I want to run a node js application on Google App Engine but my application is currently running two protocols, on two different ports. One of them is the port 8080 (which is required to work on Google App Engine) and the other one is 1883, a mqtt server. Looking the documentation, I couldn't find anything to make this works, actually, the server starts without errors but of course I can't connect to the port 1883, only the http and https.
I need to know if this is possible at all and if is, how do I forward that port or proxy that?
My app.yaml:
runtime: nodejs
env: flex
service: comms-server
network:
name: default
subnetwork_name: default
forwarded_ports:
- 1883/tcp
Also, my VPC configuration is:
Try the following:
network:
forwarded_ports:
- 1883
instance_tag: comms-server
And:
gcloud compute firewall-rules create default-allow-comms-server \
--allow tcp:1883 \
--target-tags comms-server \
--description "Allow traffic on port 1883"
Related
I have followed this tutorial for deploying docker containers on AWS EC2 instance:
https://www.digitalocean.com/community/tutorials/how-to-secure-a-containerized-node-js-application-with-nginx-let-s-encrypt-and-docker-compose
and after reaching step 5 (where nginx is configured for HTTPS), the application just stops working. Here's my application: www.alphadevop.co
Here’s my nginx configuration:
https://github.com/cyrilcabo/alphadevelopment/blob/master/nginx-conf/nginx.conf
And here’s my docker-compose.yml:
https://github.com/cyrilcabo/alphadevelopment/blob/master/docker-compose.yml
[Here's the webserver logs][1]
[1]: https://i.stack.imgur.com/oawtD.png
Silly mistake, port 443 wasn't allowed on my application. I was confused because when i checked on my server, port 443 was open. Then I checked here, https://www.yougetsignal.com/tools/open-ports/ , saying it was closed. I then found out that there's an inbound rule for AWS EC2 instance top allow port 443.
Credits here: NGINX SSL Timeout
I have a NodeJs/Express project in Alibaba cloud based Ubuntu server.
When I run project and access with curl localhost:3000 and curl 127.0.0.1:3000 it works!
When I access with IP public, e.g. curl 192.x.x.x:3000 it doesn't work, even though I have edited config in Express project in some code to : server.listen(3000,"0.0.0.0") OR server.listen("3000","192.x.x.x").
FYI I have Apache on this server. When I access on Internet with IP public no problem.
What can I do to solve this problem? Thanks beforehand.
PS: the 192.x.x.x is my IP public and it works access with Apache project
Issue the following command to open port 3000 for TCP traffic.
sudo ufw allow 3000/tcp
You have to configure your security ground and create a inbound rule to allow port 3000. Follow this guideline.
https://www.alibabacloud.com/help/doc-detail/25471.htm
Make sure you allow TCP traffic or all traffic from all sources to the port 3000 as the inbound rule.
The fact that you can access your service locally - but not publicly could mean 2 possible configurations:
The server running your application has blocked the port 3000
You have not configured your server to map the port 80 of a specific route to the port 3000
It is highly possible that a most essential part of your server configuration has not been done.
I'm running a node JS app on Google Cloud Services using the cloud shell. I've deployed using gcloud app deploy, everything reports as a success. If I use gcloud app logs tail -s default I can see the logs, it says my app is listening on port 3000, that's the first debug message I see from my app.
When I invoke the endpoint without the port on the end, i.e.
https://myapp.appspot.com/myendpoint
I get an error,
"GET /myendpoint" 502
If I try with port 3000, i.e.
https://myapp.appspot.com:3000/myendpoint
The request just times out and I get no log messages from the shell.
I have port 3000 opened on the firewall, and my app.yaml is,
runtime: nodejs
env: flex
service: default
manual_scaling:
instances: 1
resources:
cpu: 1
memory_gb: 0.5
disk_size_gb: 10
Update 1:
I've also tried adding a forwarding port to my app.yaml,
network:
forwarded_ports:
- 3000/tcp
And allowed port 3000 in the VPC Firewall, but this seems to make no difference.
Update 2:
I can SSH into the instance and access the endpoint using a wget http://127.0.0.1:3000/myendpoint command but still no external access.
Update 3:
I've also tried port 443 too, listening on IP 0.0.0.0. But it seems to bind to IPV6 ip address 0 and changes the port to 8443 (somehow). This is just insane...
I resolved the issue by binding my service to port 8080, and removing the "service" field from my app.yaml. the external calls are all routed to port 8080 by default.
External calls have no port specified.
I am trying to deploy a Node.js Express server to AWS EB, but have some problem to config the proxy.
If I have no elasticloadbalancing.config file under the extension folder, then I can access to the server through HTTP and port 3000. However if I want to add a config to enable the HTTPS and proxy the listener port 433 to instance port 3000, then the site cannot be loaded.
Here is my Config file,
option_settings:
aws:elb:listener:443:
ListenerProtocol: HTTPS:
SSLCertificationeId: arn****
InstancePort: 3000
InstanceProtocol: HTTP
Could anyone give me any suggestions?
I am not sure if the EB is correctly configured, because once I deployed the config file, all ports in the Load Balancing in the web tier configuration were off. Will the EB use the loading balance automatically?
Here is the web tier config,
And here are listeners
Thanks.
You will need to specify config for opening the instance port access from the ELB.
Resources:
sslSecurityGroupIngress:
Type: AWS::EC2::SecurityGroupIngress
Properties:
GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}
IpProtocol: tcp
ToPort: 3000
FromPort: 3000
SourceSecurityGroupName: {"Fn::GetAtt" : ["AWSEBLoadBalancer" , "SourceSecurityGroup.GroupName"]}
Please see the documentation available at
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https-elb.html
I am running two websites in two docker containers respectively in a vps.
e.g. www.myblog.com and www.mybusiness.com
How can I implement virtualhost in the vps so that the two websites can both use port 80.
I asked this question somewhere else, and was suggested to take a look at: https://github.com/hipache/hipache and https://www.tutum.co/
They look a bit curving. I am trying to find if there is a straightforward way to achieve that. Thanks!
In addition, forgot to mention my vps is a Ubuntu 14.04 box.
Take a look at jwilder/nginx-proxy project.
Automated nginx proxy for Docker containers using docker-gen
It's the easiest way to proxy your docker containers. You don't need to edit the proxy config file every time you restart a container or start a new one. It all happens automatically for you by docker-gen which generates reverse proxy configs for nginx and reloads nginx when containers are started and stopped.
Usage
To run it:
$ docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock \
jwilder/nginx-proxy
Then start any containers you want proxied with an env var VIRTUAL_HOST=subdomain.youdomain.com
$ docker run -e VIRTUAL_HOST=foo.bar.com ...
Provided your DNS is setup to forward foo.bar.com to the a host running nginx-proxy, the request will be routed to a container with the VIRTUAL_HOST env var set.
Multiple Ports
If your container exposes multiple ports, nginx-proxy will default to the service running on port 80. If you need to specify a different port, you can set a VIRTUAL_PORT env var to select a different one. If your container only exposes one port and it has a VIRTUAL_HOST env var set, that port will be selected.
You need a reverse proxy. We use nginx and haproxy. They both work well, and are easy to run from a docker container. A nice way to run the entire setup would be to use docker-compose (formerly fig) to create the two website containers with no externally visible ports, and use a, say, haproxy container with links to both website containers. Then the entire combination exposes exactly one port (80) to the network, and the haproxy container forwards traffic to one or the other container based on the hostname of the request.
---
proxy:
build: proxy
ports:
- "80:80"
links:
- blog
- work
blog:
build: blog
work:
build: work
Then a haproxy config such as,
global
log 127.0.0.1 local0
maxconn 2000
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
defaults
log global
option dontlognull
option redispatch
retries 3
timeout connect 5000s
timeout client 1200000s
timeout server 1200000s
### HTTP frontend
frontend http_proxy
mode http
bind *:80
option forwardfor except 127.0.0.0/8
option httplog
option http-server-close
acl blog_url hdr_beg(host) myblog
use_backend blog if blog_url
acl work_url hdr_beg(host) mybusiness
use_backend work if work_url
### HTTP backends
backend blog
mode http
server blog1 blog:80 check
backend work
mode http
server work1 work:80 check