Riak Cluster Setup on EC2

Paco NATHAN ceteri at gmail.com
Sun Feb 6 20:35:31 EST 2011


I got my Riak cluster on EC2 set up last week, using a security group
based on what Sean described.

The lingering parts for me were:

   1. had to stop Riak, then kill "epmd", then start again

   2. initially I'd tried to use Elastic IP addr (to minimize config
if we move nodes) and that got stuck in my config causing nodes not
recognize each other -- until I used "reip" to change the ring name,
etc.

Otherwise, worked fine. FWIW, we're testing on m1.xlarge with Ubuntu


On Sun, Feb 6, 2011 at 16:20, Eamonn <eobrain at gmail.com> wrote:
> After a lot if unsuccessful fiddling around with ports I gave up and just
> opened up all ports between the Riak nodes.
>
> I suggest you set up a security group called "Riak" with settings something
> like the following:
>
>  Protocol | From Port | To Port | Source (IP or group)
>  ---------+-----------+---------+---------------------
>  tcp      | 1         | 65535   | Riak group
>  udp      | 1         | 65535   | Riak group
>  tcp      | 8098      | 8098    | WebServer group
>
> Although all the ports are open on the Riak nodes, it is still pretty secure
> because they are only open to nodes in the same security group, i.e. other
> Riak nodes.
>
> The only port open outside the Riak cluster is the default HTTP port, which
> is only open to nodes in the "WebServer" security group.  Change "WebServer"
>  to be the security group of whatever nodes are using Riak.  If you have
> changed the default or are using protocol buffers instead of HTTP you will
> have to change the port number.
>
> You may also want to add the SSH port to so that you can login, but I
> suggest using a cloud-init script to do all the Riak installation and
> initialization at node creation time, so in normal production use will not
> need to SSH into the nodes.
>
> __
> Eamonn
>
>
>
> On 2/4/11 9:00 AM, riak-users-request at lists.basho.com wrote:
>>
>> Date: Wed, 02 Feb 2011 21:33:20 +0530 From: Abhishek Kona
>> <abhishekk at flipkart.com> To: Sean Cribbs <sean at basho.com> Cc:
>> "riak-users at lists.basho.com" <riak-users at lists.basho.com> Subject: Re: Riak
>> Cluster Setup on EC2 Message-ID: <4D498048.3060005 at flipkart.com>
>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 02/02/11 8:38
>> PM, Sean Cribbs wrote:
>>>
>>> >  Abhishek,
>>> >
>>> >  First, make sure all of your nodes are in the same security group.
>>
>> Yes, both the machines are on the same security group ( which has only
>> the ports 8098, 8099, 8087).
>>>
>>> >      Second, check that your OS doesn't have an additional firewall
>>> > installed (iptables, for example).
>>
>> I can telnet into the Riak ports from each of the machines, so firewall
>> does not seem to be the issue.
>>>
>>> >     Third, you might consider doing what the Chef recipe for Riak does
>>> > and limit the ports that Erlang uses for distributed communication.  Adding
>>> > a section to app.config like the below will limit the port range:
>>> >
>>> >  {kernel, [
>>> >      {inet_dist_listen_min, 6000},
>>> >      {inet_dist_listen_max, 7999}
>>> >  ]}
>>> >
>>> >  You'll need to stop Riak, kill the "epmd" process, and then start Riak
>>> > up again for this change to take effect.  Make sure those ports are also
>>> > open in your security group and any software firewall you have.
>>> >
>>
>> Tried with these changes as well, but still get the same message.
>> Anything else, I can try?.
>> Thanks for the help.
>>>
>>> >  Sean Cribbs<sean at basho.com>
>>> >  Developer Advocate
>>> >  Basho Technologies, Inc.
>>> >  http://basho.com/
>>> >
>>> >  On Feb 2, 2011, at 8:47 AM, Abhishek Kona wrote:
>>> >
>>>>
>>>> >>  Hi folks
>>>> >>
>>>> >>  I am trying to set up a Riak cluster on EC2.
>>>> >>  Each time I issue a command :
>>>> >>
>>>> >>  $ sudo riak-admin joinriak at 10.130.149.253
>>>> >>
>>>> >>  It fails :
>>>> >>
>>>> >>  Attempting to restart script through sudo -u riak
>>>> >>
>>>> >>  Noderiak at 10.130.149.253  is not reachable!
>>>> >>
>>>> >>
>>>> >>  Netstat on both the machines says the ports are running fine.
>>>> >>
>>>> >>  netstat -na | egrep '(8087|8098|8099)'
>>>> >>
>>>> >>  tcp        0      0 0.0.0.0:8098            0.0.0.0:*
>>>> >> LISTEN
>>>> >>
>>>> >>  tcp        0      0 0.0.0.0:8099            0.0.0.0:*
>>>> >> LISTEN
>>>> >>
>>>> >>  tcp        0      0 0.0.0.0:8087            0.0.0.0:*
>>>> >> LISTEN
>>>> >>
>>>> >>
>>>> >>  I can telnet to all the ports from each of the machine.
>>>> >>  I have been pulling my hair for long but of no avail.
>>>> >>  Can any one look and tell me what I am doing wrong.
>>>> >>  Are there any debug logs where I can look at what is going wrong?
>>>> >>  Is there any EC2 specific trick (like using public hostnames).
>>>> >>
>>>> >>  I am attaching my app.cfg file for reference.
>>>> >>
>>>> >>  Thanks
>>>> >>  -Abhishek Kona
>>>> >>
>>>> >>  <app.cfg>_______________________________________________
>>>> >>  riak-users mailing list
>>>> >>  riak-users at lists.basho.com
>>>> >>  http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>>
>
>
> _______________________________________________
> riak-users mailing list
> riak-users at lists.basho.com
> http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com
>




More information about the riak-users mailing list