问题
Is it possible to have an EC2 instance running, listening on port 443, without a load balancer? I'm trying right now in my Node.JS app but it doesn't work when I call the page using https://. However, if I set it to port 80 everything works fine with http://.
I had it working earlier with a load balancer and route53, but I don't want to pay $18/mo for an ELB anymore, especially when I only have one server running.
Thanks for the help
回答1:
You're right, if it's only the one instance and you feel like you don't need to be prepared for large increases in traffic, you shouldn't have to pay for an ELB.
From a high-level standpoint you'll have to go through the following steps:
- Install an nginx server to serve your NodeJS application.
Install your SSL certificates on the nginx server.
-- Either do this manually, ssh'ing into the server and installing the certs as described here.
-- OR include the necessary files in your application (I believe this only works for elastic beanstalk?) which will overwrite the nginx configuration files automatically as described here.
- Make sure nginx is listening on port 443 (should've been completed in the previous step)
- Open the EC2 server's security group corresponding to where you want traffic to enter the server (port 80 / port 443)
回答2:
Is it possible? Yes of course. It sounds like you had an SSL certificate installed on the ELB and now you've deleted the ELB. You will have to install an SSL certificate on the EC2 server now. You can't use AWS ACM SSL certificates without an ELB or CloudFront distribution. If you don't want to pay for either of those services you will have to obtain an SSL certificate elsewhere.
回答3:
For our projects (much like the other poster described) we used this setup:
- nginx as load balancer and proxy for all calls on port 80 (no direct call to node.js server on port 3000 which is closed to the public)
- pm2 as process manager for Node.js (and for deployment)
- keymetrics.io for monitoring
- Nodejs v6.9.3 boron/lts (through NVM)
- Mongodb 3.2 with WiredTiger Engine (Compose.io)
- Amazon EC2 instances for hosting (Amazon Linux not Ubuntu)
This setup works very well for us. And in this setup we're able to setup SSL without using the amazon load balancers.
来源:https://stackoverflow.com/questions/40479534/aws-ssl-on-ec2-instance-without-load-balancer-nodejs