ec2安全组设置、sftp和端口80设置
我在 aws 上有一个基于 Linux 的 ec2 实例,带有预打包的 Tomcat7,到目前为止我能够: 从命令行 ssh 进入实例, 连接到实例 FileZilla, sudo 启动/停止 tomcat(tomcat 正在侦听端口 80) 该项目的所有开发管理都发生在 Ubuntu 10.10 上
问题/问题是:
FileZilla:当我尝试将 war 文件上传到 webapps 时,我得到:
Error: /opt/tomcat7/webapps/my-fancy-app-0.1.war: open for write: permission denied
Error: File transfer failed
我没有添加任何用户(或 ec2-user )精确 ) 到与 Tomcat 关联的任何组。
80端口:如何启用80端口的外部访问? 我只有默认的安全组,没有添加任何自定义设置。当我从“创建新规则”下拉列表中选择 HTTP 时,默认设置为 0.0.0.0/0 - 这是安全或正确的设置吗?当我应用该规则运行 Tomcat 并尝试访问下一个公共 DNS 显示的 url 时,我得到(我相信是 503 错误): 服务暂时不可用
最后但并非最不重要的一点是,什么是弹性 IP 以及它在更大范围内发挥什么作用?
任何帮助将不胜感激。希望我能完成这个任务,并能够将所有这些内容放入“数字绘画”之类的教程中。
I have a Linux based ec2 instance on aws with prepackaged Tomcat7 and so far I'm able to:
ssh into the instance from command line,
connect to the instance FileZilla,
sudo start/stop tomcat (tomcat is listening on port 80)
All development administration on the project happens on Ubuntu 10.10
Problems/questions are:
FileZilla: when I try upload a war file to webapps I get:
Error: /opt/tomcat7/webapps/my-fancy-app-0.1.war: open for write: permission denied
Error: File transfer failed
I've not added any users ( or ec2-user to be exact ) to any groups associated with Tomcat.
Port 80: how do enable outside access on port 80?
I have just the default security group, have not added any custom settings. When I select HTTP from the 'Create a new rule' dropdown the default setting is 0.0.0.0/0 - is this the safe or correct setting? When I have Tomcat running with that rule applied and try to visit the url shown next Public DNS I get (503 error I believe): Service Temporarily Unavailable
Last but not least, what is an Elastic IP and what role does it play in the larger picture?
Any help whatsoever will be extremely appreciated. Hopefully I'll get through this and be able to put all this in a 'paint by numbers' kinda tutorial.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
FTP:您使用的是 FileZilla 服务器还是您正在使用 FileZilla 客户端?在第二种情况下,您使用什么 FTP 服务器。这是一个权限问题,授权的用户可能取决于您用于 FTP 的用户名。例如,对于 proftpd,我为每个 FTP 用户名使用不同的 unix 用户 ID(甚至没有创建,只是使用数字)。
端口 80:是的,0.0.0.0/0 表示向所有人开放端口 80,这是正确的设置(安全程度取决于您保护系统的方式)。
弹性IP是一种将IP地址与机器关联的方式,如果由于任何原因您的EC2服务器不再工作并且您希望启动一个新实例,您可以在几分钟内启动新实例并将相同的 IP 地址分配给新实例,这一切都通过 AWS 管理控制台进行。 即使在不同的可用区。
FTP: are you using the FileZilla server or do you mean that you're using the FileZilla client? In that second case what FTP server are you using. This is a permission problem and the user to authorise might depend on the username that you're using for FTP. For example with proftpd, I'm using a different unix user id (not even created, just using the number) for each FTP username.
Port 80: Yes, 0.0.0.0/0 means to open the port 80 to everyone and this is the correct setting (how safe depends on how you secured your system).
Elastic IP is a way to associate IP addresses to machines, if for any reason your EC2 server doesn't work any more and you prefer to start a new instance, you can within minutes, start the new instance and assign your same IP address to the new instance, all from AWS management console. Even in a different availability zone.