I'm trying to configure a port forwarding (port 80 to port 8080) for a Node.js application hosted on Google Cloud Compute Engine (Ubuntu and Nginx).
My ultimate goal is to have an url like "api.domain.com" showing exactly the same thing from "api.domain.com:8080" (:8080 is working actually).
But because it's a virtual server on Google platform, I'm not sure what kind of configuration I can do.
I tried these solutions without success (probably because it's a Google Cloud environment):
Forwarding port 80 to 8080 using NGINX
Best practices when running Node.js with port 80 (Ubuntu / Linode)
So two questions here:
1.Where I need to configure the port forwarding?
Directly in my Ubuntu instance with Nginx or Linux config files?
With gcloud command?
In a secret place in the UI of console.cloud.google.com?
2.What settings or configuration I need to save?
One possibility is to use Google Cloud Load balancer.
https://cloud.google.com/load-balancing/docs/
1) Create a backend service that listen on port 8080
2) Create a frontend service that listen on port 80
3) Then forward frontend trafic on this backend service
4) Bonus : You can create a ssl certificate auto managed by GCP https://cloud.google.com/load-balancing/docs/ssl-certificates#managed-certs
For the benefit of future readers, here how I figured out how to configure the port forwarding.
You will need to be sure that your Firewall on Google Platform is well configured. Follow this process well described here: Google Cloud - Configuring Firewall Rules. You will need to be sure that port 80 (or 443 for HTTPS) and your Node.JS port (e.g 8080 in my case) are opened.
You will need to configure the port forwarding directly on the server. As far as I know, as opposed to the firewall rules, this is not a configuration that you can do in the Google Cloud platform UI. In my case, I need to edit the Nginx config file located in: /etc/nginx/sites-available/default.
Use this example for reference to edit your Nginx config file: nginx config for http/https proxy to localhost:3000
Once edited, you need to restart your Nginx service with this command: sudo systemctl restart nginx
Verify the state of Nginx service with this command: sudo systemctl status nginx
Your port should be redirected correctly to your Node.js application.
Thanks to #John Hanley and #howie for the orientation about Nginx configuration.
EDIT: This solution is still working but the accepted answer is easier.
Related
What I'm trying to do is create an access website for my own services that run on my linux server at home.
The services I'm using are accessible through <my_domain>:<respective_port_num>.
For example there's a plex instance which is listening on port X and transmission-remote (a torrenting client) listening on port Y and another custom processing service on port Z
I've created a simple website using python flask which I can access remotely which redirects paths to ports (so <my_domain>/plex turns into <my_domain>:X), is there a way to display these services on the network paths I've assigned to them so I don't need to open ports for each service? I want to be able to channel an existing service on :X to <my_domain>/plex without having to modify it, I'm sure it's possible.
I have a bit of a hard time to understand your question.
You certainly can use e.g. nginx as a reverse proxy in front of your web application, listen to any port and then redirect it to the upstream application on any port - e.g. your Flask application.
Let's say, my domain is example.com.
I then can configure e.g. nginx to listen on port 80 (and 443 for SSL), and then proxy all requests to e.g. port 8000, where Flask is running locally.
Yes, this is called using nginx as a reverse proxy. It is well documented on the internet and even the official docs. Your nginx.conf would have something like:
location /my/flask/app/ {
# Assuming your flask app is at localhost:8000
proxy_pass http://localhost:8000;
}
From user's perspective, they will be connecting to your.nginx.server.com/my/flask/app/. But behind the scenes nginx will actually forward the request to your app, and serve its response back to the user.
You can deploy nginx as a Docker container, I recommend doing this as it will keep the local files and configs separate from your own work and make it easier for you to fiddle with it as you learn. Keep in mind that nginx is only HTTP though. You can't use it to proxy things like SSH or arbitrary protocols (not without a lot of hassle anyway). If the services generate their own URLs, you might also need to configure them to anticipate the nginx redirects.
BTW, usually flask is not served directly to the internet, but instead nginx talks to something like Gunicorn to handle various network related concerns: https://vsupalov.com/what-is-gunicorn/
I followed this tutorial to deploy NodeJS my app on the server.
My issue is that, I only can access the service using domain:port (example.com:1234) not domain name only (example.com).
How can I configure my app to access the service without adding the port to the address/domain name?
TCP connections always require you, the client, to specify a port. You're able to visit domain.com in your browser without specifying a port because your browser implicitly connects on the conventional ports: 80 for HTTP and 443 for HTTPS.
Your application server needs to bind to one of these ports in order to achieve what you're going for.
EDIT: Just skimmed the tutorial you linked to. Since your application is sitting behind a reverse proxy , you'll need NGINX to own 80/ 443 (which it should do by default). You can bind the app server to whatever port you want, so long as the reverse proxy config matches up with it.
I run a tomcat7 in ubuntu in aws. not use apache.
and my site use default tomcat port 8080.
I don't want to open port except 8080 so I'm setting in aws security group.
inbound
8080 TCP anywhere
and outbound allTraffic.
but I try to rest call to
http://my_aws_ip:8080/test.do
but it doesn't work.
What should I open the port?
Does tomcat7 use a some port?
Tomcat uses whatever port or ports and protocols you configure it to use. By default it listens for HTTP requests on tcp/8080, AJP requests on tcp/8009, and service management requests on tcp/8005.
This is configured in Connector elements in $CATALINA_HOME/conf/server.xml:
https://tomcat.apache.org/tomcat-7.0-doc/config/http.html
You should reconfigure Tomcat to listen on standard ports like tcp/80 for HTTP and tcp/443 for HTTPS. Non-standard ports are a ready indication of a novice deployment.
The AWS Security Group should be configured to allow HTTP, HTTPS, pr both depending on your need. I highly recommend using HTTPS unless the information being transferred is public domain or has no value.
You can check what ports Tomcat is using on your EC2 instance with netstat -anpt. It will show all active and listen ports and the programs that have bound them (including java or tomcat for your Tomcat ports).
Unless you really need root access to the OS, you might want to consider using Amazon Elastic Beanstalk as it manages all that cruft for you.
I am a frontend developer and having issues setting up my MEAN app in production server. I am confused about the role of apache ? if any.
right now I don't have a domain name, just an IP address for a CentOS 6 VPS.
I stopped apache and am using express only, I deployed the app code and ran the grunt task in production environment and the app is listening on port 3000 .. but when I visit the site at
http://104.238.103.223:3000/ I get a "page not available" error
I am confused at how to specify a "DocumentRoot" without apache ? how do I tell DNS where to find my app ? I may be looking at the problem wrong since I am not well aware of the backend side of things.
You should reverse proxy to port 80 (or 443 for https) to access your application with your domain name. You can use apache, nginx or haproxy etc.
Also check your firewall if port 3000 is allowed.
Check out this page; http://blog.podrezo.com/making-node-js-work-with-apache/
I have Solr with its default Jetty that came with example directory installed on Linux server which has apache2 as its web server.
Now, within the same private LAN, when I open a browser and type in http://<ip-address>:8983/solr works ONLY when I do port forwarding otherwise it doesn't work. I am not sure what could be the problem? Please note this installation has been done on a remote server in a hosting environment for production deployment and I am a beginner wrt deployment stuff.
You can use the jetty.host parameter during startup to allow direct access to Jetty.
The -D option of the java command can be used with the followin syntax:
java -Djetty.host=0.0.0.0 -jar start.jar
In this way Jetty can be reached from all the hosts.
However this is not the ideal setup IMHO. I prefere to setup Jetty to listen only on localhost, implementing the client with another frontend server which listen on port 80. If you want to implement the frontend on another server you can use iptables to limit the incoming connection, dropping everything on the 8983 port if the IP is different from the one of your frontend server.
This image depicts my preferred setup for a LAMP stack includin SOLR: