0

So I have this ASP.NET Core app I recently dockerized. It works fine in my local machine, it runs when I push it into AWS App Runner, except when I want to make a DB call, it is then when I experience this exception:

ExtendedSocketException: Resource temporarily unavailable System.Net.Dns.GetHostEntryOrAddressesCore(string hostName, bool justAddresses)

The exception isn't too relevant to .Net or C# knowledge, what matters is what it tells us, it says that there are no sockets available inside the container.

I am fairly new to containerization and hosting said containers in AWS, having worked on EC2 only before.

My guess is that the container running in AWS App Runner has limitations on the networking that aren't present in how Docker Desktop runs the container when I hit the run button.

Is there any way I can configure networking to be more open in AWS App Runner? Be it a configuration in the service or through the Dockerfile.

My Dockerfile is as follows, for reference:

FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build
WORKDIR /src
COPY . .  
RUN dotnet restore "LeadDog.Web/LeadDog.Web.csproj"
COPY . .
WORKDIR "/src/LeadDog.Web"
RUN dotnet build "LeadDog.Web.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "LeadDog.Web.csproj" -c Release -o /app/publish

FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base
WORKDIR /app
EXPOSE 80

FROM base AS final
ENV ASPNETCORE_ENVIRONMENT=Development 
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "LeadDog.Web.dll"]

Edit:

This was the closest I got to an answer, but my lack of expertise with Docker still leaves me with questions, since I don't know if I can set a network mode from the Dockerfile or if I can configure a network mode in AWS App Runner.

Thanks in advance,

Carlos Jimenez Bermudez
  • 1,070
  • 1
  • 14
  • 36
  • An App Runner service should have complete outbound flexibility (as in you could call anything you want). What is the DB endpoint you are trying to reach? Consider that App Runner does not have VPC connectivity (yet) and it leaves in the open. This means your DB needs to be reachable from the Internet (for now) and obviously not having a firewall security configuration that prevents access to it. – mreferre Nov 17 '21 at 18:08
  • The DB is accesible from my local computer and we haven't configured access based on IP yet, so it is publicly accessible. – Carlos Jimenez Bermudez Nov 17 '21 at 18:15
  • I know I can build with "--network=host", but since I don't know how App Runner works I don't know if that's an option, is every App Runner instance it's own EC2 underneath? or is it running on something like Lambda? – Carlos Jimenez Bermudez Nov 17 '21 at 18:18
  • 1
    To the best of my knowledge the `--network` option at build time only has effect during the build and not at run-time. App Runner deploys to Fargate and the app endpoint is exposed through an envoy proxy. But the point is that all outbound traffic (the one you need to connect to the DB) is enabled (and it's not related to how you built the container). – mreferre Nov 17 '21 at 23:14

1 Answers1

0

It turns out that building with "--network host" was the solution after all, after building the image that way, the server had no issues connecting to the DB when using AWS App Runner.

Carlos Jimenez Bermudez
  • 1,070
  • 1
  • 14
  • 36
  • 1
    See my other comments above. It's very weird that `--network` at build time had any effect on this. But happy you got it working. – mreferre Nov 17 '21 at 23:15
  • I was in doubt myself, which is why I asked the question in the first place rather than just using the other question suggestion right away, but it worked out. – Carlos Jimenez Bermudez Nov 18 '21 at 02:35