- Newest
- Most votes
- Most comments
Since you can SSH, it sounds like an issue with: NACL, Security Group, Host-based firewall, or Application source filtering. I'd reconfirm the direction as an Inbound rule on the Security Group. Make sure the in and outbound NACLs are open. Confirm that host-based firewall, ie. iptables, is not running. Confirm that the web server allows connections from any IP address.
Solr has this nice looking Reference Documentation: SolrCloud on AWS EC2
Only the default ACL is configured, and it looks like (for both inbound and outbound)...
100 All traffic All All 0.0.0.0/0 Allow
'*' All traffic All All 0.0.0.0/0 Deny
The referenced documentation describes setting up a solr cloud cluster, and this is a standalone, single core installation.
Based on the information provided, it seems you've taken several correct steps to access the Solr web interface, but there are a few additional points to consider:
-
Firewall settings: While you've configured the AWS security groups correctly, make sure that the local firewall on your Debian instance (if enabled) also allows incoming traffic on ports 8983 and 9983.
-
Solr configuration: Check if Solr is configured to listen on all interfaces, not just localhost. In your solr.in.sh file, ensure that SOLR_JETTY_HOST is set to 0.0.0.0 instead of localhost or 127.0.0.1.
-
Correct URL: Confirm that you're using the correct URL format. It should be http://[EC2-Public-IP]:8983/solr or http://[EC2-Public-DNS]:8983/solr.
-
Instance public IP: Verify that you're using the correct public IP address of your EC2 instance, as it can change if the instance is stopped and started.
-
Network ACLs: If you're using custom Network ACLs, ensure they're not blocking the traffic to these ports.
-
VPC settings: Check that your VPC and subnet configurations allow inbound traffic from your IP to the instance.
-
Solr service status: Confirm that the Solr service is running and listening on the correct ports using a command like 'netstat -tuln | grep 8983'.
If you've verified all these points and are still unable to access the Solr web interface, you may want to check the Solr logs for any error messages or configuration issues that could be preventing external access.
Remember, allowing inbound traffic on any port represents a potential security vulnerability, so ensure you're following best practices for securing your Solr instance.
Sources
Security Groups and Classic Ports | AWS re:Post
View web interfaces hosted on Amazon EMR clusters - Amazon EMR
I went through all of these steps, and it seems solr is not listening on all ports despite my edits to /opt/solr/bin/solr.in.sh. Is that maybe the wrong place to make those edits?
This was the most correct answer. It's only missing the correct location of solr.in.sh, which in my case was
/etc/default/solr.in.sh
Relevant content
- asked 3 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
to confirm, you can SSH from an external/public IP to the EC2 instance running Solr but you cannot connect to the web admin, right?
@randy_weinstein Yes, this is correct.