用于春季启动应用程序的Digital Ocean开放端口8080 [英] Digital Ocean open port 8080 for spring boot application
问题描述
我想在我的 Ubuntu 16.04.6 x64 小滴上运行一个简单的Spring Boot应用程序。为了允许传入连接,我不得不打开8080端口,因为这是Spring Boot jar中的嵌入式tomcat服务器将监听连接的地方。
I want to run a simple Spring Boot application on my Ubuntu 16.04.6 x64 droplet. To allow incoming connections I had to open the 8080 port, since this is where the embedded tomcat server in the spring boot jar will listen for connections.
我使用了 ufw allow 8080 命令,现在我在液滴上看到了。
I used the ufw allow 8080 command and now I see this on me droplet.
#ufw status
Status: active
To Action From
-- ------ ----
8080 ALLOW Anywhere
22 ALLOW Anywhere
80 ALLOW Anywhere
8080 (v6) ALLOW Anywhere (v6)
22 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
我确保我的应用程序正在运行:
I made sure I have my application running:
java -jar myservice.jar &
Netstat报告某些内容正在监听8080:
Netstat reports that something is listening on 8080:
# netstat -aon
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State Timer
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN off (0.00/0/0)
tcp 0 XXX XX.XXX.XX.XXX:22 XX.XX.XXX.XX:64021 ESTABLISHED on (0.11/0/0)
tcp6 0 0 :::8080 :::* LISTEN off (0.00/0/0)
tcp6 0 0 :::22 :::* LISTEN off (0.00/0/0)
但是当我在服务器外进行telnet时,我会得到:
Yet when I do telnet outside the server I get:
telnet XX.XXX.XX.XXX 8080
Connecting To XX.XXX.XX.XXX...Could not open connection to the host, on port 8080: Connect failed
当我在服务器上执行telnet时,我得到:
And when I do telnet on the server I get:
# telnet localhost 8080
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
在Digital Ocean的防火墙控制面板中,我进行了以下设置:
In Digital Ocean's Firewall control panel I have the following setup:
HTTP 请求服务器只是挂起,永远不会返回。从缺少日志的角度来看,它们甚至都没有到达tomcat服务器。
HTTP requests to the server just hang and never return. They don't even reach the tomcat server, judging by the lack of logs.
我缺少什么?
更新1:
本地(内部)服务器)向我的健康检查端点发出的卷曲请求也被挂起。但是我离开了一个更长的时间,然后得到了这个应用程序日志:
Local (inside the server) curl requests to my healthcheck endpoint were also hanging. However I left one for longer period and I got this application log:
2019-05-13 18:39:48.723 WARN 5873 --- [nio-8080-exec-2] o.a.c.util.SessionIdGeneratorBase : Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [214,287] milliseconds.
这解释了为什么请求被挂起,因此应用了此帖的答案解决了该问题。现在,我可以在服务器上命中我的端点,并且它可以响应。
This explained why the request was hanging, so applying the answer from this post fixed that. Now I'm able to hit my endpoint on the server and it's responding.
但是,在框外,请求仍然没有到达服务器。外部Telnet仍然说无法在端口8080上打开到主机的连接。
However outside the box, requests are still not making it to the server. Telnet outside still says Could not open connection to the host, on port 8080.
推荐答案
我不确定100%为什么,但是Digital Ocean Firewall控制面板中的防火墙规则干扰了我的Droplet配置。
I'm not 100% sure why, but the Firewall rules from the Digital Ocean Firewall Control panel were interfering with my droplet configuration.
我已删除控制面板中的防火墙规则,现在netstat报告我的8080端口已打开,终于可以从外界与服务器进行通讯了。
I've deleted the Firewall rules from the control panel and now netstat reports that my 8080 port is open and I'm able to talk to the server from the outside world, finally.
#nmap -sS -O XX.XXX.XX.XXX
Starting Nmap 7.01 ( https://nmap.org ) at 2019-05-13 21:13 UTC
Nmap scan report for myservice (XX.XXX.XX.XXX)
Host is up (0.000024s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
8080/tcp open http-proxy
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.8 - 3.19
Network Distance: 0 hops
还要从问题中检查更新1 ,因为它还会引起奇怪的混乱。
Also check UPDATE 1 from the question as it was also causing bizarre confusion.
这篇关于用于春季启动应用程序的Digital Ocean开放端口8080的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
