0

Currently, we have OIM (Oracle Identity Manager) APIs hosted on AWS EC2 instance which can be accessed via Network Load Balancer (t3://abc.xyz.mno:14000).

We are trying to connect to above mentioned Network Load Balancer from our Java application which is deployed inside a docker container (war file) hosted on AWS ECS fargate.

All entities are in same VPC, under same subnet.

But we are getting below error:

Failed to login/connect to OIM using user: admin. Please contact app support providing the following message:
java.io.IOException: Timed out while attempting to establish connection to :t3://abc.xyz.mno:14000

We are able to connect successfully from our docker container to another DB (same VPC, same subnet as ECS and Load Balancer) hosted on EC2 instance without any additional config at docker /container end.

Also, we are able to connect to OIM APIs (t3://abc.xyz.mno:14000) from our local code (simple deploying war file in tomcat server) as well. Same war file is put in the ECS container.

Any suggestion, feedback, help will be highly appreciated.

dexterous-unwrapped
  • 83
  • 7
  • You will probably need to configure the NLB to be a private (VPC only) load balancer, instead of public, in order to support internal VPC traffic. Or create another NLB for internal VPC traffic if you also need public access. – Mark B Sep 27 '22 at 12:15
  • NLB is configured as VPC with private subnet only @MarkB – dexterous-unwrapped Sep 27 '22 at 12:19
  • But is the scheme set to "internal" or "public"? – Mark B Sep 27 '22 at 13:02
  • Schema is: internal for NLB – dexterous-unwrapped Sep 27 '22 at 13:19
  • Is it something to do with fargate limitations while connecting to NLB? – dexterous-unwrapped Sep 28 '22 at 05:18
  • There is no "Fargate limitations while connecting to NLB" unless you know something I don't. It's just some code of yours running in Fargate, opening a network connection that happens to be to an NLB. There is no limitations of Fargate that would make that work differently than anywhere else. It is most likely an issue with your security group rules assigned to the EC2 server. – Mark B Sep 28 '22 at 12:06
  • Yeah you are right. After days of debugging looks like this is an issue with AWS- Oracle connectivity. OIM is just not allowing connection from application deployed on AWS. Same works fine in local. Need to raise ticket with oracle. – dexterous-unwrapped Sep 30 '22 at 04:22

0 Answers0