在ElasticBeanstalk中的Docker中的Akka集群
我试图在Docker中设置一个Akka集群,在ElasticBeanstalk中。 节点之间必须如此沟通:
+-------------------------------------------------------+ | ElasticBeanstalk/ECS | | | | +----------------------+ +----------------------+ | | | EC2 | | EC2 | | | | | | | | | | +------------------+ | | +------------------+ | | | | | Docker | | | | Docker | | | | | | | | | | | | | | | | +------------+ | | | | +------------+ | | | | | | | | | | | | | | | | | | | | | +---------->->--> | | | | | | | | Akka | | | | | | Akka | | | | | | | | <--<-<----------+ | | | | | | | | | | | | | | | | | | | | | +------------+ | | | | +------------+ | | | | | +------------------+ | | +------------------+ | | | +----------------------+ +----------------------+ | +-------------------------------------------------------+ 使用博客文章中的信息Akka Cluster EC2 Autoscaling (不包括Docker)和Docker中的Akka Cluster (不包括EC2)我已经把几乎所有的解决scheme放在一起。
最后的障碍是节点之间的通信。 每个节点都正确标识另一个节点的内部IP。 我假设EC2实例可以直接通信,绕过ECS负载平衡器。
阿卡节点正在监听端口2551。
/app # netstat -a Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 :::sunproxyadmin :::* LISTEN tcp 0 0 d0a81ebbe72a:2551 :::* LISTEN
docker实例暴露端口2551。
# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d0a81ebbe72a mystuff/potter:v1.0.7-cluster04 "sh -c 'java -jar -Xm" About an hour ago Up About an hour 0.0.0.0:2551->2551/tcp ecs-awseb-maptiles-dev-uicd96apyp-6-potter-b8d6a7aef2c4c9c0a001 d6bc31f1798b amazon/amazon-ecs-agent:latest "/agent" About an hour ago Up About an hour ecs-agent
EC2实例有一个安全组,允许在端口2551上传入连接。
良 aws ec2 describe-instances --instance-ids "i-0750627a98ba930d4" "i-0bcd64a4121165327"|jq '.Reservations[].Instances[].SecurityGroups[]' { "GroupName": "akka-remoting", "GroupId": "sg-6c267e16" } { "GroupName": "akka-remoting", "GroupId": "sg-6c267e16" }良 aws ec2 describe-security-groups --group-names akka-remoting | jq -c '.SecurityGroups[].IpPermissions' [{"PrefixListIds":[],"FromPort":2551,"IpRanges":[{"CidrIp":"0.0.0.0/0"}],"ToPort":2551,"IpProtocol":"tcp","UserIdGroupPairs":[],"Ipv6Ranges":[{"CidrIpv6":"::/0"}]}]良 aws ec2 describe-security-groups --group-names akka-remoting | jq -c '.SecurityGroups[].IpPermissionsEgress' [{"PrefixListIds":[],"FromPort":2551,"IpRanges":[{"CidrIp":"0.0.0.0/0"}],"ToPort":2551,"IpProtocol":"tcp","UserIdGroupPairs":[],"Ipv6Ranges":[{"CidrIpv6":"::/0"}]}]
但是这些节点仍然不能看到对方。
[INFO] [08/23/2017 23:31:37.227] [main] [akka.remote.Remoting] Starting remoting [INFO] [08/23/2017 23:31:37.805] [main] [akka.remote.Remoting] Remoting started; listening on addresses :[akka.tcp://potter@172.31.12.161:2551] [INFO] [08/23/2017 23:31:37.818] [main] [akka.cluster.Cluster(akka://potter)] Cluster Node [akka.tcp://potter@172.31.12.161:2551] - Starting up... [INFO] [08/23/2017 23:31:37.867] [main] [akka.cluster.Cluster(akka://potter)] Cluster Node [akka.tcp://potter@172.31.12.161:2551] - Registered cluster JMX MBean [akka:type=Cluster] [INFO] [08/23/2017 23:31:37.867] [main] [akka.cluster.Cluster(akka://potter)] Cluster Node [akka.tcp://potter@172.31.12.161:2551] - Started up successfully [WARN] [08/23/2017 23:31:38.053] [New I/O boss #3] [NettyTransport(akka://potter)] Remote connection to [null] failed with java.net.ConnectException: Connection refused: /172.31.35.149:2551 [WARN] [08/23/2017 23:31:38.056] [potter-akka.remote.default-remote-dispatcher-7] [akka.tcp://potter@172.31.12.161:2551/system/endpointManager/reliableEndpointWriter-akka.tcp%3A%2F%2Fpotter%40172.31.35.149%3A2551-0] Association with remote system [akka.tcp://potter@172.31.35.149:2551] has failed, address is now gated for [5000] ms. Reason: [Association failed with [akka.tcp://potter@172.31.35.149:2551]] Caused by: [Connection refused: /172.31.35.149:2551]
我错过了什么/被误解了?
根据AWS论坛中有多个开放端口的单个Docker容器中的build议,将Akka的akka.remote.netty.tcp.bind-hostname设置为0.0.0.0而不是启用本地IP的通信。