Failing to set up gerrit server on EC2
Hi, Requirement: Create a gerrit server on AWS EC2 instance
I have created an EC2 instance with almost all default settings. (Ubuntu system - Mumbai region(closest))
- I have installed git, Java using:
apt-get install git
(git version 2.34.1)
apt-get install default-jdk
(java version 11.0.22)
- I have downloaded Gerrit 3.5.1 file and followed the below commands: (wget https://gerrit-releases.storage.googleapis.com/gerrit-3.5.1.war)
java -jar gerrit-3.5.1.war init --batch -d ~/gerrit_example
This installs the Gerrit configuration files in ~/gerrit_example
git config -f ~/gerrit_example/etc/gerrit.config gerrit.canonicalWebUrl
Result is port 8080
But when I open the URL: http://<public_instance_ip>:8080
The page is not loading and opening.
This site can’t be reached13.200.229.144 took too long to respond.
Please help in resolving the same.
- Newest
- Most votes
- Most comments
I see two possibilities.
- the server you are hosting is configured to be accessed only by your local IP.
Check the port and IP set listening with a command such as netstat -anl | grep "8080" and if it is 0.0.0.0.0:8080, this problem is not likely to exist.
- The Security Group of EC2 does not permit the connection to port 8080.
Check that the inbound rule of the EC2 Security Group allows communication on port 8080.
Hello.
Do you allow HTTP port 8080 in the inbound rules of your EC2 security group?
Please add it if you haven't already.
https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html#adding-security-group-rules
Also, is the subnet that EC2 is running a public subnet?
If it is not a public subnet, add a route to the Internet gateway to the subnet's route table.
https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html
Also make sure that it is listening on port 8080 using the command below.
sudo lsof -i:8080
Hi, Thanks for the answer.
Adding below security inbound settings made the public_ip:8080 url working: Type: All Traffic Source: My IP But I am unaware of the security here. Could you provide some insights on the same?
Relevant content
- asked 6 months ago
- asked 9 days ago
AWS OFFICIALUpdated 8 months ago- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago
Hi, Thanks for the answer,
Adding below security inbound settings made the public_ip:8080 url working: Type: All Traffic Source: My IP But I am unaware of the security here. Could you provide some insights on the same?
Minimize the number of allowed ports to properly configure a SecurityGroup (SG). In this example, if only port 8080 is used, it is recommended that only TCP port 8080 be allowed.
If your global IP address is fixed and will not change, setting Source to My IP is better.
If your IP address changes frequently, this is a difficult problem. If your IP address changes frequently, this is a difficult problem, because it is safe to set SG every time your IP address changes, but it is tiring. Therefore, it is easy to specify 0.0.0.0.0/0 as the Source. However, this setting exposes port 8080 to the world. This means that someone may connect to it.
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html
Thank you for the insight. I will go through the documentation that you shared for a thorough understanding.