Consul and EC2 instance

Question

I have set up a EC2 micro instance and installed Consul, but I can't seem to connect via Curl. I can connect to the instance from itself with curl http://localhost:8500/v1/agent/self for a test. However when I try to use the AWS public ipv4 from my local machine like so http://34.230.X.X:8500/v1/agent/self I get a connection refused. On the security group I have configured inbound port 8500 open to everyone. Everything seems to be in place and correctly configured is there something I'm missing?

Answer 1

It sounds like you need to set consul's client address to that of the public facing IP. You can do this with the -client option.

consul agent -server -bootstrap -bind="<Your private IP>" -client="<Your public IP>" -data-dir="<Your data dir>"

Disclaimer: This would allow anyone on the internet access to this consul agent's API. So take appropriate actions to secure this thing.

Answer 2

The AWS VPC documentation has some steps for allowing EC2 instances to be reachable from the internet:

• Attach an Internet gateway to your VPC.
• Ensure that your subnet's route table points to the Internet gateway.
• Ensure that instances in your subnet have a globally unique IP address (public IPv4 address, Elastic IP address, or IPv6 address).
• Ensure that your network access control and security group rules allow the relevant traffic to flow to and from your instance.

It sounds like you have the public IPv4 address and have verified that the security groups are good; now just make sure you don't have any network ACLs set (or set appropriately if you have them), the internet gateway, and the route table.