Failing to set up gerrit server on EC2

0

Hi, Requirement: Create a gerrit server on AWS EC2 instance

I have created an EC2 instance with almost all default settings. (Ubuntu system - Mumbai region(closest))

  • I have installed git, Java using:
apt-get install git

(git version 2.34.1)

apt-get install default-jdk

(java version 11.0.22)

java -jar gerrit-3.5.1.war init --batch -d ~/gerrit_example

This installs the Gerrit configuration files in ~/gerrit_example

git config -f ~/gerrit_example/etc/gerrit.config gerrit.canonicalWebUrl

Result is port 8080 Port

But when I open the URL: http://<public_instance_ip>:8080 The page is not loading and opening. This site can’t be reached13.200.229.144 took too long to respond. server link not opening

Please help in resolving the same.

Arjit
asked a month ago260 views
2 Answers
1

I see two possibilities.

  1. the server you are hosting is configured to be accessed only by your local IP.

Check the port and IP set listening with a command such as netstat -anl | grep "8080" and if it is 0.0.0.0.0:8080, this problem is not likely to exist.

  1. The Security Group of EC2 does not permit the connection to port 8080.

Check that the inbound rule of the EC2 Security Group allows communication on port 8080.

profile picture
EXPERT
shibata
answered a month ago
profile picture
EXPERT
reviewed a month ago
  • Hi, Thanks for the answer,

    Adding below security inbound settings made the public_ip:8080 url working: Type: All Traffic Source: My IP But I am unaware of the security here. Could you provide some insights on the same?

  • Minimize the number of allowed ports to properly configure a SecurityGroup (SG). In this example, if only port 8080 is used, it is recommended that only TCP port 8080 be allowed.

    If your global IP address is fixed and will not change, setting Source to My IP is better.

    If your IP address changes frequently, this is a difficult problem. If your IP address changes frequently, this is a difficult problem, because it is safe to set SG every time your IP address changes, but it is tiring. Therefore, it is easy to specify 0.0.0.0.0/0 as the Source. However, this setting exposes port 8080 to the world. This means that someone may connect to it.

    https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html

  • Thank you for the insight. I will go through the documentation that you shared for a thorough understanding.

1

Hello.

Do you allow HTTP port 8080 in the inbound rules of your EC2 security group?
Please add it if you haven't already.
https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html#adding-security-group-rules

Also, is the subnet that EC2 is running a public subnet?
If it is not a public subnet, add a route to the Internet gateway to the subnet's route table.
https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html

Also make sure that it is listening on port 8080 using the command below.

sudo lsof -i:8080
profile picture
EXPERT
answered a month ago
profile picture
EXPERT
reviewed a month ago
  • Hi, Thanks for the answer.

    Adding below security inbound settings made the public_ip:8080 url working: Type: All Traffic Source: My IP But I am unaware of the security here. Could you provide some insights on the same?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions