I've started to get into AWS today and created a simple EC2 Instance with a Node.js app listening on port 3001.
I can access it through my public DNS at ec2-12-34-123-123.eu-central.amazonaws.com:3001 and get a Hello World output.
Not I'm trying to set up a custom domain to this instance.
I've done the following steps:
Created a domain with Route 53
Created an Elastic IP and assigned it to my EC2 Instance
Created a Hosted Zone and an A record for the Elastic IP
But still I can't access my server via mydomain.com:3001
Did I do anything wrong?
And how can I setup multiple subdomains forwarding to a specific port?
For example:
api.mydomain.com
mydomain.com
jenkins.mydomain.com
and so on, when everything is listening on another port?
Creating a record for my IP:port I get wrong value, because the ip:port syntax is not valid.
Edit:
Just did everything again.
created EC2 instance, launched node app on port 80
created elastic ip
created hosted zone for domain
registered ns on registrar for my domain
created A record for www.mydomain.xyz + alias mydomain.xyz
When I try to go to www.mydomain.xyz I only get the Gandi page with my data.
Does anyone know what I did wrong?
How long has it been since you registered the domain and created the CNAME or A record to point to your server? It can take about 24 hours for this to propagate and start resolving to your server.
Subdomains are DNS entries that point to a server. You can't forward them to a specific port, they basically point to all ports on the server. If you don't want to include a port number in the URL then you need to have something listening on the default port (port 80 for HTTP, or port 443 for HTTPS). If you need multiple web servers running on different ports on a single server, then you would need to add a reverse proxy like Nginx to that server to map the different domain names to the different ports.
Related
I have MERN stack app and both Reactjs and Nodejs are running on Same host/IP of EC2 . I have bought a domain from Godaddy so how can i point it to my domain . Am getting this error on Godaddy
Also how can i add SSL certificate for both (Frontend and NodejsServer / both running on same instance with different ports e.g 3002:react , 4000:nodejs)
It can be achieved using Route53, providing high level overview here and pointing to the AWS Documentation
Set static IP of your EC2 instance (Elastic IP)
Configure hosted zones in Route53
Create records in Godaddy
Full documentation here https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-ec2-instance.html
It depend how you want to setup SSL for FrontEnd and Backend
Ideally for FrontEnd you point your domain to the right port of FE 3002 so that when you open your site www.mysite.com then it opens your FE
For BE, you can use your static IP or the AWS provided host name and to setup SSL follow this SO post
Frontend (domain.com and www.domain.com)
Use AWS apmilify to host your static files, it will give you dns record that you can add on godaddy.
Backend (server.domain.com)
Put a loadbalancer Infront of your ec2 instance that will handle ssl and it will give you a dns record that you can add on godaddy. Loadbalancer should listen on 80 and 443 ports and can forward to 4000 on ec2 instance.
please note this is just a quick recommendation just for your use case, there are many better ways to deploy MERN apps.
My Problem is as below.
I have a domain registered with GoDaddy [ assume : mytest.com ]
I have a EC2 ALM instance at AWS
I have elastic IP associated with my Instance [ assume : 111.222.333.444]
I have developed a nodejs application and deployed in instance
That node application is running at port 8181
Application is accesable using http://111.222.333.444:8181/
I want to configure my domain so that http://mytest.com will point to http://111.222.333.444:8181/
I have few knowledge to configure using Route53 also but not able to solve the mapping with port 8181.
Need kind help to resolve this issue
Thanks in advance
Note : For time being i am not looking for AWS PaaS Elastic Beanstalk for node js deployment
Ajoy
You actually have to do several things to make your thing work.
1. Change DNS nameservers to point to your Route53 Hosted Zone
Since you registered your hostname with GoDaddy, and you want to use Route53 as your DNS, you have to do several things.
First, go to Route53 and create a hosted zone for your domain. For demonstrative purposes, I will be using stackoverflowexample.com as my domain.
After you've created your hosted zone, click into it and you should be presented with the NS and SOA records. The NS record lists 4 unique nameservers that you will need to configure with GoDaddy.
The image below is an example of the NS record set (AWS Route53 calls it the delegation set).
Then you will have to go to your registrar and follow their directions to change nameservers for your domain, using the 4 nameservers Route 53 assigned you as your custom nameserver.
Then create a new A record in route 53 pointing at your elastic IP address. In the end your Route 53 zone will look something like this, with an A record mapping your domain to your elastic IP address.
2. Hosting/proxying your application on default HTTP port
After you have set up the DNS records (and waited a while for DNS to propagate), then you should be able to hit your server on port 8181.
But you want to hit it without a port number, so how do you do that?
DNS itself doesn't care about ports, it really just provides information about IP addresses and domain names. What you need now is to set up a proxy or other mechanism to direct traffic on your server. I will provide a few solutions.
Use nginx to reverse proxy
Since you control your own instance, you could install nginx (a web/proxy server) on the instance and configure it so that when it gets requests, it knows how to direct the traffic.
Here are generic instructions for configuring nginx for reverse proxy operation.
nginx example for Debian/Ubuntu
If you are using Debian or Ubuntu, a simple set up is as follows:
# Install nginx
sudo apt-get update && sudo apt-get install nginx
# By default, nginx runs a default site on port 80 you don't care about
# This removes the symlink for the default nginx site
sudo rm /etc/nginx/sites-enabled/default
Then you will want to create your own configuration in sites-available.
sudo vim /etc/nginx/sites-available/mainsite
The contents of your file will look probably like this:
server {
listen 80;
server_name stackoverflowexample.com;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
# Proxy all requests to the NodeJS app on port 8181
proxy_pass http://localhost:8181;
}
}
After you're done, execute the next two steps
# symlink your new nginx config to sites-enabled, which nginx
# automatically discovers and loads.
sudo ln -s /etc/nginx/sites-available/mainsite /etc/nginx/sites-enabled/mainsite
# Reload nginx configuration
sudo service nginx reload
Now try hitting your site without the port - you should reach your application.
Use Elastic Load Balancer
AWS offers a load balancer service (at an additional cost of ~$20 USD per load balancer per month) which lets you configure an HTTP and/or HTTPS load balancer for your application, allowing you to map incoming request ports to ports on your instance.
It's also automatically provided to you if you use Elastic Beanstalk.
They have their own tutorial which should help.
Configure your application to run on port 80
I do not do this myself and this is only useful if your instance will only ever host one app that controls all its own routing.
You could run your Node app directly on port 80 without needing a reverse proxy in front. If you go down this route, I'd recommend not allowing the service to run as root and instead configuring something like authbind to allow non-privileged access to port 80.
I will defer to other answers like this SuperUser one if you want to bind your service to port 80.
Additional Notes
You'll note that I excluded configuring HTTPS. That requires more steps like provisioning an SSL cert, though AWS or LetsEncrypt provide them for free now. Configuration also differs if you're using an Elastic Loadbalancer or a server on your instance, or if you're exposing your app directly.
I suggested nginx, and I would still recommend it in almost all general cases, but there are multiple different servers you could use to act as a reverse proxy. Other popular ones are haproxy or apache httpd with mod_proxy.
You can use any AWS public gateway provider such as EC2, ELB, S3 to serve your website or server to the public domain you have on GoDaddy. The AWS usually charges about .51 USD per month to maintain this zone entry as well.
the following steps set up your domain.
Obtain the Elastic IP or EC2 IP for the website or service.
Create a Hosted Zone on Route53.
Update the domain name records on Hosted Zone.
Update name servers on GoDaddy for discovery.
Check this tutorial
For those who are only looking to route their domain to ec2 instance (have already running ec2 instance and having domain name).
1.) Go to: https://dcc.godaddy.com/domains and select your domain.
2.) Click on Manage DNS and edit Record Type A.
3.) Enter your ec2 instance public ip in Points to textbox. Save. Done.
I am developing a web application locally. However, I would like to host the final product on an Amazon EC2 instance. I have moved my web application to the EC2 instance and am able to run the application; it's now listening on port 8081.
What I don't understand is how to allow users on the internet to access the web application running on port 8081 of the EC2 instance. I have tried redirecting the domain name to the IP address of the EC2 instance on the NameCheap DNS (where we bought the domain) to no avail. I suspect one of the things I need to do is set the permissions of the EC2 permission group but what should I set it to?
Help is greatly appreciated!
Thanks!
You can setup a nginx server to proxy all request to the port 8081.
Read more information here: https://doesnotscale.com/deploying-node-js-with-pm2-and-nginx/
Generally speaking, for a public web application you will want to run on a standard port (e.g. 80 or 443). You could do that by just running your node app as a privileged user (required by most OS's to expose 80 or 443), but generally it's better to have a web server in front pass the traffic, treating your node app as an upstream server (even if it's on localhost). NGinX is a good choice for this.
Regardless of what port you want to run it on, you'll need to update your EC2 security policy for that instance to allow traffic on that port (80, 443, 8081, whatever). You'll also need to make sure it's exposing a public IP address. It's not a bad idea to assign it an Elastic IP, since you'll wnat it to have the same address across instance reboots.
Finally, depending on what AMI you're running from, there may be a host firewall configured that you'll need to check on and configure to allow the traffic.
I have a Azure VM. Using the IIS, I host a website in the VM.
How can I access that website via the DNS name (like http://abc.cloudapp.net/)
I know this is the most unlikely, we should use the "web role", but I really need this works, is this possible?
I tried with the localhost, it works, the internal IP works, but the DNS name doesn't.
Edited to provide more info (March 09):
I have already have endpoints setup. "binding" uses the dns name. I have two website, one hosted in the port 8081, it works. Another one hosted in the port 80, which doesn't work.
http endpoints
the port 80 doesn't work
the port 8081 works
If I understand correctly, your VM already has a Azure domain in the form of myvmname.cloudapp.net right?
First you need to add an ENDPOINT in the VM that bridges the port 80 from outsite to inside (if that is the port indeed you configured in IIS).
Then, you need to add a CNAME record in your DNS table that points from www.mydomain.ext to myvmname.cloudapp.net (obviously replacing the correct values).
I have server instance on Amazon. I have domain which DNS point to Amazon server IP. I have a node.js http proxy (https://github.com/nodejitsu/node-http-proxy) which is running on port 80 and points to different apps (that run on ports like 8080, 8081) on server based on domain in request. Everything worked great.
Now I need to create whitelist of IPs which traffic can reach the server. I've edited security group on AWS in such way:
Add custom ip to port 80 (cause all domains point to this port)
Left all other ports open from anywhere
But this doesn't work.. When accessing server by domain (and by ip as well) conncection is time outed. AWS source field accepts IP in CIDR format ONLY like 93.33.40.229/32 maybe that is the problem? Or any other ideas?