Skip to content

Cloud networking

Created: 2021-12-27 15:52:36 -0800 Modified: 2021-12-27 16:55:47 -0800

I seem to struggle every time I have to expose a service through a cloud platform (regardless of the cloud platform). This note is intended to be a checklist for how to work through these issues.

  • Is the service running?
    • See if you can connect to the machine or container.
      • In Kubernetes, you can follow these instructions: kubectl exec —stdin —tty shell-demo — /bin/bash
      • See if you can SSH.
        • Can you not SSH?
          • Are you using the right username, host, and SSH key?
          • For any other SSH issues, you can potentially consult other top-level bullet points in this list.
    • cURL localhost and the port from the machine itself to see if it’s working. If it isn’t, check any logs from the service itself to see if it started correctly.
  • Can you reach the service from another machine or container in the same VPC?
    • If not, perhaps the service is only serving on localhost and not any host (
  • Can you reach the server from another network (e.g. over the Internet)?
    • If not, check your firewall rules and security-group rules, and ensure that a public IP was assigned to something in the stack (either the machine/container directly or a load balancer). E.g. on AWS, you need to make sure your subnet has a route to the Internet Gateway on
  • Did you point DNS to the machine/container that you want to expose? This part isn’t necessary, but it will let you use a domain name rather than the IP address (which is helpful even for services that only machines will contact).