.get('http://3.18.59.133:8000/api/get-test/') works because public IP can be used on the clinet side, unlike private IPs.
I have a compiled Go project that I want to deploy to an AWS EC2 instance. I just simply upload the application and run ./application on the remote server.
In the terminal, the application is running and says he's listening to localhost:3000.
I've already added the 3000 port to the security group.
However, when I tried to access it in my browser using <public-ip>:3000, it always shows connection refused, whether I've run the application or not.
I tried to run the app locally, it does work.
So is it because I deploy it incorrectly?
It is a bit difficult to help you because of no code being shared.
Some reasons why you got connection refused:
Your application is listening only localhost:3000
EC2 security group does not expose port 3000
How to fix:
Most applications are defining the host address on a config file or env variables. If you have access to change it, change it from localhost:3000 to 0.0.0.0:3000 to accepts connection from all IP or to your_ec2_public_ip:3000
If host address is hardcoded and you have access to code, change the code per above
If you don't have access to config or code to change the host address, then add a reverse proxy to route the incoming call to localhost:3000. This is a good link about using Nginx as reverse proxy https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
Ensure EC2 Security Group allowing inbound connection for the designated port, in this case, is 3000 if you manage to route the incoming to your_ip:3000
I am new to Amazon cloud. I have deployed a django application on AWS EC2. I started the application but unable to see it from the browser. Which IP address will have the access? I tried both private and public but both are not resolved.
Try to run you app using command python manage.py runserver 0.0.0.0:8000.
Your app will be running publicly. Try to figure out IPv4 Public IP in the Instance section of AWS.
Then move to Security Groups which is listed in left navigation under NETWORK & SECURITY.
Choose the security group which is assigned to your instance. After that click on EDIT button on Inbound rule section and allow port in which the app is running. For example: port 8000.
Type: Custom
Protocol : TCP
Port Range : 8000
Source : Anywhere or My IP
Once added. Click on Save and make sure in Django App settings,allowed host is set to *. So, that you can access your application from anywhere.
ALLOWED_HOSTS = ['*']
The above code is not recommended for production. Good to use for development/testing.
I started a cluster in aws following the guides and then went about following the guestbook. The problem I have is accessing it externally. I set the PublicIP to the ec2 publicIP and then use the ip to access it in the browser with port 8000 as specified in the guide.
Nothing showed. To make sure it was actually the service that wasn't showing anything I then removed the service and set a host port to be 8000. When I went to the ec2 instance IP I could access it correctly. So it seems there is a problem with my setup or something. The one thing I can think of is, I am inside a VPC with an internet gateway. I didn't add any of my json files I used, because they are almost exactly the same as the guestbook example with a few changes to allow my ec2 PublicIP, and a few changes for the VPC.
On AWS you have to use your PRIVATE ip address with Kubernetes' services, since your instance is not aware of its public ip. The NAT-ing on amazon's side is done in such a way that your service will be accessible using this configuration.
Update: please note that the possibility to set the public IP of a service explicitly was removed in the v1 API, so this issue is not relevant anymore.
Please check the following documentation page for workarounds: https://kubernetes.io/docs/user-guide/services/