#Cannot reach my deployed Phoenix server on AWS ECS

So, what I have:

• Successfuly deployed elixir server on AWS ECS (I can see logs, attached)
• Runtime config as

  host = System.get_env("PHX_HOST") || "example.com"
  port = String.to_integer(System.get_env("PORT") || "4000")

  config :platform, :dns_cluster_query, System.get_env("DNS_CLUSTER_QUERY")

  config :platform, PlatformWeb.Endpoint,
    url: [host: host, port: 443, scheme: "https"],
    http: [
      ip: {0, 0, 0, 0},
      port: port
    ],
    secret_key_base: secret_key_base

When I ssh to another machine in the same private network, I cannot reach my phoenix app via curl

curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X GET http://10.0.2.173:4000
curl: (28) Failed to connect to 10.0.2.173 port 4000: Connection timed out

It basically hangs for 1 minute and then connection timeout.

I'm pretty sure something is wrong here, maybe with ports, but would be happy to hear some ideas.

Your AWS hasn't got PHX_HOST set and likely SYSTEM_PORT. It's trying to load example.com, looks like?... Hopefully someone better versed in Phoenix can help but that's just at a glance from me.

As I understood https://example.com is just there to generate links inside phoenix app. I don't have any UI/html yet, only one health-check json endpoint

Try setting it to the server's address, might work.

Also, how are you starting it? As a release? Are you using the ./server call or something else?

You might be missing the server: true config

I auto-generated docker file from Phoenix deployment guides, and build image from it

Should I maybe expose here in dockerfile 4000 port? 🤔

No, but have you eliminated the possibility that your machine you curled from can't access the machine that Phoenix is hosted on?

yes, I can access other machines in the ECS cluster that are in same network

Only phoenix one that is deployed is hanging

And you're sure the environment is correct? You shouldn't be getting logs with example.com.

This is only for URL generation, I think we can neglect it. In any case I tried to change url to http://0.0.0.0:4000, but nothing changed

I tried btw server: true and I think it anyway by default included in server bash file, but no success

Yeah, it's definitely work if you got that log line

Dumb question: there's no way for you to check whether or not the Phoenix app is up from the machine that's running it right?

I would imagine it would be kinda pointless, you would be going into the container itself.

Well, the logs showing that it is booted 🤷‍♂️ Machine records all stdout, so if it would crash I assume it will be in logs

The fact that it times out tells me that it isn't a problem with Phoenix though

Fun fact, the same exact image I run locally and everything works

if you haven't changed anything, and just did a simple endpoint, it should have logged something.

Yes, I feel the same. Some network config is missing somewhere

Yeah, which is why I can't help to suspect there's something off with the network possibily

The request has disappeared to the AWS clouds, never to be seen again

When you run it locally does the log message with "Access PlatformWeb.Endpoint at ..." continue with "example.com"?

Yes,

But still accessible under localhost/0.0.0.0:4000

Have you enabled inbound traffic on port 4000?
https://stackoverflow.com/a/10454688

EC2 might be relevant? Don't know AWS but the idea is the same.

I use same terraform script/config as I use for other services, so 4000 port that I specified in config should be open

Does your Dockerfile have any EXPOSE mentions?

Just added 30 min back, but still no success

src: https://www.mend.io/free-developer-tools/blog/docker-expose-port/

Maybe exposing both will help, I'm just spitballing.

Finally

Sorry, was my bad. As we though some small mistake in network configurations

@kind sun you was right, apparently for inbound rules in my claster I was allowing only ports above 8000 😅

So 4000 was rejected by security group all the time

I have a beer in hand, mate. Congratulations!