quickstart-bitnami-wordpress icon indicating copy to clipboard operation
quickstart-bitnami-wordpress copied to clipboard

Published 20 hours ago verified publisher icon aws-quickstart

Timeout when accessing ELBURL or Bastion host

Open flettling opened this issue 6 years ago • 7 comments

Super cool work with providing this quickstart template! However I have the problem that I can't get it to run following the deployment guide.

After following the step-by-step instructions in the deployment guide I see the stacks being created successfully with CREATE_COMPLETE result. However when I then try to access the in the ELBURL provided url any request runs in a timeout (in the browser as well as curl -I wordp-appli-jrgslnfjoifj-1985152201.us-east-2.elb.amazonaws.com on port 80, 443 as well as on any other port).

Also I can't ssh into the Bastion host, also with a timeout.

I created the stack with an admin role, I tried multiple regions (Ohio and Frankfurt) and all yield the same behavior.

I used the "New VPC" path of the deployment guide and didn't change any of the defaults in the parameters (except for required inputs obviously)

Any idea where this comes from and also how to debug this?

flettling avatar Dec 23 '18 20:12 flettling

After some debugging I noticed that the parameters ALBAccessCIDR defaults to 10.0.0.0/16 and RemoteAccessCIDR defaults to 127.0.0.1/32.

Here's two problems:

  1. The documentation states a default of 10.0.0.0/16 for RemoteAccessCIDR
  2. Both defaults are too constrained for production systems, if I get it correctly.

Regarding 2) I'd be curious about input: What is the recommended setting for a production website? For now I set everything to 0.0.0.0/0 (such a thing as a company network with a fixed ip range doesn't exist in my case).

flettling avatar Dec 24 '18 00:12 flettling

@fletling - This is tricky on our (AWS) side, too. On one hand, these are intended to be production ready. On the other, we don't feel comfortable leaving the ranges wide open, because we don't know where this will end up. (Especially the RemoteAccessCIDR parameter).

We do need to clarify that in the deployment guide. We're in the process of adding ElastiCache support to the template, so we'll address this in the next iteration.

From a customer perspective, though, how could we make this a better experience from the get go?

andrew-glenn avatar Dec 27 '18 15:12 andrew-glenn

After following the step-by-step instructions in the deployment guide I see the stacks being created successfully with CREATE_COMPLETE result. However when I then try to access the in the ELBURL provided url any request runs in a timeout. I have the same error. How to fix it? Thanks

tdmrut avatar Feb 15 '19 16:02 tdmrut

@andrew-glenn if the security group set as 10.0.0.0/16 , so how the ELB can access from the Internent?

vvsuperman avatar Aug 28 '19 08:08 vvsuperman

Hi, Bitnami engineer here. Sorry for the very late response, as we weren't correctly tracking the issues/PRs from this repository in our support workflow.

It is likely that this issue is no longer applicable. Are you still affected? Please don't hesitate to let us know if that is the case, so that we can help you get past it.

marcosbc avatar Mar 24 '21 09:03 marcosbc

The issue with the bastion host ssh access is a current problem. The security group is setup incorrectly and needs to be modified to allow a source other than 127.0.0.1.

MichaelDBrown avatar Jun 01 '21 18:06 MichaelDBrown

See line 405 of: https://github.com/aws-quickstart/quickstart-bitnami-wordpress/blob/main/templates/wordpress-master.template

MichaelDBrown avatar Jun 01 '21 19:06 MichaelDBrown