Menu
Yesterday, I was set up my first always free compute VM. I installed ubuntu 18.04 minimal on my VM. For my web service need, I installed Nginx. I'm confused because when I tried to access my public IP via a web browser, the Nginx welcome page didn't load. I think that is because port 80 didn't open. So, I tried to open that with set Ingress Rules in Security List Details menu as the picture below. Ingress Rule for port 80
But now, I still can't access the web server in my VM. May be there more experienced people in Oracle Cloud who can help me to solve this. Thank you
421
To open port 7004, you must create a security application for that port in Oracle Compute Cloud Service. Sign in to Oracle Cloud My Services and navigate to the Oracle Compute Cloud Service console. Click the Network tab and then click the Security Applications tab in the left pane. Click Create Security Application.
Open the navigation menu and click Compute. Under Compute, click Instances. Click the instance that you're interested in. Under Instance details, for Virtual cloud network, click the name of the cloud network.
I wasted a lot of time on this. I wish I had found this first: https://docs.cloud.oracle.com/en-us/iaas/developer-tutorials/tutorials/apache-on-ubuntu/01oci-ubuntu-apache-summary.htm
configure ingress route for port 80
install ubuntu.
install apache/nginx
curl localhost should bring back webpage in text format, however fails over internet.
forget ufw firewall - this may cause issues with the Oracle firewall
use
$ sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPT
$ sudo netfilter-persistent save
g) test your web page over internet
86
This is how I did it without directly meddling with iptables.
First create an Ingress Rule in Oracle Cloud vps's dashboard/Networking/Virtual Cloud Networks, for example, for port range 23-90
Next, install firewalld in ubuntu (firewalld is available in centos I think)
sudo apt-get install firewalld
sudo systemctl enable firewalld
sudo systemctl start firewalld
You only need to do this one time. It will still be there after a reboot.
Then, to open port 80:
sudo firewall-cmd --zone=public --add-port=80/tcp --permanent # or --add-service=http
sudo firewall-cmd --reload
To verify:
sudo firewall-cmd --list-all
Output:
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client ssh
ports: 80/tcp
...
The same applies to opening other port(s). You can easily remove the port (--remove-port=80/tcp + a --reload), refer to firewalld docs.
To test from a remote computer
python3 -m http.server 80
curl ip-of-oc-vps:80
I also wasted a lot of time on Oracle Cloud Always Free vps' firewall. I hope this can save other people some time.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
