18

I am getting connection timeout from EC2 trying to connect to AWS Elasticache.

I launched a 1-node elasticache cluster I launched an EC2 instance, made sure availability zone was the same as the cluster, us-west-2b

I did not create a new VPC. I see one is already created.

I ran a nslookup on my elasticache endpoint. It looks like a different /20 than my ec2.

I looked through the documentation and the ec2 launch and did not see where I can specify the subnet, except the availabilty zone.

stampede76
  • 1,521
  • 2
  • 20
  • 36
  • My elasticache IP is 172.31.36.xxx . In EC2, my only available subnets are 172.31.0.0/20, 172.31.16.0/20 and 172.31.32.0/20 ??? – stampede76 Mar 23 '16 at 03:14
  • 1
    Questions on professional server- or networking-related infrastructure administration are off-topic for Stack Overflow unless they directly involve programming or programming tools. You may be able to get help on [Server Fault](http://serverfault.com). – kaylum Mar 23 '16 at 03:18

3 Answers3

19

I think the problem is about security groups of your instance.

To the best of my knowledge you need to allow the traffic on the security group associated to your EC2 instance.

If you are using memcached the port is 11211 if redis the port is 6379

Try to have a look to the AWS official documentation.

http://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/GettingStarted.AuthorizeAccess.html

I hope this helps somehow.

Maurizio Benedetti
  • 3,557
  • 19
  • 26
  • In your Redis cluster properties you have a reference to the Security Group. Copy it. In our EC2 instance you also have a Security Group. You should edit this Security Group and add the ID of the Redis Security Group as CIDR in the outbound connections + the port 6379. This way the two Security Groups are linked and the connection can be established. – Slawa Jun 11 '19 at 12:18
11

Actually solution is to add security group to elasticache cluster, and this security group should allow 6379 port. enter image description here

Taras Vaskiv
  • 2,215
  • 1
  • 18
  • 17
  • I had VPC setup, on the same network, could connect to redis on my local through OpenVPN and it was still timing out on ECS. Added the ECS security group to elasticache and it started working. – locrizak Jan 30 '21 at 18:07
  • @locrizak how did you do it? I can't seem to be able to add a security group to my ECS or Elasticache cluster – Jeffery ThaGintoki Apr 18 '21 at 08:37
9

First, check the instance security group and check port 6379 is allowed in Inbound.

After that, check your default VPC security group and add inbound rule Custom TCP Rule-6379-Anywhere and save.

I hope this will fix the issue.

Manjunath Bilwar
  • 2,215
  • 19
  • 16