-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS credentials required in the new AWS Discovery using SPI mode #29
Comments
Thanks @thurber, we are on it. |
I had to be honest, although Hazelcast offers a great architecture design to my application, it have turned my life into a nightmare. Most of time I really can't trust the documentation you guys write. Other times stuffs just stop to work... |
* fixes for hazelcast-aws Github issues #29 and #22 * fixes for checkstyle errors * fixes for checkstyle errors * extended strategy factory tests * removed Configuration to AwsConfig * Configuration fixes, we now allow w/out any creds, or iam-role defined in config file. * missing default value for timeout added
Documentation is correct, "access-key", "secret-key", "iam-role" are optional. This is a bug introduced while implementing Discovery SPI hazelcast-aws. @thurber Thanks for reporting, it'd be appreciated if you could give a try to 2.0.2-SNAPSHOT |
Thanks for the update @emrahkocaman! Unfortunately my instances can no longer discover each other with the 2.0.2-SNAPSHOT provided above, regardless of including the settings or not (although I no longer receive errors for omitting them). For reference, here's the relevant piece of my config xml that worked with 2.0.1: ...
<join>
<tcp-ip enabled="false"></tcp-ip>
<multicast enabled="false"/>
<aws enabled="false" />
<discovery-strategies>
<discovery-strategy enabled="true" class="com.hazelcast.aws.AwsDiscoveryStrategy">
<properties>
<property name="access-key">not-needed</property>
<property name="secret-key">not-needed</property>
<property name="iam-role">aws-elasticbeanstalk-ec2-role</property>
<property name="region">us-west-2</property>
<property name="tag-key">my-tag-key</property>
<property name="tag-value">my-tag-value</property>
</properties>
</discovery-strategy>
</discovery-strategies>
</join>
... With 2.0.2-SNAPSHOT, I tried:
I did not try:
|
@thurber Hi, Could you please share hazelcast logs on each EC2 instances? |
Sure thing, see below for four log files -- two from instances in the working case with 2.0.1, and two from instances in the non-working case with 2.0.2-Snapshot. Let me know if I should set a more informative logging level. Also note that the application is running inside a docker container on each instance. Non-Working Case (2.0.2-SNAPSHOT):
Instance 2:
Working Case (2.0.1):
Instance 2
|
@thurber Hi, Is there any specific reason to use directly Docker on EC2 host rather than AWS ECS? Moreover, is it possible to check below items on your environment? <interfaces enabled="true">
<interface>10.0.*.*</interface>
</interfaces> Please note that 3] Please make sure that 2.0.2-SNAPSHOT is accessible with
or you can check here please let us know, if further help or support is required. thanks in advance. |
@lazerion Ack sorry about that, noob mistake: I wasn't setting the snapshot jar into the classpath correctly. It works like a charm now, thanks! I am able to avoid needing |
Hi! When do you plan to release 2.0.2? Thanks! |
Hi @destebanm , |
Thanks for the info @mesutcelik |
The documentation implies that the "access-key", "secret-key", and "iam-role" properties are optional and that Hazelcast can fallback to using the role and credentials assigned to the EC2 instance. This would be ideal so that I do not need to hardcode these values into my hazelcast.xml.
However, when I try to run a hazelcast cluster without these properties, startup will fail with an error stating that "access-key" property is required, or that "access-key" property cannot be blank.
Is there a way I can omit these configurations, or are they actually required?
Thanks for your help!
The text was updated successfully, but these errors were encountered: