为什么无法通过 HTTP 访问我的 ec2 实例?
[英]Why is my ec2 instance not accessible via HTTP?
问题描述
Hi I have tested my ec2 instance working or not from AWS console.
您好,我已经从 AWS 控制台测试了我的 ec2 实例是否正常工作。
And it works fine.它工作正常。 I have added the sample script to show hello world text in user data section.我添加了示例脚本以在用户数据部分显示 hello world 文本。 And then pasted the ip address without http 's'.然后粘贴ip地址没有http's'。 Of course, it shows the text.当然,它显示了文本。
And I am trying to show the same text, but this time by using cloudformation.我正在尝试显示相同的文本,但这次是使用 cloudformation。 I have made it as followings.我做了如下。 Everything looks the same as the one made through AWS console.一切看起来都与通过 AWS 控制台制作的一样。 However, the cloudformation one does not allow me to assess on web and the request gets hanged.但是,cloudformation 不允许我在 web 上进行评估,请求被挂起。 I have no idea what I am missing, Can Someone please point out?我不知道我错过了什么,有人可以指出吗?
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription: must be the name of an existing EC2 KeyPair.
InstanceType:
Description: WebServer EC2 instance type
Type: String
Default: t2.micro
AllowedValues:
- t1.micro
- t2.nano
- t2.micro
SSHLocation:
Description: The IP address range that can be used to SSH to the EC2 instances
Type: String
MinLength: '9'
MaxLength: '18'
Default: 0.0.0.0/0
AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
Mappings:
AWSInstanceType2Arch:
t1.micro:
Arch: PV64
t2.nano:
Arch: HVM64
t2.micro:
Arch: HVM64
AWSInstanceType2NATArch:
t1.micro:
Arch: NATPV64
t2.nano:
Arch: NATHVM64
t2.micro:
Arch: NATHVM64
AWSRegionArch2AMI:
ca-central-1:
PV64: NOT_SUPPORTED
HVM64: ami-730ebd17
HVMG2: NOT_SUPPORTED
Resources:
# ===== EC2 Instance =====
EC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType:
Ref: InstanceType
SecurityGroups:
- Ref: InstanceSecurityGroup
KeyName:
Ref: KeyName
UserData:
Fn::Base64:
!Sub |
#!/bin/bash
sudo su
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "<h1>Hello World from $(hostname -f)</h1>" > /var/www/html/index.html
ImageId:
Fn::FindInMap:
- AWSRegionArch2AMI
- Ref: AWS::Region
- Fn::FindInMap:
- AWSInstanceType2Arch
- Ref: InstanceType
- Arch
# ===== Security Group =====
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Enable SSH access via port 22
SecurityGroupIngress:
# SSH
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp:
Ref: SSHLocation
# HTTP
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp:
Ref: SSHLocation
# HTTPS
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp:
Ref: SSHLocation
2 个解决方案
解决方案1
0 2022-05-08 06:30:26
There is nothing wrong with the template you showed and it works as expected (assuming that your AMI is for Amazon Linux 2).您显示的模板没有任何问题,并且按预期工作(假设您的 AMI 适用于 Amazon Linux 2)。 So probably your template in the question is not the one you are actually using, or perhaps you are using different operating system that you think you are.因此,问题中的模板可能不是您实际使用的模板,或者您使用的操作系统与您认为的不同。 You have to double check your actual code.您必须仔细检查您的实际代码。
解决方案2
0 2022-05-08 07:00:00
Which parameter value did you use for SSHLocation?您为 SSHLocation 使用了哪个参数值?
If you want to have 80 and 443 publicly accessible and SSH only with your own IP, you will probably want to put instead the following SG.如果您希望 80 和 443 可公开访问,而 SSH 仅可与您自己的 IP 一起使用,您可能需要使用以下 SG。
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Enable SSH access via port 22
SecurityGroupIngress:
# SSH
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp:
Ref: SSHLocation
# HTTP
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
# HTTPS
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
Then SSH your machine and check the web server conf inside.然后 SSH 你的机器并检查里面的 web server conf。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.