Each Elastic Server comes with a built-in firewall which can be administered via the management UI or its web services. The Firewall tab can be used to manage the ports used by your server.
Some components have their default firewall ports already set in the Firewall tab. That is because someone (most likely us at the moment) has implemented what we call a "firewall rubberband" for that component. The whole topic of using "rubberbands" to snap things into Elastic Servers will be documented more fully in an upcoming post.
Regardless of what the specific server's firewall is doing - when using EC2 - you need to be aware of the Security Group which controls Amazon's firewall and access to your running EC2 image. Currently, we DO NOT coordinate the firewall settings of your VM with the Amazon Security Group (although on the roadmap). In order to access some of your services you may have to manually configure the Amazon Security Group.
Here is an example:
Suppose I build a Shindig OpenSocial server via Elastic Server On-Demand using my Amazon EC2 credentials. When I attempt to access my sample gadgets I can't get a connection via:
Where my Amazon public DNS name is something like: ec2-72-44-51-65.z-1.compute-1.amazonaws.com
and 8180 is my Tomcat port.
The reason is even though my VM's firewall is accepting traffic on the Tomcat port, the Amazon firewall for my image is not.
To change the port settings in the security group I click on the Security Groups tab. In the picture below you see the result; the port settings for the pat-dig security group. Port 8180 is not one of them. The ports you see are the default port settings we use when making an AMI through our service.
In the bottom third of the screen you see the Group Permissions. To add the port 8180 permissions for Tomcat, click on the green circle with the checkmark in it. This will pop up the UI box below, where you enter the rule that inbound traffic on port 8180 should be delivered to the VM instance on port 8180.
After entering 8180 as the "from" and "to" ports. I click on add - which results in the refreshed display of the Security Group below.
I can now access my Shindig container running under Tomcat!