How do I Connect to the TeamCity Server EC2 Instance when Using the CloudFormation Template?
I successfully created the stack by using the CloudFormation template and following the instructions here: https://blog.jetbrains.com/teamcity/2017/10/teamcity-aws/
I successfully connected to TeamCity via HTTP by following the link in the Outputs tab.
But then the guide says:
'To connect to the server’s console, you need to use your instance key:ssh -i instance-key.pem core@[server IP]
To see the logs, just run the docker logs command for the desired container.'
There are 2 instances created by this template (I selected 0 agents). Only 1 has a public IP address - the same one in the Outputs tab, below the HTTP address.
When I connect to that instance via SSH (the user is ec2-user - not core), it doesn't recognise Docker commands. Neither Docker nor TeamCity seem to be installed. I'm guessing this instance is just a proxy server and the other instance (without a public IP) is the actual TeamCity server.
If this is the case then this should be made clear in the guide linked above (maybe this wasn't always the case?).
So how do I read the logs from the TeamCity server if it ever fails to initialise? As that's the ultimate goal here.
Disclaimer: I'm an AWS noob and only use Linux when I have to.
Please sign in to leave a comment.
The EC2 with a public IP address is what is known as a "Bastion Host". It will be used as a proxy to connect to the private EC2 instances.
This blog post gives a pretty good quick overview of why and how to use it: https://medium.com/spatialdev/bastion-server-and-aws-private-sub-networks-for-a-more-secure-deployment-aef43b160565
Thanks for the link. It's very informative.
The only thing is I'm trying to connect from windows.
I've now managed to connect to the actual server by copying the private key to the bastion host, but is there an easy way of doing what the article describes but for windows? i.e. to forward the private key and connect transparently?
It will be specific to the client you use for Windows to make SSH connections. They will configure this in different ways if it is a supported feature.
OpenSSH is now available on Windows 10 and Server 2019, but it is likely not what you are currently using.
You are more likely using PuTTY or another client. I'm not an expert with these, but I dug up some links that might get you started with PuTTY. It doesn't look quite as easy as with OpenSSH but it should be doable.
https://superuser.com/questions/360351/can-i-tell-putty-to-connect-to-one-ssh-server-then-automatically-to-another
https://stackoverflow.com/questions/4974131/how-to-create-ssh-tunnel-using-putty-in-windows
Hopefully, those should at least get you on the right path.
Ah, finally sussed it!
I am indeed using PuTTY but with mRemoteNG too, which can load a PuTTY session file.
I'd tried both those links and not had any success, then I found the following article:
https://aws.amazon.com/blogs/security/securely-connect-to-linux-instances-running-in-a-private-amazon-vpc/
I had to add the private key to Pageant (installed with PUTTY), enable Agent Forwarding and then add 'ssh <teamcity_server_ip>' as a Remote Command.
This should really be in the guide I linked in the original post.
Thanks very much for your help :)