开发者

ec2 security group settings, sftp and port 80 settings

I have a Linux based ec2 instance on aws with prepackaged Tomcat7 and so far I'm able to: ssh into the instance from command line, connect to the instance FileZilla, sudo start/stop tomcat (tomcat is listening on port 80) All development administration on the project happens on Ubuntu 10.10

Problems/questions are:

FileZilla: when I try upload a war file to webapps I开发者_运维百科 get:

Error: /opt/tomcat7/webapps/my-fancy-app-0.1.war: open for write: permission denied
Error: File transfer failed

I've not added any users ( or ec2-user to be exact ) to any groups associated with Tomcat.

Port 80: how do enable outside access on port 80? I have just the default security group, have not added any custom settings. When I select HTTP from the 'Create a new rule' dropdown the default setting is 0.0.0.0/0 - is this the safe or correct setting? When I have Tomcat running with that rule applied and try to visit the url shown next Public DNS I get (503 error I believe): Service Temporarily Unavailable

Last but not least, what is an Elastic IP and what role does it play in the larger picture?

Any help whatsoever will be extremely appreciated. Hopefully I'll get through this and be able to put all this in a 'paint by numbers' kinda tutorial.


FTP: are you using the FileZilla server or do you mean that you're using the FileZilla client? In that second case what FTP server are you using. This is a permission problem and the user to authorise might depend on the username that you're using for FTP. For example with proftpd, I'm using a different unix user id (not even created, just using the number) for each FTP username.

Port 80: Yes, 0.0.0.0/0 means to open the port 80 to everyone and this is the correct setting (how safe depends on how you secured your system).

Elastic IP is a way to associate IP addresses to machines, if for any reason your EC2 server doesn't work any more and you prefer to start a new instance, you can within minutes, start the new instance and assign your same IP address to the new instance, all from AWS management console. Even in a different availability zone.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜