I just configure a NAT gateway for my elastic beanstalk, when i curl my port 80 from the localhost it works fine but when i try to access my elasticbeanstalk public endpoint i didn't get nothing from it, it just says "this site can't be reached".
i've configure to allow the port 80 from the security group, is there anything i have to do?
Related
I have setup a website using ElasticBeanstalk having ELB
Security Group for ELB is configured for 80 & 443 from 0.0.0.0/0
Security Group for EB is configured for 80 & 443 from ELB
Route53 A record has alias pointing to ELB & it works properly
Yet my site is getting access using EB URL http://custom-env.xx.us-east-1.elasticbeanstalk.com/
How is it happening? To what does this URL points to?
Your EB security group policies allows connection from any host on port 80 and 443. Since, you are directly hitting the EB url its accessible(I'm not sure its using ELB for load balancing, more on this later). A record in route 53 is just pointing the URL http://custom-env.xx.us-east-1.elasticbeanstalk.com/ to your EB application.
To verify whether ELB is indeed used, check the ELB configuration, its should be pointing to your application.
I am struggling to enable an AWS lambda to send HTTPS POST requests to an AWS elastic beanstalk service.
The elastic beanstalk provides web and web services and works nicely.
The lambda is doing some calculations with AWS elasticache (works well) and then decides if to send HTTPS POST to the beanstalk URL.
The lambda is written with node.js. About 2 minutes after the POST attempt I am getting this timeout:
[Error: connect ETIMEDOUT X.Y.Z.W:443] code: 'ETIMEDOUT', errno: 'ETIMEDOUT', syscall: 'connect', address: 'X.Y.Z.W', port: 443
I see no indication of a request in the elastic bean nginx access log.
So my understanding is that the security groups are not set correctly.
I ruled out the option that the elastic beanstalk prevents such connections - The lambda is using a url with an external domain name that can be used from any browser and that works fine.
So I am left with the conclusion that the lambda security prevents this connection. So - I opened up the lambda security group completely to "All traffic" from anywhere - and I still get this problem.
Any ideas?
You are running your Lambda function within your VPC, which is required to access your ElastiCache servers. However once you place a Lambda function into a VPC it no longer has access to anything outside the VPC. You are trying to hit the Elastic Beanstalk server via a public (Internet) address, which the Lambda function does not have access to. Thus you are getting network connection timeouts.
You need to configure your Lambda function to access the service via an internal VPC address. And you need to configure your Elastic Beanstalk Security Group to allow access from the Lambda Security Group (if you haven't already).
Alternatively, you could add a NAT Gateway to your VPC, which would give your Lambda function access to resources outside the VPC.
I have a Single-Instance EB environment, with an elastic ip. However, I can't seem to ssh to the current instance using the elastic ip, only the private ip. How do I fix it?
When I try to ssh using the elastic ip, it just hangs.
Your Elastic Beanstalk instance won't have port 22 open by default. Either you have to add a security group that has it open (can also add port 22 to an existing security group that is already used) or you can use the CLI to SSH to your instance.
eb ssh
It will open the port for you automatically while you are logged in.
I have an elastic beanstalk setup but the url that's listed in the environment is not accessible, whereas if I point to the url of the load balancer I can access it.
Any suggestions ?
Attach the LoadBalancer security group to the instance. For me it worked. I found ELB has different security group that is not attached to instance.
Or you can create one Security Group with HTTP port 80 open and attach it to ELB and Instance from the beanstalk configuration
Go to Elastic Beanstalk configuration then go to VPC settings. Check the "Associate Public IP Address". Then it worked for me.
I have been trying to figure out a way to ssh into an ec2 instance behind an elastic load balancer without assigning the ec2 instance an Elastic IP
Usually I would assign an Elastic IP onto an ec2 instance and just SSH and SFTP through that way but is their another way ,I can ssh and sftp without assigning it an elastic ip through PuTTy?
I tried this configuration - the ELB port to be 2222 and the Instance port to 22. It worked for me. For simplicity I used the same SG for both EC2 and ELB.
Similarly you can route the PORT 2220 to 20, 2221 to 21 like this for SFTP
TCP Port 2222(ELB) to 22 (Instance)
Open Putty and enter the ELB DNS with Port 2222 [Be sure if the 2222 is opened to your exit IP of office / public IP via. the SG]
Get the Connection Established [the IP 14.0.1.87 is ELB's ID and not the public IP of my machine]