I have an EC2 instance thats running an apache server that I can access just fine. However I also have three api's that I am running on that same EC2 instance. these run on ports such as 3007 and I've allowed access to that port and my front end try to use localhost with those associated ports.
Now when I start those API's they connect fine to my external resources such as a database however my front end can't connect to them. Without having to use an additional service such as AWS api gateway, why might it have an issue connecting?
I think your problem arises from the fact that you are calling localhost instead of your EC2 IP/domain name.
When you call localhost, that means whatever computer you are at. For backend, localhost is encouraged since you are on the same computer. But on the frontend, your website tries to go to localhost:3007, which is the client computer. You need to change it to either ec2-<<your EC2 public IP here>>.compute-1.amazonaws.com or your EC2 Public IP.
You can find these here:
Related
I am trying to connect to an Amazon RDS (Postgres) instance from an EC2 server via a NodeJS application using the pg npm package. The error I am receiving an error (note i'm hitting my node backend via a react app):
OPTIONS /users/login 200 0.424 ms - 2
Error fetching client from pool Error: Connection terminated due to connection timeout
I have tested the app locally and everything works perfectly (including connecting to RDS), but as soon as I run the app on the server I can't connect.
To simplify the problem, I have just typed my credentials explicitly into the NodeJS route file so I know there's no issues with environment variables etc. I then pushed my code to the server, pulled it as-is, and ran it. No luck. From a connection perspective, I just create a pool (require pool from pg) and then use pool.connect and client.query to make the request.
I feel like given that it works locally that the issue is an AWS one with my networking/security groups, but I feel like I have tried everything:
Ensured the db is set to public
Created a fresh security group and added it to EC2 and to RDS
Completely opened the ports (inbound and outbound)
Created a VPC and added to both EC2 and RDS
Checked the inbound/outbound are open on the VPC subnet NACL
Any help would be much appreciated. I am going insane
Connect to your server and try to debug the connection with telnet or a PostgreSQL client.
The most common mistakes for this error are:
RDS Security Group does not allow incoming connections from your VPC range or for the public EC2 server IP (in the case of a public database).
RDS subnet does not allow outgoing connections in NACL. Keep in mind that only the first connection occurs in the port you define in RDS, the other connections occur on other ports; but I think this is not your case once you said you could connect locally.
RDS Route Table doesn't allow connections from outside the VPC. But, again, I think that's not your case.
EC2 Security Group does not allow outgoing connections to the RDS. This case is a little trickier but it can happen if you don't set the SG properly.
The last case is that your EC2 server subnets do not allow connections to the internet. You said that you can connect locally, so I imagine that your RDS is properly set to allow public connections; however, you can have the case that you didn't connect an Internet Gateway or a NAT Gateway in your EC2 server Route Table or didn't properly configure the NACL to allow inbound/outbound connections from the internet.
I created a web application and mounted it on an EC2 Windows instance.
Since it is created with Node.js Express and I didn't touch anything about localhost or port stuffs,
it is being listened on the port 3000 on npm start.
After I did npm start on the EC2 instance, then I can access it by "localhost:3000" within the EC2.
But when I try to access it from outside the EC2 with its public IP, like ip_address:3000, it keeps returning connection timed out error.
As I wrote in the title, I added a custom TCP security group that makes the instance opened for any IP addresses and with port 3000 but it still doesn't work.
What can I do? What am I possibly missing?
Thanks in advance.
Couple of things could be going wrong here.
Firstly - confirm your web application is actually running from within the instance.To do this on any recent windows in powershell: Invoke-WebRequest http://localhost:3000.
Secondly - confirm the security group on the instance allows incoming traffic for your designated port - HTTP(80) or HTTPS(443).
Thirdly - since you mentioned your instance has a Public IPv4 address, it must be located within a VPC and a Subnet. Navigate to the VPC service within the AWS Console and have a look at the Network ACL for that subnet. It's possibly denying all incoming traffic - rendering your security group settings unused.
If you're unsure on whether the subnet is blocking incoming traffic or not, have a look at these docs.
I would like to ask about how to configure Nodejs (backend/server) to accept HTTPS request from client side (Front end).
What we did.
Registered domain name in AWS.
List item
Requested SSL in ACM.
Create bucket in S3, and store our front-end code (angular 5) inside of it.
Created distribution in cloud front and put our custom ssl there and connect to bucket in S3.
We set up also ec2 instance and store our back-end code (node js) there.
In our front end code we connect to the ip of our ec2 instances so that we can connect to backend.
The problem:
The front-end can't access the backend in ec2 instances because the front end is https and the backend is http (we don't know how to configure it from http to https in AWS EC2 Instance).
Do you know how to setup web app in aws which front end and backend code is separated?
What did we missed?
What did we missed?
If I understand you correctly, you have a Cloudfront distribution serving angular which is then attempting to connect to an EC2 instance - I presume the IP address or public DNS entry for the EC2 is hard-coded into the angular code.
This is not a good arrangement - if your EC2 goes down or the IP address changes you will need to push a new site to S3 - and then this change will take time to propagate through Cloudfront.
What you should rather be doing is this.
create an application load balancer
create a target group and add your EC2 to that target group.
add a listener on the ALB, listening on the port your web app connects on, with a rule that forwards to the HTTP port of the back-end EC2.
Add a route 53 DNS Alias record for the ALB (because ALBs do sometimes go away or change their IP address)
Change your front-end code to point at the Route 53 Alias record.
(This is an incredibly simplistic way of doing things that leaves your EC2 open to the internet etc etc).
You should also give serious thought to putting your EC2 into an autoscaling group that spans at least two availability zones, and to setting its minimum size to ensure at least servers are running at any one time.
AWS EC2 instances can go away at any time, and when they do your app goes down with them.
I have a Ubuntu 16.04 instance on google cloud and I can ping the instance with it's public IP, I'm trying to run a nodeJS backend REST-API on it.. I have successfully check API on my local machine, along with mongoDB.
In terminal connection I can see nodeJS my server (API) is running, but I cannot access to it. I have try API calls by using web browsers and postman, but it giving following error after few seconds delay "Could not get any response - There was an error connecting to :" how to solve the issue and what might be the cause for this problem.
You need to open the necessary port in firewall rules section
Go to -> Cloud console -> Networking -> VPC networks -> Firewall Rules
Click create Firewall rules, Add a name, keep the rest in default and in the source ip ranges add 0.0.0.0/0 and in the Specified protocols and ports add tcp:<"your app port">
In addition to Kalana's answer, you should also add http-server in target tags.
I am developing a web application locally. However, I would like to host the final product on an Amazon EC2 instance. I have moved my web application to the EC2 instance and am able to run the application; it's now listening on port 8081.
What I don't understand is how to allow users on the internet to access the web application running on port 8081 of the EC2 instance. I have tried redirecting the domain name to the IP address of the EC2 instance on the NameCheap DNS (where we bought the domain) to no avail. I suspect one of the things I need to do is set the permissions of the EC2 permission group but what should I set it to?
Help is greatly appreciated!
Thanks!
You can setup a nginx server to proxy all request to the port 8081.
Read more information here: https://doesnotscale.com/deploying-node-js-with-pm2-and-nginx/
Generally speaking, for a public web application you will want to run on a standard port (e.g. 80 or 443). You could do that by just running your node app as a privileged user (required by most OS's to expose 80 or 443), but generally it's better to have a web server in front pass the traffic, treating your node app as an upstream server (even if it's on localhost). NGinX is a good choice for this.
Regardless of what port you want to run it on, you'll need to update your EC2 security policy for that instance to allow traffic on that port (80, 443, 8081, whatever). You'll also need to make sure it's exposing a public IP address. It's not a bad idea to assign it an Elastic IP, since you'll wnat it to have the same address across instance reboots.
Finally, depending on what AMI you're running from, there may be a host firewall configured that you'll need to check on and configure to allow the traffic.