Quick and to the point.
The ECS containers are running on EC2. I can connect to Elasticache Redis cluster from the EC2 instance but when inside the docker container I am getting
Warning: inverse host lookup failed for <ip>
I don't think that is necessarily the issue because that's just an error about reverse DNS lookup as far as I'm aware and the container is still getting the correct IP response for the lookup but I figure it's worth mentioning.
The ECS containers are configured in awsvpc networking mode so the container gets its own ENI on the instance and inherits the instances, security group.
The elastic cache cluster is accepting all traffic from the security group on the ec2 instance and like mentioned above the ec2 instance can connect to the Redis cluster but when in the docker container I cannot.
To test this I have run a netcat nc -v <redis cluster endpoint> 6379 from the ec2 and it connects correctly, but when in the docker/ecs container it timeout. The result from nc is as follows
user@hostname $ nc -v <redis-endpoint> 6379
Warning: inverse host lookup failed for <returned-ip>: Unknown host
<redis-endpoint> [<returned-ip>] 6379 (?) open
Any ideas on what could be causing this issue?
I don't think it's related to the SG because the ec2 instance can connect fine and to the best of my knowledge the ECS container (because it uses an eni on the same host) is using the same security group as the ec2 container but I am running out of ideas so any input is helpful.
I also found this existing post which may be something I need to consider, but at this time I can't even open a tcp connection to the Redis port so I haven't even made it to troubleshooting application issues yet.
question from:
https://stackoverflow.com/questions/65645503/aws-ecs-container-cannot-connect-to-elasticache-cluster 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
