I'm working on an app that has multiple services, but I'll simplify things by focusing on two services, Service A and Service B. They communicate well over HTTP on my local Windows network using localhost, Wi-Fi IP, and public IP. However, when I move this to an EC2 instance, the only way they can connect is through the EC2's public IP on specific ports. No other methods, like using 'lo' or 'eth0', seem to work. Has anyone faced a similar issue? I really appreciate any advice you can offer!
4 Answers
It might not be the main issue, but don't forget to check the operating system's firewall settings. Sometimes that's overlooked, and it could be blocking the connections you're trying to establish.
You should consider putting both services in a private subnet and placing an Application Load Balancer (ALB) in front of it. Adjust the security group settings to allow traffic between your instances and expose the services via the ALB in the public subnet. That should simplify things for you.
It sounds like a security group issue. Ensure that the security group for the instance running Service A allows inbound traffic from the security group for Service B. Also, remember to connect using the private IP or DNS hostname—make sure your DNS is set up correctly to resolve to the private IP, not the public one. Using AWS's default network routes and NACLs can help until you're more familiar with configurations. If you're still stuck, try the VPC Reachability Analyzer to figure out what's blocking the connection.
If your services are in different subnets, double-check the routing table to see if it's been altered. If they're on the same subnet, verify that the security groups for each instance allow traffic between them. Also, if you’re using multiple network interfaces, confirm which ones your services are binding to, as this can impact subnet communication. Lastly, it's worth checking if your instances are set to use IPv6 internally while you're troubleshooting using IPv4.
Just to clarify, are you suggesting that both services should run on the same EC2 instance or on separate instances?