-
Notifications
You must be signed in to change notification settings - Fork 848
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SQS calls times out on EC2 with .NET, not boto3 #1339
Comments
I was hoping this was a VPC Endpoint issue, but I don't think it is if you are succeeding with Boto. Which EC2 instance type are you using? |
I was hoping that too, and I can't say for sure that it isn't an error from our side. We have VPC endpoints for SQS, so that should be set up correctly. Our deployments are using AWS Fargate, but once I deployed to our staging environment I noticed that these calls began to fail. So I set up an EC2 (t3.medium) to debug it further (i.e. it's not just a problem on our EC2 instance). I've tried both with the implicit auth (through the metadata endpoint and the EC2 IAM role) as well as providing access and secret keys. Both fails. I've also tried using several of the VPC SQS endpoints we have. Again, everything works perfectly local, so we only experienced the problem when deployed to AWS. I'm not sure if boto3 does something else behind the scenes, but it really seems odd that this works. |
I'm not sure what boto3 does, but it gets a valid address for the endpoint from somewhere. Pinging the two VPC endpoints doesn't result in anything:
I tried sniffing the boto3 calls, and it immediately calls an IP address. This is a valid SQS endpoint. How does it resolve this? Running the aws sqs cli command with this IP works perfectly:
I still cannot run the .NET call with that IP. It throws: If I use the legacy endpoint (eu-west-1.queue.amazonaws.com), it works PERFECTLY in the .NET SDK:
|
Thanks for that extra info. I'm not sure why the legacy endpoint would be working and the new format isn't, but that should be very helpful in the investigation. |
This issue has not recieved a response in 2 weeks. If you want to keep this issue open, please just leave a comment below and auto-close will be canceled. |
I'm using the .NET AWS SDK for receiving messages on SQS, and I am experiencing some issues.
The call consistently times out on my EC2 instance, but works fine locally.
My EC2 uses IAM role based authentication on the instance whereas locally I use AWS tokens. I've tried AWS tokens on the AmazonSQSClient as well on the EC2, and it's still timing out. So I don't think it's an issue of receiving the permissions.
I run .NET Core in a Docker container, and it has access to the metadata endpoint for getting the IAM info:
On the EC2, when I use boto3 do run the same operations, it works perfectly. So it's isolated to the .NET Core implementation.
.NET Core (works locally,but not on EC2):
Output:
Boto3 (works locally and on EC2):
Output:
Any ideas on what can cause this? I don't think it's an issue resolving the URL, as I have it working in Boto3?
The text was updated successfully, but these errors were encountered: