Can't connect two Nodes on two machines in AWS

[YouNNN]

Using centOS 7 on ec2 instances with the latest quorum-maker.
Wanted to connect a Node from instance A with a Node from instance B with the "join network" task.
I configured the Network-Node and can access the webinterface.

Node A:
Please select an option:

1. Create Network
2. Join Network
3. Attach to an existing Node
4. Setup Development/Test Network
5. Exit
   option: 1
   Please enter node name: nodename1
   Please enter IP Address of this node: myip
   Please enter RPC Port of this node[Default:22000]:
   Please enter Network Listening Port of this node[Default:22001]:
   Please enter Constellation Port of this node[Default:22002]:
   Please enter Raft Port of this node[Default:22003]:
   Please enter Node Manager Port of this node[Default:22004]:
   Please enter WS Port of this node[Default:22005]:

---

Successfully created and started nodename1
You can send transactions to myip:22000
For private transactions, use pTRZo0CoFY8z8Og977Il8EJt7NkIQe0zETP6rLEPmW8=
For accessing Quorum Maker UI, please open the following from a web browser http://localhost:22004/
To join this node from a different host, please run Quorum Maker and choose option to run Join Network
When asked, enter myip for Existing Node IP and 22004 for Node Manager Port

---

{"level":"info","msg":"Node Manager listening on :22004...","time":"2018-10-02T09:56:19Z"}
{"level":"info","msg":"Deploying Network Manager Contract","time":"2018-10-02T09:56:20Z"}
{"level":"info","msg":"Adding whitelisted IPs","time":"2018-10-02T09:56:23Z"}
^C{"level":"info","msg":"Node Manager Shutting down","time":"2018-10-02T10:13:19Z"}

Node B:
Please select an option:

1. Create Network
2. Join Network
3. Attach to an existing Node
4. Setup Development/Test Network
5. Exit
   option: 2
   Please enter node name: noden12
   Please enter IP Address of existing node: myip
   Please enter Node Manager Port of existing node: 22004
   Please enter IP Address of this node: myotherip
   Please enter RPC Port of this node[Default:22000]:23000
   Please enter Network Listening Port of this node[Default:23001]:
   Please enter Constellation Port of this node[Default:23002]:
   Please enter Raft Port of this node[Default:23003]:
   Please enter Node Manager Port of this node[Default:23004]:
   Please enter WS Port of this node[Default:23005]:

Join Request sent to myip. Waiting for approval...

and then it gets stuck and times out. I don't get a notification for a approval. is this an error with docker and ports on the instance?
Edit: There is no file in qdata/logs, so I don't know whats the error.

[karthik137]

Check your docker container. Do

$docker ps -a

Check container status. If it is running then do
$ netstat -pnat | grep listen

Check rpc and nodemanager status.

Can u please post the logs?

[YouNNN]

Hey! :)
so the Node, wich is hosting:
docker ps -a
WARNING: Error loading config file:/home/uib05246/.docker/config.json - invalid character 'G' looking for beginning of value
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
221e4b8e98e8 syneblock/quorum-maker:2.1.0_2.5 "./start_continent..." 16 seconds ago Up 14 seconds 0.0.0.0:22000-22005->22000-22005/tcp, 0.0.0.0:22001->22001/udp continent
cad60dec9b0b hello-world "/hello" 50 minutes ago Exited (0) 50 minutes ago

the Node wich is trying to connect:
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
eac1cacf17d6 syneblock/quorum-maker:2.1.0_2.5 "node/pre_start_ch..." 7 seconds ago Up 7 seconds youthful_mirzakhani
f0d4b587e16e ubuntu "/bin/bash" About an hour ago Exited (0) 42 minutes ago webserver
70d58c52c832 hello-world "/hello" 24 hours ago Exited (0) 24 hours ago condescending_dijkstra

(I'm sorry for the layout..)

When I do "netstat -pnat | grep listen", I get "(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)" so I ran it with sudo, then I get no output at all...

[karthik137]

Sorry it was my fault listen should be in caps
$ netstat -pnat | grep LISTEN

Looks like your node manager is down. Do one thing. Start the second machine(Node which is trying to connect) by executing start.sh script. Then do
$ docker exec -it {container_id} bash

root@{container_id}: /home/node/
root@{container_id}: /home/node/qdata# cd qdata

root@{container_id}: /home/node/qdata#

You should be able to see geth.ipc in qdata directory. If it is there then execute the following command.

root@{container_id}: /home/node/qdata# geth attach geth.ipc

admin.addPeer({enodeAddress of other machine});

Then check your peers from the geth console.

admin.peers

[karthik137]

You can get enode address from quorum maker dashboard. Go to the first aws instance dashboard -->

http://{your_first_AWS_IP}:22004

click on active nodes tab and check the enode address.

[karthik137]

One more thing... Did you add rule for NodeManager Port and Constellation port?. If rule is not added then it will never connect. Go to AWS Dashboard and add rules for your ports. Add inbound and outbound rule for the ports.

[YouNNN]

Okay so I did the "netstat -pnat | grep LISTEN:
Node which is hosting:
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3389 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:3350 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp6 0 0 ::1:25 :::* LISTEN -
tcp6 0 0 :::111 :::* LISTEN -
tcp6 0 0 :::22000 :::* LISTEN -
tcp6 0 0 :::22001 :::* LISTEN -
tcp6 0 0 :::22002 :::* LISTEN -
tcp6 0 0 :::22003 :::* LISTEN -
tcp6 0 0 :::22004 :::* LISTEN -
tcp6 0 0 :::22005 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -

and Node which is trying to connect:
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1249/master
tcp 0 0 0.0.0.0:3389 0.0.0.0:* LISTEN 1302/xrdp
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 730/rpcbind
tcp 0 0 127.0.0.1:3350 0.0.0.0:* LISTEN 1301/xrdp-sesman
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1312/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1085/cupsd
tcp6 0 0 ::1:25 :::* LISTEN 1249/master
tcp6 0 0 :::111 :::* LISTEN 730/rpcbind
tcp6 0 0 :::22 :::* LISTEN 1312/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1085/cupsd

[YouNNN]

One more thing... Did you add rule for NodeManager Port and Constellation port?. If rule is not added then it will never connect. Go to AWS Dashboard and add rules for your ports. Add inbound and outbound rule for the ports.

I did that manually through the centOS with -p port:port when I set up the Node, if thats what you mean.
Therefor I edited the setup.sh:
docker run -p 22000:22000 -p 22001:23001 -p 22002:22002 -p 22003:22003 -p 22004:22004 -p 22005:22005 .......

Sorry it was my fault listen should be in caps
$ netstat -pnat | grep LISTEN

Looks like your node manager is down. Do one thing. Start the second machine(Node which is trying to connect) by executing start.sh script. Then do
$ docker exec -it {container_id} bash

root@{container_id}: /home/node/
root@{container_id}: /home/node/qdata# cd qdata

root@{container_id}: /home/node/qdata#

You should be able to see geth.ipc in qdata directory. If it is there then execute the following command.

root@{container_id}: /home/node/qdata# geth attach geth.ipc

admin.addPeer({enodeAddress of other machine});

Then check your peers from the geth console.

admin.peers

Unfortunately there is no geth.ipc... only directory geth, keystore and logs

[karthik137]

I did that manually through the centOS with -p port:port when I set up the Node, if thats what you mean.
Therefor I edited the setup.sh:
docker run -p 23000:23000 -p 23001:23001 -p 23002:23002 -p 23003:23003 -p 23004:23004 -p 23005:23005 .......

No i am not talking about docker. See your first machine works fine because it is not connecting to any other machine. Your second machine will first send join request to first machine then it will start downloading transactions...

I did that manually through the centOS with -p port:port when I set up the Node

Did you setup ec2 machines on your own?. Please refer this [(https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/authorizing-access-to-an-instance.html)]

If you did not setup the ec2 instance then ask your administrator to add inbound and outbound rules for the ports. Its not docker thing. It is firewall issue.

You have to add the rule from amazon ec2 dashboard. Please contact your EC2 administrator or whoever had setup ec2 instances for you....

In your case ports which are used for quorum maker does not accept connections from outside(firewall issue).

Unfortunately there is no geth.ipc... only directory geth, keystore and logs

Yes it won't come up in your second machine because its join request was not accepted due to firewall issues.

[YouNNN]

You are completly right, I didn't set up these instances and I thought the same and wrote an email to the administrator. I hope he can add these rules. Thank you very much for you help that far, I'll wait for the rules to be set and try again. :)

[karthik137]

Ok. :)

[karthik137]

Hey did it work?.

[YouNNN]

Hey I'm still waiting for the admin to open the ports...

[YouNNN]

It worked perfectly! Thank you very much!

[karthik137]

Ok .... Welcome :)