I'm trying to use the stock "Ubuntu elastic image" inside of a VPC/Subnet with no outbound Internet connectivity (ie no IGW).
The logs show that it's failing though they don't clearly indicate what traffic I need to allow:
ec2-user@ip-x-x-x-x:~$ tail -fn900 /home/bamboo/bamboo-elastic-agent.out
2015-11-03 01:59:41,893 INFO [main] [S3Sync] Syncing from: bamboo-agent-release-ap-se2/5.9.7/b3f798xxx/ to /opt/bamboo-elastic-agent
2015-11-03 01:59:45,605 INFO [main] [S3Utils] Syncing s3://bamboo-agent-release-ap-se2/5.9.7/b3f798xxx/ to /opt/bamboo-elastic-agent
2015-11-03 01:59:45,606 INFO [main] [AmazonClients] Detecting bucket location for [bamboo-agent-release-ap-se2]
2015-11-03 02:00:16,500 INFO [main] [AmazonHttpClient] Unable to execute HTTP request: connect timed out
java.net.SocketTimeoutException: connect timed out
After reading the following question https://answers.atlassian.com/questions/31678612/what-outbound-traffic-requirements-does-bamboo-have-for-its-elastic-bamboo-feature I'm assuming we'll need something like this allowed out from the agent:
*.amazonaws.com
# or maybe *.s3.ap-southeast-2.amazonaws.com
# or maybe foo.s3.ap-southeast-2.amazonaws.com
I'm not clear however on the exact requirement, i.e:
- What endpoints do I need to allow out (all aws, all s3, just one particular s3 bucket?)
- Is just http, or just https, or both required?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.