4

I have a Play 2 web application, which I deploy to Elastic Beanstalk using Docker. In this web app, I start an Akka cluster. The starting procedure involves adding all nodes in the autoscaling group as seed nodes (including itself). On the first deploy to EB I specify to deploy to a VPC (I only select one availability zone).

When I run the app and start the cluster, I get the following message:

AssociationError [akka.tcp://cluster@localhost:2551] -> [akka.tcp://cluster@172.31.13.25:2551]: Error [Invalid address: akka.tcp://cluster@172.31.13.25:2551] [ akka.remote.InvalidAssociation: Invalid address: akka.tcp://cluster@172.31.13.25:2551 Caused by: akka.remote.transport.Transport$InvalidAssociationException: Connection refused: /172.31.13.25:2551

Where 172.31.13.25 is the IP of the EC2 instance, and 2551 is the port. In my Dockerfile I have "EXPOSE 9000 2551". In the EC2 Security Group I have enabled all inbound traffic to
0.0.0.0/0 (and all outbound traffic). In the VPC Network ACLs (and security groups) I've also opened for all traffic.

This is my Dockerfile

FROM dockerfile/java:latest
MAINTAINER a <a@b.de>
EXPOSE 9000 2551
ADD files /
WORKDIR /opt/docker
RUN ["chown", "-R", "daemon", "."]
USER daemon
ENTRYPOINT ["bin/myapp"]
CMD []

Why does my EC2 instance refuse a connection to itself on port 2551?

DkM
  • 800
  • 1
  • 7
  • 22
  • Can you do an ifconfig on the ec2 host and post the response? 172.31.13.25 looks like similar to what I normally get for the docker bridge IP. Amazon IPs tend to start with 10 for internal and 54 for public. – Usman Ismail Dec 09 '14 at 16:22
  • After a new env. was created, it says: Connection refused: /172.31.11.233:2551. ifconfig gives a docker0 address of 172.17.42.1 and a eth0 of 172.31.11.233. So it seems to be the correct address (the 172.* could be an effect of the VPC?) – DkM Dec 10 '14 at 08:32
  • I tried without a VPC now, but still get refused. So I suspect its something to do with Docker, but I am not sure how to solve that. – DkM Dec 10 '14 at 09:23
  • As you said: 172.31.13.25 is the IP of your instance. It's not the IP of your container, that may be the problem. – Céline Aussourd Dec 10 '14 at 11:17
  • 1
    Is it possible to route all traffic incoming to an AWS instance to the docker container? I need to use the AWS sdk for node discovery – DkM Dec 10 '14 at 11:29
  • You could use the host network stack but using --net=host in your docker run command. That way you don't need forward individual ports. – Usman Ismail Dec 10 '14 at 14:19
  • I'm afraid its not possible to specify docker run options directly using Elastic Beanstalk. I'm currently having a look at the Dockerrun.aws.json – DkM Dec 10 '14 at 15:22
  • 2
    It turns out the problem is to do with having multiple ports from a single container on elastic beanstalk – DkM Dec 11 '14 at 08:32
  • The solution to this was to not use Docker, but to use Tomcat. E.g. deploy the play 2 app as a WAR file and use Tomcat on Elastic Beanstalk. – DkM Mar 01 '15 at 15:52
  • 1
    Can you answer your own question and accept the answer so this is not listed under the "Unanswered" filter? – Andy Shinn Mar 04 '15 at 18:06

1 Answers1

0

Turns out this is not possible as of now using Docker on Elastic Beanstalk. It is, however, possible using Tomcat.

Using play/activator, you can deploy a WAR file. By injecting the following .ebextensions config file into the war file, I was able to get an extra port open between the EC2 instances:

Resources:
  ExtraPortsSGIngress:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
      GroupId: { "Ref" : "AWSEBSecurityGroup" }
      IpProtocol: "tcp"
      FromPort: "2551"
      ToPort: "2551"
      SourceSecurityGroupId: { "Ref" : "AWSEBSecurityGroup" }
DkM
  • 800
  • 1
  • 7
  • 22