问题
We're using ElasticBeanstalk to setup a few Node.js environments. For now, we are using Redis as our session store, which is set up in ElastiCache.
When I ssh into the EC2 instance, and netcat the Redis store, I can confirm that the network allows a connection over port 6379:
[ec2-user@<redacted>]$ nc -v <redacted>.usw2.cache.amazonaws.com 6379
Connection to <redacted>.usw2.cache.amazonaws.com 6379 port [tcp/*] succeeded!
EC2 Security Group's Outbound Policy: 0.0.0.0/0
Redis Security Group's Inbound Policy allows for incoming TCP on port 6379 from my EC2 security group.
This seems to support the observations we see with netcat successfully pinging the Redis store. However, the Node.js app itself hangs when trying to connect to Redis. I can replicate this on the EC2 instance by running the following:
[ec2-user@<redacted>]$ ./redis-cli -c -h <redacted>.usw2.cache.amazonaws.com -p 6379 ping
This just stays hung and we receive no PONG response. Given netcat's success, I'm fairly confident this isn't a security group issue, but there's definitely something seemingly wonky going on over the wire here.
Any ideas?
回答1:
The issue was that ElastiCache was configured for encryption in transport and at rest. Turns out, we didn't need that for this particular instance, so once we removed that, things started working. TBD on what the actual solution would be if we had kept encryption.
来源:https://stackoverflow.com/questions/55090822/connection-to-redis-elasticache-from-elasticbeanstalk-ec2-fails