amazon ec2 - 无法解析主机

Question

我是城里的新手。我有一个在指向 DNS 的亚马逊实例上运行的 nodejs 应用程序。

                                Route53 screenshot

问题

当我尝试访问子域时，我得到了

curl -i http://site.soothsayer.co/
curl: (7) Failed connect to site.soothsayer.co:80; Connection timed out

或

$ curl -i http://site.soothsayer.co/
HTTP/1.1 502 Bad Gateway
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Via: 1.1 Comverse 6.2.23
Content-Length: 287

<!DOCTYPE html PUbliC "-//W3C//Dtd XHTML basic 1.0//EN"
"http://www.w3.org/tr/1999/REC-html401-19991224/loose.dtd">
<html>
<head>
<title>Error</title>
</head>
<body leftmargin="0" topmargin="0" style="font-family:arial">
Error: Requested url content cannot be resolved.
</body>
</html>

调试

nslookup 结果是

Server:     127.0.1.1
Address:    127.0.1.1#53

Non-authoritative answer:
site.soothsayer.co  canonical name = internal-p-site-us-east-1-1077850846.us-east-1.elb.amazonaws.com.
Name:   internal-p-site-us-east-1-1077850846.us-east-1.elb.amazonaws.com
Address: 172.31.46.66

我可以在亚马逊机器中看到来自GET http://localhost:3000 或GET http://localhost:8085（在 nginx 中配置）的正确 html 响应。

我使用nginx/1.4.7作为HTTP和反向代理服务器（据我的理解），conf文件是

$ vi /etc/nginx/conf.d/site.soothsayer.co.conf
# the IP(s) on which your node server is running. I chose port 3000.
upstream site.soothsayer.co {
     server 127.0.0.1:3000;
}
# the nginx server instance
server {
    listen 0.0.0.0:8085;
    server_name site-proxy.soothsayer.co site-proxy.soothsayer.co;
    access_log /var/log/nginx/site-proxy.soothsayer.co.log;

    # pass the request to the node.js server with the correct headers and much more can be added, see nginx config options
    location / {
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $http_host;
      proxy_set_header X-NginX-Proxy true;

      proxy_pass http://site.soothsayer.co/;
      proxy_redirect off;
    }
}

我的/etc/resolv.conf是，

; generated by /sbin/dhclient-script
search ec2.internal
nameserver 172.31.0.2

iptables of amazon machine,

[root@ip-172-31-42-77 rof]# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination 

亚马逊上的安全组是默认的，

Custom TCP Rule TCP 8086 0.0.0.0/0

我在/var/log/nginx/error.log 没有看到任何日志。这是我的小大脑可以调试的。我想解决这个问题。

参考文献

nginx, dns - domain.com resolves but subdomain.domain.com doesn't

AWS - elastic load balancer unable to handle the request

amazon ec2 instance unable to resolve host

Curl amazon EC2 instance

Answer 1

所以，问题在于负载均衡器是内部。使其面向互联网。现在一切看起来都很宏伟。

参考文献

Internet-facing and Internal Load Balancers

Answer 2

不确定，但您的 nginx conf 与 listen 0.0.0.0:8085 可能会阻止任何远程访问。 试试看：

listen 8085;