0 votes
1 view
in AWS by (19.2k points)

I'm attempting to run a web server that uses an RDS database with EC2 inside a Docker container.

I've set up the security groups so the EC2 host's role is allowed to access the RDS and if I try to access it from the host machine directly everything works correctly.

However, when I run a simple container on the host and attempt to access the RDS, it gets blocked as if the security group weren't letting it through. After a bunch of trial and error, it seemed that indeed the containers requests aren't appearing to come from the EC2 host so the firewall says no.

I was able to work around this in the short-run by setting --net=host on the docker container, however, this breaks a lot of great docker networking functionality like being able to map ports (ie, now I need to make sure each instance of the container listens on a different port by hand).

Has anyone found a way around this? It seems like a pretty big limitation to running containers in AWS if you're actually using any AWS resources.

1 Answer

0 votes
by (44.6k points)

In the same VPC, both the ECS cluster and the RDS instance should be present and it can be configured using security groups. So, we have to do it like this:

  • Go to the RDS instances page
  • Select the DB instance and move on to the details
  • Click the Security group id
  • Go to the Inbound tab and choose Edit
  • Add this rule - type - MySQL/Aurora with source Custom, if exists no problem.
  • While entering the custom source, type your ECS clusters name and the Security group name. It will be autocompleted for you.

Check out this official tutorial from Bitnami - https://docs.bitnami.com/aws/how-to/ecs-rds-tutorial/#step-23-set-up-amazon-ecs

Welcome to Intellipaat Community. Get your technical queries answered by top developers !


Categories

...