我已经在AWS Linux实例上安装了CouchDB,并且可以通过SSH成功访问它,但无法使用实例公开URL访问它。
在SSH中,我可以运行<template>
<div>
<div>Credits carried through: {{ credits }}</div>
<div v-for="meal in meals">
{{meal}}
<input :id="meal" :name="meal" v-model.number="creditsPerMeal[meal]" type="number">
</div>
<div>
Credits used: {{creditsSum}}/{{credits}}
</div>
</div>
</template>
<script>
export default {
mounted() {
console.log('Component ready.');
console.log(JSON.parse(this.f));
},
props: ['f','c'],
name: 'credits',
data: function () {
var meals = JSON.parse(this.f)
var creditsPerMeal = {}
for (var i = 0; i < meals.length; i++) {
creditsPerMeal[meals[i]] = 0
}
var createSelection = []
return {
credits: this.c,
meals,
creditsPerMeal
}
},
computed: {
creditsSum () {
return Object.values(this.creditsPerMeal).reduce((a, b) => a + b, 0)
},
createSelection: function (){
for (var i = 0; i < meals.length; i++) {
createSelection.push({
food: meals[i],
quantity: creditsPerMeal[meals[i]]
})
}
}
}
}
</script>
,它会给我curl -X GET http://127.0.0.1:5984/_all_dbs这就是我所期待的。
如果我尝试在Chrome中使用我的AWS实例网址:["_replicator","_users","baseball"] Chrome说该网站拒绝连接。
我编辑了CouchDB local.ini文件以添加CORS。 local.ini现在看起来像这样:
http://ec2-xx-xxx-xx-xx.eu-central-1.compute.amazonaws.com:5984/_utils
:UPDATE:
运行时:
; CouchDB Configuration Settings
; Custom settings should be made in this file. They will override settings
; in default.ini, but unlike changes made to default.ini, this file won't be
; overwritten on server upgrade.
[couchdb]
;max_document_size = 4294967296 ; bytes
[httpd]
enable_cors = true
bind_address = 0.0.0.0
[cors]
origins = *
;port = 5984
;bind_address = 127.0.0.1
; Options for the MochiWeb HTTP server.
;server_options = [{backlog, 128}, {acceptor_pool_size, 16}]
; For more socket options, consult Erlang's module 'inet' man page.
;socket_options = [{recbuf, 262144}, {sndbuf, 262144}, {nodelay, true}]
; Uncomment next line to trigger basic-auth popup on unauthorized requests.
;WWW-Authenticate = Basic realm="administrator"
; Uncomment next line to set the configuration modification whitelist. Only
; whitelisted values may be changed via the /_config URLs. To allow the admin
; to change this value over HTTP, remember to include {httpd,config_whitelist}
; itself. Excluding it from the list would require editing this file to update
; the whitelist.
;config_whitelist = [{httpd,config_whitelist}, {log,level}, {etc,etc}]
[query_servers]
;nodejs = /usr/local/bin/couchjs-node /path/to/couchdb/share/server/main.js
[httpd_global_handlers]
;_google = {couch_httpd_proxy, handle_proxy_req, <<"http://www.google.com">>}
[couch_httpd_auth]
; If you set this to true, you should also uncomment the WWW-Authenticate line
; above. If you don't configure a WWW-Authenticate header, CouchDB will send
; Basic realm="server" in order to prevent you getting logged out.
; require_valid_user = false
[log]
;level = debug
[log_level_by_module]
; In this section you can specify any of the four log levels 'none', 'info',
; 'error' or 'debug' on a per-module basis. See src/*/*.erl for various
; modules.
;couch_httpd = error
[os_daemons]
; For any commands listed here, CouchDB will attempt to ensure that
; the process remains alive. Daemons should monitor their environment
; to know when to exit. This can most easily be accomplished by exiting
; when stdin is closed.
;foo = /path/to/command -with args
[daemons]
; enable SSL support by uncommenting the following line and supply the PEM's below.
; the default ssl port CouchDB listens on is 6984
; httpsd = {couch_httpd, start_link, [https]}
[ssl]
;cert_file = /full/path/to/server_cert.pem
;key_file = /full/path/to/server_key.pem
;password = somepassword
; set to true to validate peer certificates
verify_ssl_certificates = false
; Path to file containing PEM encoded CA certificates (trusted
; certificates used for verifying a peer certificate). May be omitted if
; you do not want to verify the peer.
;cacert_file = /full/path/to/cacertf
; The verification fun (optional) if not specified, the default
; verification fun will be used.
;verify_fun = {Module, VerifyFun}
; maximum peer certificate depth
ssl_certificate_max_depth = 1
; To enable Virtual Hosts in CouchDB, add a vhost = path directive. All requests to
; the Virual Host will be redirected to the path. In the example below all requests
; to http://example.com/ are redirected to /database.
; If you run CouchDB on a specific port, include the port number in the vhost:
; example.com:5984 = /database
[vhosts]
;example.com = /database/
[update_notification]
;unique notifier name=/full/path/to/exe -with "cmd line arg"
; To create an admin account uncomment the '[admins]' section below and add a
; line in the format 'username = password'. When you next start CouchDB, it
; will change the password to a hash (so that your passwords don't linger
; around in plain-text files). You can add more admin accounts with more
; 'username = password' lines. Don't forget to restart CouchDB after
; changing this.
[admins]
;admin = mysecretpassword我明白了:
netstat -a -n | grep 5984
tcp 0 0 127.0.0.1:5984 0.0.0.0:* LISTEN
但应该是127.0.0.1,因为我已将0.0.0.0和etc/couchdb/local.ini中的绑定设置为0.0.0.0。
貌似,couchdb正在从其他地方获取设置?我跑的时候:
etc/couchdb/default.ini我明白了:
couchdb -c
在SSH实例访问AWS实例时,根目录包含两个条目:
/usr/local/etc/couchdb/default.ini
/usr/local/etc/couchdb/local.ini
我apache-couchdb-1.6.1 apache-couchdb-1.6.1.tar.gz
到cd并编辑ini文件:
apache-couchdb-1.6.1我认为这与vim etc/couchdb/local.ini
相同?
我已经停止并重新启动了couchdb并重新启动了AWS实例,但仍然没有从配置文件中获取bind_address。
SORTED IT
事实证明/usr/local/etc/couchdb/local.ini与/usr/local/etc/couchdb/local.ini不同。当我将绑定放入正确的ini时,一切正常!
答案 0 :(得分:4)
只需要两件事就可以让它在外面可见:你应该绑定外部IP地址(在EC2实例属性中显示为Public IP)并在防火墙上打开它。所以它必须介于这两者之间。
我看到你将绑定地址更改为0.0.0.0。这应该通过绑定所有接口来解决绑定步骤。
但您仍然使用ssh使用localhost进行连接。你当时没有检查同样的事情。尝试使用curl进行测试时,尝试使用机器IP地址而不是127.0.0.1。它应该是EC2实例属性中显示为公共IP的那个。但如果有疑问,请使用ifconfig -a来确定您拥有的IP地址。您还可以通过运行以下命令netstat -a -n | grep 5984来检查它实际绑定的接口。它必须显示0.0.0.0:5984(或*:5984)为LISTEN(不是127.0.0.1:5984)。否则它没有绑定正确的端口,你应该检查CouchDb配置文件,看看为什么。检查CouchDB是否真正使用您正在编辑的配置也是值得的。
在防火墙端 - 检查您是否在正确的安全组上打开它。它必须是EC2实例的“安全组”属性中显示的属性,并且您打开的规则必须是入站的。
有时实例防火墙会跳入并导致麻烦。但我只在Windows机器上遇到过这个问题。我相信它在AWS Linux机器上被禁用(至少我从来不需要调整任何东西 - 安全组规则总是足够的。)
如果仍然无效。我只能建议尝试用telnet测试它是否连接。由于浏览器有时会错误地报告确切的阶段,以使普通用户更简单。与telnet连接是一个更低级别的测试,但请记住,您需要将端口与telnet而不是冒号分开,例如telnet 1.2.3.4 5984其中1.2.3.4是服务器的IP地址。