Hi Brant, If security groups were already created with old ip_ranges, changing this in config won't update them. So, can you please open AWS console, and find security groups that were created by scalr and then check rules there. You can update rules manually or just remove all these security groups and let scalr re-create them with correct IP ranges.
Regards, Igor On 26 June 2016 at 11:54, Brant Fortest <[email protected]> wrote: > > Why even I changed app config to theseļ¼ > ---- > app[:ip_ranges] = ["x.x.x.x/32", "x.x.x.x/32",] > app[:instances_connection_policy] = 'public' # Or 'public' > ---- > Still cannot get through establishing ssh connection, and I checked, > these's no single IP assigned into Inbound white-list in Security Group of > AWS, What did i miss here? Thanks! > ---- > Jun 27, 2016 02:48:49 > Scalr unable to establish SSH connection with server on Error: Unable to > connect to SSH server on 52.41.116.229:22 > Jun 27, 2016 02:47:49 > Initializing SSH2 session to the server > ---- > > On Monday, June 27, 2016 at 1:58:04 AM UTC+8, Brant Fortest wrote: >> >> Hi, Marc, >> so this format should be app[:ip_ranges] = ["app_server_ip/32", >> "worker_server_ip/32",], right? >> >> >> On Saturday, June 25, 2016 at 1:06:45 AM UTC+8, Brant Fortest wrote: >>> >>> In my condition, >>> "#{app_server_ip}/32" is '54.222.154.149'/32 >>> "#{worker_server_ip}/32" is '54.222.154.88'/32 >>> >>> >>> On Saturday, June 25, 2016 at 12:52:46 AM UTC+8, Marc O'Brien wrote: >>>> >>>> Hi Brant, >>>> >>>> It also looks like you may have the following configuration value >>>> commented out: app[:ip_ranges] = ["#{app_server_ip}/32", >>>> "#{worker_server_ip}/32",] >>>> >>>> Many thanks, >>>> Wm. Marc O'Brien >>>> Scalr Technical Support >>>> >>>> On Friday, June 24, 2016 at 10:46:29 AM UTC-6, Marc O'Brien wrote: >>>>> >>>>> Hi Brant, >>>>> >>>>> If you are having the same behavior it is likely that there is either >>>>> a networking problem or an app server service config problem. As a first >>>>> step you may want to verify what services are listening on what ports on >>>>> this app server with netstat. >>>>> >>>>> Many thanks, >>>>> Wm. Marc O'Brien >>>>> Scalr Technical Support >>>>> >>>>> On Friday, June 24, 2016 at 10:32:20 AM UTC-6, Brant Fortest wrote: >>>>>> >>>>>> Hi, Marc, >>>>>> Thanks for your quick reply. >>>>>> I did open both 80/443. >>>>>> Telnet 54.222.154.149 80/443 isn't working here for me as well. But >>>>>> on 172 is fine. >>>>>> >>>>>> Any other tips? Thanks! >>>>>> >>>>>> Brant >>>>>> >>>>>> On Saturday, June 25, 2016 at 12:26:23 AM UTC+8, Marc O'Brien wrote: >>>>>>> >>>>>>> Hi Brant, >>>>>>> >>>>>>> Telnet to port 80 on host 54.222.154.149 fails. You may need to >>>>>>> open your security group firewall rules to allow HTTP traffic on this >>>>>>> public interface. >>>>>>> >>>>>>> Many thanks, >>>>>>> Wm. Marc O'Brien >>>>>>> Scalr Technical Support >>>>>>> >>>>>>> >>>>>>> On Friday, June 24, 2016 at 10:21:12 AM UTC-6, Brant Fortest wrote: >>>>>>>> >>>>>>>> Hi, Team, >>>>>>>> I just set up a "4-server Scalr >>>>>>>> <https://github.com/scalr-tutorials/scalr-server-configuration/tree/master/4-server>" >>>>>>>> server stack in aws, but it is only available by accessing it's >>>>>>>> private IP >>>>>>>> - 172.*.*.* , unavailable by it's public IP. >>>>>>>> Anything went wrong? >>>>>>>> You can have a try on https://54.222.154.149 >>>>>>>> Looking forward to hearing from you asap. Thanks! >>>>>>>> >>>>>>>> And here's the content of scalr-server.rb file. >>>>>>>> >>>>>>>> ------------------ >>>>>>>> root@ip-172-31-5-21:/etc/scalr-server# cat scalr-server.rb >>>>>>>> >>>>>>>> ######################################################################################## >>>>>>>> # IMPORTANT: This is NOT a substitute for documentation. Make sure >>>>>>>> that you understand # >>>>>>>> # the configuration parameters you use in your configuration file. >>>>>>>> # >>>>>>>> >>>>>>>> ######################################################################################## >>>>>>>> >>>>>>>> # Disable all services by default >>>>>>>> enable_all false >>>>>>>> >>>>>>>> >>>>>>>> ########################## >>>>>>>> # Topology Configuration # >>>>>>>> ########################## >>>>>>>> >>>>>>>> # You can use IPs for the below as well, but hostnames are >>>>>>>> preferable. >>>>>>>> app_server_host = '54.222.154.149' # This MUST be reachable by >>>>>>>> your instances. >>>>>>>> main_mysql_server_host = '54.222.215.202' >>>>>>>> ca_mysql_server_host = '54.222.215.202' >>>>>>>> >>>>>>>> # Server IPs. Those MUST be IPs, not hostnames. >>>>>>>> app_server_ip = '54.222.154.149' >>>>>>>> worker_server_ip = '54.222.154.88' >>>>>>>> >>>>>>>> >>>>>>>> #################### >>>>>>>> # External Routing # >>>>>>>> #################### >>>>>>>> >>>>>>>> proto = 'https' # Set up the SSL settings and this to 'https' to >>>>>>>> use HTTPS >>>>>>>> endpoint = app_server_host >>>>>>>> >>>>>>>> routing[:endpoint_scheme] = proto >>>>>>>> routing[:endpoint_host] = endpoint >>>>>>>> >>>>>>>> >>>>>>>> #################### >>>>>>>> # Internal Routing # >>>>>>>> #################### >>>>>>>> >>>>>>>> # Use separate hosts for MySQL >>>>>>>> app[:mysql_scalr_host] = main_mysql_server_host >>>>>>>> app[:mysql_scalr_port] = 3306 >>>>>>>> >>>>>>>> app[:mysql_analytics_host] = ca_mysql_server_host >>>>>>>> app[:mysql_analytics_port] = 3306 >>>>>>>> >>>>>>>> # Use Memcached locally (it's running on the same servers as the >>>>>>>> app servers) >>>>>>>> app[:memcached_servers] = ['127.0.0.1:11211'] >>>>>>>> >>>>>>>> # Look for the app and graphics locally as well >>>>>>>> proxy[:app_upstreams] = ['127.0.0.1:6000'] >>>>>>>> proxy[:graphics_upstreams] = ['127.0.0.1:6100'] >>>>>>>> proxy[:plotter_upstreams] = ['127.0.0.1:6200'] >>>>>>>> proxy[:ssl_enable] = true >>>>>>>> proxy[:ssl_redirect] = true >>>>>>>> proxy[:ssl_cert_path] = "/etc/ssl/certs/server.pem" >>>>>>>> proxy[:ssl_key_path] = "/etc/ssl/private/server.key" >>>>>>>> >>>>>>>> # Bind the proxy publicly >>>>>>>> proxy[:bind_host] = '0.0.0.0' >>>>>>>> >>>>>>>> # But bind everything else locally, since it'll go through the proxy >>>>>>>> web[:app_bind_host] = '127.0.0.1' >>>>>>>> web[:app_bind_port] = 6000 >>>>>>>> >>>>>>>> web[:graphics_bind_host] = '127.0.0.1' >>>>>>>> web[:graphics_bind_port] = 6100 >>>>>>>> >>>>>>>> service[:plotter_bind_host] = '127.0.0.1' >>>>>>>> service[:plotter_bind_port] = 6200 >>>>>>>> >>>>>>>> # Bind MySQL publicly, because it'll need to be accessed by the app >>>>>>>> & worker >>>>>>>> mysql[:bind_host] = '0.0.0.0' >>>>>>>> mysql[:bind_port] = 3306 >>>>>>>> >>>>>>>> # The app and Memcached are running on the same server, so bind >>>>>>>> locally >>>>>>>> memcached[:bind_host] = '127.0.0.1' >>>>>>>> memcached[:bind_port] = 11211 >>>>>>>> >>>>>>>> >>>>>>>> ##################### >>>>>>>> # App configuration # >>>>>>>> ##################### >>>>>>>> >>>>>>>> app[:ip_ranges] = ["#{app_server_ip}/32", "#{worker_server_ip}/32",] >>>>>>>> app[:instances_connection_policy] = 'public' # 'local' or 'public' >>>>>>>> app[:configuration] = {} # Add extra configuration here >>>>>>>> >>>>>>>> ------------------ >>>>>>>> >>>>>>> -- > You received this message because you are subscribed to the Google Groups > "scalr-discuss" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "scalr-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
