AWS Express new install

Scotte · December 1, 2021, 9:05pm

Situation
I completed the OpenEMR Cloud Express on AWS.
Everything seemed to go fine and I have an instance running.
I received the Public, private, IP and DNS information.
When I try to connect the the IP I get an error saying:
“There was a problem connecting to your instance”
When I try ssh to connect, it times out without connecting.
On the EC2 console it shows the instace state as running.

OpenEMR Version
I assume the version is 6.0.
Did I misunderstand it would be auto installed with this?

Browser:
Tired Chrome and Edge

Operating System
Windows 10 Pro

Logs
Did you check the logs?
Can not start OpenEMR to check logs

robert.down · December 1, 2021, 9:29pm

Try SSH’ing but add -v to generate some more info about the issue. Also, check your network settings in AWS to ensure your security group is allowing inbound traffic on ports 80 (HTTP), 443 (HTTPS), and 22 (SSH)

jesdynf · December 2, 2021, 3:34am

I suspect this isn’t a security group issue, because if it was security groups it’d be responding on 80/443 – this is a networking issue, the instance either has no public IP or it’s in a VPC subnet that can’t route to the world.

Scotte · December 2, 2021, 11:18am

Thanks for the suggestions.
I tried the -v and it still timed out.
I have also tried a different internet connection (on my pc)
Still same timed out.
I tried to attach and image but could not.
Here is the ssh reply

OpenSSH_for_Windows
debug1: Connecting to 3.145.81.119 [3.145.81.119] port 22
debug1: conect to address 3.145.81.119 port 22: Connection timed out
ssh: connect to host 3.145.81.119 port 22 Connection timed out

stephenwaite · December 2, 2021, 11:22am

how about restarting the ec2?

adunsulag · December 2, 2021, 3:27pm

On the EC2 console what does it show for your public ip? Did you use the default Virtual Private Cloud (VPC) settings for the network to launch express?

Scotte · December 2, 2021, 7:26pm

@ adunsulag, the ip address is: 3.145.81.119 took too long to respond
@ stephenwaite I had done a restart but tried again today.
No change in behavior

Thanks

preetimochi · April 6, 2022, 10:29pm

@Scotte did you ever find a fix? I seem to be having the same problem

Scotte · April 7, 2022, 12:10am

No solution and no help from AWS because it is a free account so I deleted it and cancelled the account.

Two weeks after I cancelled I was contacted and asked if I needed help.
LOL Too late.

Pratyusha Gogulapati preetimochi
April 6

@Scotte did you ever find a fix? I seem to be having the same problem

preetimochi · April 7, 2022, 2:31am

Did you end up using the Standard version of OpenEMR or go with another solution altogether? I’m really stumped rn

stephenwaite · April 7, 2022, 2:46am

hi @preetimochi , do you remember what you selected from the setup?

am sure @jesdynf will be glad to weigh in and help

jesdynf · April 7, 2022, 3:18am

There’s not a lot to go on, unfortunately. We just got finished serving a ticket on the main repo where a user on Windows was unable to connect to EC2 instances (not ours alone) for completely unclear reasons, so I know it can happen if not why.

Note that it’s not really possible for any of the Amazon packages to fail in such a way that ssh will be non-responsive, that’s just flat not going to happen and it’s pointing to problems with the network or security groups. I recommend trying to start a regular old Amazon instance in the same VPC and subnet and see if you can connect to that.

If you can’t, you know you’ve got a different problem to resolve that. If you can, then you’ve got something to compare now.

Scotte · April 7, 2022, 12:42pm

I did not have any issues setting up OpenEMR on my local workstation.

Why AWS would not work was something I did not feel was worth the effort to spend more time on. I followed all of the guides and suggestions to make it work but the problem persisted.

I ended up creating a web portal (static public IP address) and installed OpenEMR on my server. It worked first time and has not had any issues. It was actually very easy to do and inexpensive.

Unfortunately, I have not been able to complete the setup of OpenEMR to be used in my company. (My company has other projects I’ve been busy doing.)

When I check OpenEMR, it works fine but we have not put any data into the system and start using it as an EMR system.

We will probably need to hire a consultant / developer to assist in implementation of OpenEMR in my company. I’m sure the expense of that will be worth the cost.

preetimochi · April 8, 2022, 9:47pm

I selected launch from Website & t2.micro. I tried to SSH in & it had the same error as online its timing out.

preetimochi · April 8, 2022, 9:52pm

I seem to be able to SSH in on the free Lightsail version but even trying to SSH in on the Express version is timing out. I’m seeing these errors so trying to work through these - I’m on a Mac so not sure I can do the first but trying to set up the IAM instance profile.

jesdynf · April 8, 2022, 10:00pm

You wouldn’t be able to connect that way, I never installed SSM Agent. (Maybe I should?)

I will note that the user you should connect with is “ubuntu”, not “root”, though that wouldn’t cause timeouts. I continue to suspect this is a network or security group issue – no other user has reported an inability to connect to an Express instance. The domain and command do look otherwise correct, however.

preetimochi · April 8, 2022, 10:18pm

For the security group, I just chose the default security group settings. It seems to be passing both of the status checks. The only other thing I can think of is that Im currently located in the west coast but the instance is on east coast availability zone, would that make a difference? Also where would I have set up the ubuntu user?

jesdynf · April 8, 2022, 10:21pm

You wouldn’t’ve set it up, I did when I made the instance. I gave AWS a Ubuntu 20.04 instance I configured, and then when you spun it up in your environment AWS added your key to it.

But I think you just put your finger on the problem – the “default” security group does not allow public access to servers. Create a new security group that allows inbound access to 80/443 and your ip to 22 and add it to the instance and you should be good.

(Do not /replace/ the ‘default’ security group, that’s important and it matters, just add your new group.)

preetimochi · April 8, 2022, 10:47pm

This seems to be progress, never got this before. But I did as you suggested and added a new security group with inbound access to ports 80/443/22.

preetimochi · April 8, 2022, 10:49pm

Here are the ports added, for any future persons reference - 22 was MyIP as the option