Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Websocket with Tomcat 7 on AWS Elastic Beanstalk

I'm trying to run a simple websocket echo application on Elastic Beanstalk. But if I run it I'm getting an error 400 on the Socket Upgrade from Tomcat, but this just happens on port 80 if I pass port 8080 thought the loadbalancer I can access the websocket without the error 400 on socket upgrade (on port 8080). Port 8080 and Port 80 are both on TCP not HTTP.

My question is who is doing the translation from 80 to 8080 as the default configuration on the loadbalancer just pass traffic from 80 to 80. The translation has to be on the EC2 instance. IPTables? In this translation something goes wrong.

It would be nice to get some inforamtion from amazon on how this traffic is routet.

like image 389
patrick Avatar asked Aug 27 '13 08:08

patrick


1 Answers

The solution is to configure the Loadbalacer to connect directly to the Tomcat:

Resources:
  AWSEBSecurityGroup:
    Type: "AWS::EC2::SecurityGroup"
    Properties:
      GroupDescription: "Security group to allow HTTP, SSH and 8080 for all"
      SecurityGroupIngress:
        - {CidrIp: "0.0.0.0/0", IpProtocol: "tcp", FromPort: "80", ToPort: "80"}
        - {CidrIp: "0.0.0.0/0", IpProtocol: "tcp", FromPort: "8080", ToPort: "8080"}
        - {CidrIp: "0.0.0.0/0", IpProtocol: "tcp", FromPort: "22", ToPort: "22"}
  AWSEBLoadBalancer:
    Type: "AWS::ElasticLoadBalancing::LoadBalancer"
    Properties:
      Listeners:
        - {LoadBalancerPort: 443, InstanceProtocol: "TCP", InstancePort: 8080, Protocol: "SSL", SSLCertificateId: "arn:aws:iam::9999999999999:server-certificate/sslcert"}
        - {LoadBalancerPort: 80, InstanceProtocol: "TCP", InstancePort: 8080, Protocol: "TCP"}
      AppCookieStickinessPolicy:
        - {PolicyName: "lb-session", CookieName: "lb-session"}
      HealthCheck:
        HealthyThreshold: "3"
        Interval: "30"
        Target: "HTTP:8080/ping.html"
        Timeout: "5"
        UnhealthyThreshold: "5"
  1. Create a folder called .ebextensions in the WEB-INF folder Maybe in newer Version the .ebextensions has to be in the root folder, can somebody confirm this?
  2. Create a file called websocket.config in this folder with the content from above
  3. Deploy the application
  4. Rebuild the environment

For a setup without SSL remove this:

 - {LoadBalancerPort: 443, InstanceProtocol: "TCP", InstancePort: 8080, Protocol: "SSL", SSLCertificateId: "arn:aws:iam::9999999999999:server-certificate/sslcert"}

Or replace Apache by Nginx and configure Niginx to support WebSocket

like image 151
patrick Avatar answered Oct 15 '22 22:10

patrick