池连接超时 - 从 EC2 连接到 AWS RDS
[英]Pool connection timeout - connecting to AWS RDS from EC2
问题描述
I am trying to connect to an Amazon RDS (Postgres) instance from an EC2 server via a NodeJS application using the pg npm package.
我正在尝试使用 pg npm 包通过 NodeJS 应用程序从 EC2 服务器连接到 Amazon RDS (Postgres) 实例。 The error I am receiving an error (note i'm hitting my node backend via a react app): OPTIONS /users/login 200 0.424 ms - 2 Error fetching client from pool Error: Connection terminated due to connection timeout我收到错误的错误(注意我正在通过反应应用程序访问我的节点后端): OPTIONS /users/login 200 0.424 ms - 2 Error fetching client from pool Error:连接因连接超时而终止
I have tested the app locally and everything works perfectly (including connecting to RDS), but as soon as I run the app on the server I can't connect.我已经在本地测试了该应用程序并且一切正常(包括连接到 RDS),但是一旦我在服务器上运行该应用程序,我就无法连接。
To simplify the problem, I have just typed my credentials explicitly into the NodeJS route file so I know there's no issues with environment variables etc. I then pushed my code to the server, pulled it as-is, and ran it.为了简化问题,我刚刚在 NodeJS 路由文件中明确输入了我的凭据,所以我知道环境变量等没有问题。然后我将我的代码推送到服务器,按原样提取并运行它。 No luck.没运气。 From a connection perspective, I just create a pool (require pool from pg) and then use pool.connect and client.query to make the request.从连接的角度来看,我只是创建了一个池(需要来自 pg 的池),然后使用 pool.connect 和 client.query 来发出请求。
I feel like given that it works locally that the issue is an AWS one with my networking/security groups, but I feel like I have tried everything:我觉得考虑到它在本地工作,问题是我的网络/安全组的 AWS 问题,但我觉得我已经尝试了一切:
- Ensured the db is set to public确保数据库设置为公共
- Created a fresh security group and added it to EC2 and to RDS创建一个新的安全组并将其添加到 EC2 和 RDS
- Completely opened the ports (inbound and outbound)完全开放端口(入站和出站)
- Created a VPC and added to both EC2 and RDS创建 VPC 并添加到 EC2 和 RDS
- Checked the inbound/outbound are open on the VPC subnet NACL检查入站/出站是否在 VPC 子网 NACL 上打开
Any help would be much appreciated.任何帮助将非常感激。 I am going insane我快疯了
1 个解决方案
解决方案1
1 2020-09-08 12:27:45
Connect to your server and try to debug the connection with telnet or a PostgreSQL client.连接到您的服务器并尝试使用 telnet 或 PostgreSQL 客户端调试连接。
The most common mistakes for this error are:此错误最常见的错误是:
- RDS Security Group does not allow incoming connections from your VPC range or for the public EC2 server IP (in the case of a public database). RDS 安全组不允许来自您的 VPC 范围或公共 EC2 服务器 IP(在公共数据库的情况下)的传入连接。
- RDS subnet does not allow outgoing connections in NACL. RDS 子网不允许在 NACL 中进行传出连接。 Keep in mind that only the first connection occurs in the port you define in RDS, the other connections occur on other ports;请记住,只有第一个连接发生在您在 RDS 中定义的端口上,其他连接发生在其他端口上; but I think this is not your case once you said you could connect locally.但我认为一旦你说你可以在本地连接,这不是你的情况。
- RDS Route Table doesn't allow connections from outside the VPC. RDS 路由表不允许来自 VPC 外部的连接。 But, again, I think that's not your case.但是,再一次,我认为这不是你的情况。
- EC2 Security Group does not allow outgoing connections to the RDS. EC2 安全组不允许与 RDS 的传出连接。 This case is a little trickier but it can happen if you don't set the SG properly.这种情况有点棘手,但如果您没有正确设置 SG,就会发生这种情况。
- The last case is that your EC2 server subnets do not allow connections to the internet.最后一种情况是您的 EC2 服务器子网不允许连接到 Internet。 You said that you can connect locally, so I imagine that your RDS is properly set to allow public connections;你说你可以本地连接,所以我想你的RDS是正确设置为允许公共连接的; however, you can have the case that you didn't connect an Internet Gateway or a NAT Gateway in your EC2 server Route Table or didn't properly configure the NACL to allow inbound/outbound connections from the internet.但是,您可能会遇到这样的情况:您没有在 EC2 服务器路由表中连接 Internet 网关或 NAT 网关,或者没有正确配置 NACL 以允许来自 Internet 的入站/出站连接。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.