Endpoint timing out with curl

0

Hi

I'm having real problems with a VPC endpoint I'm trying to configure in connection with a Managed Blockchain network. Please note, I'm new to AWS.

I have reached the stage where I am trying to connect from my client instance to the network via curl or telnet (as per step 3.2 in the link below), and any method I try times out. I have verified that my instances, vpcs etc meet the requirements given in the documentation, and I have attempted restarting the process from the ground up to no avail. I'm confident I haven't missed anything out that's in the documentation, but given my newbie-ness when it comes to AWS generally (and networking too), it's possible I missed something simpler that more knowledgable folks take for granted.

I'd appreciate any suggestions for ways to proceed, diagnosis help, or any pages people can point me at with relevant information. Commands which are timing out include (both as per the documentation for step 3.2):

curl https://CAEndpointURL:30002/cainfo -k
curl https://CAEndpointURL:30002

Thanks

Mark

https://docs.aws.amazon.com/managed-blockchain/latest/managementguide/get-started-create-client.html

demandé il y a 5 ans1229 vues
2 réponses
0
Réponse acceptée

Check below things.

a--Fabric client (EC2 instance is in same VPC used in creating VPC Service endpoint).
b--Fabric client (EC2 instance is using same Security Group used in creating VPC Service endpoint).
c--Port 30001 to 30004 are allowed in inbound rules in the security group.

2ndly there is a mistake in AWS documentation, the 2nd url should be used with telnet, instead of Curl. it should be:
telnet CAEndpointURL 30002

I have already pointed out this mistake to AWS Support and they confirmed that they will update the documentation.

One thing more is that the port is not guaranteed to be 30002, but the exact value will be returned in the get-member API.

Edited by: Ikram on Feb 3, 2019 5:59 PM

Ikram
répondu il y a 5 ans
0

Thanks, it was the security group TCP port not being open that was the issue. In retrospect, it seems clear, but a combination of my own lack of network experience and the documentation not mentioning it meant I missed it. Thank you for the help. I suggest that this be added this to the prerequisites section of the documentation too.

répondu il y a 5 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions