ReportServer for AWS login hangs in private VPC

[btkibler]

The ReportServer AMI for AWS (launched as a standalone AMI, not via CloudFormation) works just fine when I run it in a public EC2 instance, or in the "default VPC" with a public IP address.  However, if I run it in a private VPC, with no hostname and just an IP address, the login screen fails.  I'm able to see the default splash screen just fine, but when I click on the login button (i.e. http://<ip-address>/jaspersoft-pro), it just hangs.

There are no errors in catalina.out, and I can see that the /jaspersoft-pro web context has been loaded.

There is a suspicious error in /var/logs/tomcat7/tomcat7-initd.log:

[/code]

-sh: line 0: export: `/bin/sh': not a valid identifier

-sh: line 0: export: `/etc/jasperserver/fix_hostname_issue_in_vpc.sh': not a valid identifier

rm: cannot remove `/tmp/instance-type': Operation not permitted

/tmp/instance-type: Permission denied

/usr/sbin/tomcat7: line 21: .: /etc/sysconfig/: is a directory

 

I can see the request hitting the webserver via tcpdump, so I know there's not a firewall problem, but the server stops reading the socket, and after a few TCP retries, the socket is eventually dropped.

Any other errors to look for, or things to try fixing?

Thanks,

Ben

 

EDIT: I was able to login to the VPC JRS instance from a browser on another machine in the same VPC.  This leads me to believe the root problem is somewhere else in the network stack, not specific to the JRS configuration.  However, it's still very odd that other servlets in the JRS Tomcat instance work, and it's only the /jasperserver-pro web context that doesn't work...

 

[btkibler]

The root cause was an app-aware rule in the Palo Alto firewall between our corporate network and the AWS VPC.  The Jaspersoft landing page wasn't blocked (allowed by generic "web-browsing" policy), but once the firewall saw the /jasperserver-pro URL, the traffic was identified as "Jaspersoft", and blocked by default.

Once we fixed the firewall, the login page worked just fine.