我正在尝试在Docker中设置一个Akka集群,在ElasticBeanstalk中。节点必须像这样相互通信:
+-------------------------------------------------------+
| ElasticBeanstalk/ECS |
| |
| +----------------------+ +----------------------+ |
| | EC2 | | EC2 | |
| | | | | |
| | +------------------+ | | +------------------+ | |
| | | Docker | | | | Docker | | |
| | | | | | | | | |
| | | +------------+ | | | | +------------+ | | |
| | | | | | | | | | | | | |
| | | | +---------->->--> | | | |
| | | | Akka | | | | | | Akka | | | |
| | | | <--<-<----------+ | | | |
| | | | | | | | | | | | | |
| | | +------------+ | | | | +------------+ | | |
| | +------------------+ | | +------------------+ | |
| +----------------------+ +----------------------+ |
+-------------------------------------------------------+
使用博文Akka Cluster EC2 Autoscaling(不包括Docker)和Akka Cluster in Docker(不包括EC2)中的信息,我已经将< em>几乎有解决方案。
最后的障碍是节点之间的通信。每个节点都正确识别另一个节点的内部IP。我假设EC2实例可以绕过ECS负载均衡器直接通信。
akka节点正在侦听端口2551.
/app # netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 :::sunproxyadmin :::* LISTEN
tcp 0 0 d0a81ebbe72a:2551 :::* LISTEN
docker实例正在暴露端口2551。
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d0a81ebbe72a mystuff/potter:v1.0.7-cluster04 "sh -c 'java -jar -Xm" About an hour ago Up About an hour 0.0.0.0:2551->2551/tcp ecs-awseb-maptiles-dev-uicd96apyp-6-potter-b8d6a7aef2c4c9c0a001
d6bc31f1798b amazon/amazon-ecs-agent:latest "/agent" About an hour ago Up About an hour ecs-agent
EC2实例有一个安全组,允许端口2551上的传入连接。
良 aws ec2 describe-instances --instance-ids "i-0750627a98ba930d4" "i-0bcd64a4121165327"|jq '.Reservations[].Instances[].SecurityGroups[]'
{
"GroupName": "akka-remoting",
"GroupId": "sg-6c267e16"
}
{
"GroupName": "akka-remoting",
"GroupId": "sg-6c267e16"
}
良 aws ec2 describe-security-groups --group-names akka-remoting | jq -c '.SecurityGroups[].IpPermissions'
[{"PrefixListIds":[],"FromPort":2551,"IpRanges":[{"CidrIp":"0.0.0.0/0"}],"ToPort":2551,"IpProtocol":"tcp","UserIdGroupPairs":[],"Ipv6Ranges":[{"CidrIpv6":"::/0"}]}]
良 aws ec2 describe-security-groups --group-names akka-remoting | jq -c '.SecurityGroups[].IpPermissionsEgress'
[{"PrefixListIds":[],"FromPort":2551,"IpRanges":[{"CidrIp":"0.0.0.0/0"}],"ToPort":2551,"IpProtocol":"tcp","UserIdGroupPairs":[],"Ipv6Ranges":[{"CidrIpv6":"::/0"}]}]
但是节点仍然看不到对方。
[INFO] [08/23/2017 23:31:37.227] [main] [akka.remote.Remoting] Starting remoting
[INFO] [08/23/2017 23:31:37.805] [main] [akka.remote.Remoting] Remoting started; listening on addresses :[akka.tcp://potter@172.31.12.161:2551]
[INFO] [08/23/2017 23:31:37.818] [main] [akka.cluster.Cluster(akka://potter)] Cluster Node [akka.tcp://potter@172.31.12.161:2551] - Starting up...
[INFO] [08/23/2017 23:31:37.867] [main] [akka.cluster.Cluster(akka://potter)] Cluster Node [akka.tcp://potter@172.31.12.161:2551] - Registered cluster JMX MBean [akka:type=Cluster]
[INFO] [08/23/2017 23:31:37.867] [main] [akka.cluster.Cluster(akka://potter)] Cluster Node [akka.tcp://potter@172.31.12.161:2551] - Started up successfully
[WARN] [08/23/2017 23:31:38.053] [New I/O boss #3] [NettyTransport(akka://potter)] Remote connection to [null] failed with java.net.ConnectException: Connection refused: /172.31.35.149:2551
[WARN] [08/23/2017 23:31:38.056] [potter-akka.remote.default-remote-dispatcher-7] [akka.tcp://potter@172.31.12.161:2551/system/endpointManager/reliableEndpointWriter-akka.tcp%3A%2F%2Fpotter%40172.31.35.149%3A2551-0] Association with remote system [akka.tcp://potter@172.31.35.149:2551] has failed, address is now gated for [5000] ms. Reason: [Association failed with [akka.tcp://potter@172.31.35.149:2551]] Caused by: [Connection refused: /172.31.35.149:2551]
我错过/误解了什么?
答案 0 :(得分:0)
根据AWS论坛帖Single Docker Container with multiple open ports中的建议,将Akka的akka.remote.netty.tcp.bind-hostname设置为0.0.0.0,而不是本地支持IP的通信。