Acces Service By Ip

Hello,
We have a service deployed in fly.io and everything works perfectly, we have a case that should access this service outside of the fly, and for this have to list its IP in the client load balancer.

The issue is accessing the service by IP does not work, For example:
https://12.232.32.11/home will not be available even if 12.232.32.11 IP is associated with our service.
We use shared IP atm.
Is there any configuration we should do to make this available through IP?

Best regards,
Vitalie.

you need a dedicated IP if you want to access it by IP directly. without a dedicated ip, you will have to go use the .fly.dev address

Hello @kwaw , thank you for your response.

even if I assign a dedicated IP I still cannot access service by IP.

Hi Vitalie,

HTTPS connections typically “don’t work like that”. That’s because the protocol can’t infer from the IP address, the hostname it should connect to and verify; this is strictly enforced in secure (TLS) connections. This is known as SNI (server name indication) and it usually comes from the host part of your URL. But if the host in the URL and the IP address it resolves to don’t match, or if your URL contains an IP address and no host information, things will not work.

What you need to do is indicate to the connecting client that it needs to connect to ip address a.b.c.d but request Host foo.example.com. This is client-dependent, but for example, on curl you would do it like this:

curl -v https://application.fly.dev --resolve application.fly.dev:443:1.2.3.4

So the IP address to connect to comes from the --resolve parameter, and the host name comes from the URL https://application.fly.dev.

I hope this helps!

  • Daniel

Thank you Daniel it was very helpful, I was able to figure out the setup.,
Besides I have one question how to set up an internal service to listen on different ports?
for example, I have

app = “my-app”
primary_region = “yyz”

[http_service]
internal_port = 8080
auto_stop_machines = false
auto_start_machines = true
min_machines_running = 1
processes = [“app”]

which setup should I do to call my-app.internal:8034 ?

You make a service definition for say port 3000, and then you make several port definitions for say 4000, 5000, 6000. And what will happen is, the proxy will direct all traffic to 4000, 5000, 6000 → 3000 in your vm.

See these docs on how to configure services.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.