Hi Brant, This very well may be related to AWS China restrictions as you have experienced issues related to this in the past. You may want to bring this up with AWS China support for their insight.
Many thanks, Wm. Marc O'Brien Scalr Technical Support On Friday, June 24, 2016 at 12:15:23 PM UTC-6, Brant Fortest wrote: > > But if I change the cmd to "ncat -l 443 -k -c 'xargs -n1 echo'", test > results changed. > > > <https://lh3.googleusercontent.com/-IlggJCc8qPA/V2134XVqCUI/AAAAAAAAAGU/NejEJWbYn4Msun_hBrzZiOigHSmYil9lQCLcB/s1600/ncat443.PNG> > > from one US machine, got this. > > > <https://lh3.googleusercontent.com/-nDdiYI11g9w/V214CL4_EoI/AAAAAAAAAGc/txdzJT62kU41q_0IPUtHmSvyj0KZ3X1agCLcB/s1600/telnet443fromUSmachine.PNG> > > from one China machine, got this. > > > <https://lh3.googleusercontent.com/-p8H5vlpUAqI/V214WQtbmpI/AAAAAAAAAGk/Ypa3xoFp7D8pybjJYKH_Zew5GgTQ-1nPQCLcB/s1600/SG.png> > > > I was wondering is this behavior related to AWS China restrictions that we > cannot control? > > Brant > > On Saturday, June 25, 2016 at 1:37:55 AM UTC+8, Brant Fortest wrote: >> >> telnet from one US machine. >> >> >> <https://lh3.googleusercontent.com/-K3xJV3d8wcE/V21u9VmUV9I/AAAAAAAAAFk/FgxDuT-bzGwG8EjPJt8boQhBumoH44vtgCLcB/s1600/telnet80_2.PNG> >> >> telnet from China. >> >> >> <https://lh3.googleusercontent.com/-skzhAYmjGBU/V21vwLan4KI/AAAAAAAAAF0/aOnXVI_KahE3n1l8CBR20AGsvpGpqz3OwCLcB/s1600/SG.png> >> >> >> Strange! >> >> On Saturday, June 25, 2016 at 1:30:41 AM UTC+8, Marc O'Brien wrote: >>> >>> Hi Brant, >>> >>> Telnet still fails for me: >>> >>> >>> Many thanks, >>> Wm. Marc O'Brien >>> Scalr Technical Support >>> >>> >>> On Friday, June 24, 2016 at 11:27:44 AM UTC-6, Brant Fortest wrote: >>>> >>>> Seems fine to telnet 54.222.154.149 80. Please have a try. Thanks! >>>> >>>> >>>> <https://lh3.googleusercontent.com/-orQDsI2L7u8/V21tMcuKWHI/AAAAAAAAAFQ/Zk2MKeg22-gFQ-Q_GlKhHbqbby2pkHKJwCLcB/s1600/telnet80.PNG> >>>> >>>> Brant >>>> >>>> On Saturday, June 25, 2016 at 1:13:58 AM UTC+8, Daniele Testa wrote: >>>>> >>>>> Please stop all scalr services with "scalr-server-manage stop all" >>>>> Then start a simple echo server. Something like this: >>>>> >>>>> ncat -l 80 -k -c 'xargs -n1 echo' >>>>> >>>>> Then try to telnet to port 80. If you still can't connect, you have a >>>>> firewall issue. >>>>> >>>>> >>>>> On Fri, Jun 24, 2016 at 8:06 PM, Brant Fortest <[email protected]> >>>>> wrote: >>>>> >>>>>> In my condition, >>>>>> "#{app_server_ip}/32" is '54.222.154.149'/32 >>>>>> "#{worker_server_ip}/32" is '54.222.154.88'/32 >>>>>> >>>>>> >>>>>> >>>>>> On Saturday, June 25, 2016 at 12:52:46 AM UTC+8, Marc O'Brien wrote: >>>>>>> >>>>>>> Hi Brant, >>>>>>> >>>>>>> It also looks like you may have the following configuration value >>>>>>> commented out: app[:ip_ranges] = ["#{app_server_ip}/32", >>>>>>> "#{worker_server_ip}/32",] >>>>>>> >>>>>>> Many thanks, >>>>>>> Wm. Marc O'Brien >>>>>>> Scalr Technical Support >>>>>>> >>>>>>> On Friday, June 24, 2016 at 10:46:29 AM UTC-6, Marc O'Brien wrote: >>>>>>>> >>>>>>>> Hi Brant, >>>>>>>> >>>>>>>> If you are having the same behavior it is likely that there is >>>>>>>> either a networking problem or an app server service config problem. >>>>>>>> As a >>>>>>>> first step you may want to verify what services are listening on what >>>>>>>> ports >>>>>>>> on this app server with netstat. >>>>>>>> >>>>>>>> Many thanks, >>>>>>>> Wm. Marc O'Brien >>>>>>>> Scalr Technical Support >>>>>>>> >>>>>>>> On Friday, June 24, 2016 at 10:32:20 AM UTC-6, Brant Fortest wrote: >>>>>>>>> >>>>>>>>> Hi, Marc, >>>>>>>>> Thanks for your quick reply. >>>>>>>>> I did open both 80/443. >>>>>>>>> Telnet 54.222.154.149 80/443 isn't working here for me as well. >>>>>>>>> But on 172 is fine. >>>>>>>>> >>>>>>>>> Any other tips? Thanks! >>>>>>>>> >>>>>>>>> Brant >>>>>>>>> >>>>>>>>> On Saturday, June 25, 2016 at 12:26:23 AM UTC+8, Marc O'Brien >>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>> Hi Brant, >>>>>>>>>> >>>>>>>>>> Telnet to port 80 on host 54.222.154.149 fails. You may need to >>>>>>>>>> open your security group firewall rules to allow HTTP traffic on >>>>>>>>>> this >>>>>>>>>> public interface. >>>>>>>>>> >>>>>>>>>> Many thanks, >>>>>>>>>> Wm. Marc O'Brien >>>>>>>>>> Scalr Technical Support >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Friday, June 24, 2016 at 10:21:12 AM UTC-6, Brant Fortest >>>>>>>>>> wrote: >>>>>>>>>>> >>>>>>>>>>> Hi, Team, >>>>>>>>>>> I just set up a "4-server Scalr >>>>>>>>>>> <https://github.com/scalr-tutorials/scalr-server-configuration/tree/master/4-server>" >>>>>>>>>>> >>>>>>>>>>> server stack in aws, but it is only available by accessing it's >>>>>>>>>>> private IP >>>>>>>>>>> - 172.*.*.* , unavailable by it's public IP. >>>>>>>>>>> Anything went wrong? >>>>>>>>>>> You can have a try on https://54.222.154.149 >>>>>>>>>>> Looking forward to hearing from you asap. Thanks! >>>>>>>>>>> >>>>>>>>>>> And here's the content of scalr-server.rb file. >>>>>>>>>>> >>>>>>>>>>> ------------------ >>>>>>>>>>> root@ip-172-31-5-21:/etc/scalr-server# cat scalr-server.rb >>>>>>>>>>> >>>>>>>>>>> ######################################################################################## >>>>>>>>>>> # IMPORTANT: This is NOT a substitute for documentation. Make >>>>>>>>>>> sure that you understand # >>>>>>>>>>> # the configuration parameters you use in your configuration >>>>>>>>>>> file. # >>>>>>>>>>> >>>>>>>>>>> ######################################################################################## >>>>>>>>>>> >>>>>>>>>>> # Disable all services by default >>>>>>>>>>> enable_all false >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> ########################## >>>>>>>>>>> # Topology Configuration # >>>>>>>>>>> ########################## >>>>>>>>>>> >>>>>>>>>>> # You can use IPs for the below as well, but hostnames are >>>>>>>>>>> preferable. >>>>>>>>>>> app_server_host = '54.222.154.149' # This MUST be reachable by >>>>>>>>>>> your instances. >>>>>>>>>>> main_mysql_server_host = '54.222.215.202' >>>>>>>>>>> ca_mysql_server_host = '54.222.215.202' >>>>>>>>>>> >>>>>>>>>>> # Server IPs. Those MUST be IPs, not hostnames. >>>>>>>>>>> app_server_ip = '54.222.154.149' >>>>>>>>>>> worker_server_ip = '54.222.154.88' >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> #################### >>>>>>>>>>> # External Routing # >>>>>>>>>>> #################### >>>>>>>>>>> >>>>>>>>>>> proto = 'https' # Set up the SSL settings and this to 'https' >>>>>>>>>>> to use HTTPS >>>>>>>>>>> endpoint = app_server_host >>>>>>>>>>> >>>>>>>>>>> routing[:endpoint_scheme] = proto >>>>>>>>>>> routing[:endpoint_host] = endpoint >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> #################### >>>>>>>>>>> # Internal Routing # >>>>>>>>>>> #################### >>>>>>>>>>> >>>>>>>>>>> # Use separate hosts for MySQL >>>>>>>>>>> app[:mysql_scalr_host] = main_mysql_server_host >>>>>>>>>>> app[:mysql_scalr_port] = 3306 >>>>>>>>>>> >>>>>>>>>>> app[:mysql_analytics_host] = ca_mysql_server_host >>>>>>>>>>> app[:mysql_analytics_port] = 3306 >>>>>>>>>>> >>>>>>>>>>> # Use Memcached locally (it's running on the same servers as the >>>>>>>>>>> app servers) >>>>>>>>>>> app[:memcached_servers] = ['127.0.0.1:11211'] >>>>>>>>>>> >>>>>>>>>>> # Look for the app and graphics locally as well >>>>>>>>>>> proxy[:app_upstreams] = ['127.0.0.1:6000'] >>>>>>>>>>> proxy[:graphics_upstreams] = ['127.0.0.1:6100'] >>>>>>>>>>> proxy[:plotter_upstreams] = ['127.0.0.1:6200'] >>>>>>>>>>> proxy[:ssl_enable] = true >>>>>>>>>>> proxy[:ssl_redirect] = true >>>>>>>>>>> proxy[:ssl_cert_path] = "/etc/ssl/certs/server.pem" >>>>>>>>>>> proxy[:ssl_key_path] = "/etc/ssl/private/server.key" >>>>>>>>>>> >>>>>>>>>>> # Bind the proxy publicly >>>>>>>>>>> proxy[:bind_host] = '0.0.0.0' >>>>>>>>>>> >>>>>>>>>>> # But bind everything else locally, since it'll go through the >>>>>>>>>>> proxy >>>>>>>>>>> web[:app_bind_host] = '127.0.0.1' >>>>>>>>>>> web[:app_bind_port] = 6000 >>>>>>>>>>> >>>>>>>>>>> web[:graphics_bind_host] = '127.0.0.1' >>>>>>>>>>> web[:graphics_bind_port] = 6100 >>>>>>>>>>> >>>>>>>>>>> service[:plotter_bind_host] = '127.0.0.1' >>>>>>>>>>> service[:plotter_bind_port] = 6200 >>>>>>>>>>> >>>>>>>>>>> # Bind MySQL publicly, because it'll need to be accessed by the >>>>>>>>>>> app & worker >>>>>>>>>>> mysql[:bind_host] = '0.0.0.0' >>>>>>>>>>> mysql[:bind_port] = 3306 >>>>>>>>>>> >>>>>>>>>>> # The app and Memcached are running on the same server, so bind >>>>>>>>>>> locally >>>>>>>>>>> memcached[:bind_host] = '127.0.0.1' >>>>>>>>>>> memcached[:bind_port] = 11211 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> ##################### >>>>>>>>>>> # App configuration # >>>>>>>>>>> ##################### >>>>>>>>>>> >>>>>>>>>>> app[:ip_ranges] = ["#{app_server_ip}/32", >>>>>>>>>>> "#{worker_server_ip}/32",] >>>>>>>>>>> app[:instances_connection_policy] = 'public' # 'local' or >>>>>>>>>>> 'public' >>>>>>>>>>> app[:configuration] = {} # Add extra configuration here >>>>>>>>>>> >>>>>>>>>>> ------------------ >>>>>>>>>>> >>>>>>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "scalr-discuss" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Regards, >>>>> Daniele Testa | Solutions Architect @ Scalr | [email protected] | >>>>> www.scalr.com | blog.scalr.com >>>>> >>>> -- You received this message because you are subscribed to the Google Groups "scalr-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
