【发布时间】:2019-04-10 08:05:15
【问题描述】:
我有一个 EMR,它在 eu-west-1 私有子网中旋转。我在路由表中为 S3 定义了一个网关端点。我必须访问 AWS 公开的这个 public 存储桶/位置:s3://us-east-1.elasticmapreduce/libs/script-runner/script-runner.jar,它给出了以下错误。我认为这是因为不允许通过网关端点进行跨区域访问。 我可以访问同一地区的其他存储桶。是否有解决方法来访问它,也许通过 NAT?路由表已经有一个 NAT,但请求不知何故没有通过它。
2019-04-10T05:17:06.849Z INFO Ensure step 1 jar file s3://us-east-1.elasticmapreduce/libs/script-runner/script-runner.jar
INFO Failed to download: s3://us-east-1.elasticmapreduce/libs/script-runner/script-runner.jar
java.lang.RuntimeException: Error whilst fetching 's3://us-east-1.elasticmapreduce/libs/script-runner/script-runner.jar'
at aws157.instancecontroller.util.S3Wrapper.fetchS3HadoopFileToLocal(S3Wrapper.java:412)
at aws157.instancecontroller.util.S3Wrapper.fetchHadoopFileToLocal(S3Wrapper.java:351)
at aws157.instancecontroller.master.steprunner.HadoopJarStepRunner$Runner.<init>(HadoopJarStepRunner.java:243)
at aws157.instancecontroller.master.steprunner.HadoopJarStepRunner.createRunner(HadoopJarStepRunner.java:152)
at aws157.instancecontroller.master.steprunner.HadoopJarStepRunner.createRunner(HadoopJarStepRunner.java:146)
at aws157.instancecontroller.master.steprunner.StepExecutor.runStep(StepExecutor.java:136)
at aws157.instancecontroller.master.steprunner.StepExecutor.run(StepExecutor.java:70)
at aws157.instancecontroller.master.steprunner.StepExecutionManager.enqueueStep(StepExecutionManager.java:248)
at aws157.instancecontroller.master.steprunner.StepExecutionManager.doRun(StepExecutionManager.java:195)
at aws157.instancecontroller.master.steprunner.StepExecutionManager.access$000(StepExecutionManager.java:33)
at aws157.instancecontroller.master.steprunner.StepExecutionManager$1.run(StepExecutionManager.java:94)
Caused by: com.amazonaws.AmazonClientException: Unable to execute HTTP request: connect timed out
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:618)
at com.amazonaws.http.AmazonHttpClient.doExecute(AmazonHttpClient.java:376)
at com.amazonaws.http.AmazonHttpClient.executeWithTimer(AmazonHttpClient.java:338)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:287)
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:3826)
at com.amazonaws.services.s3.AmazonS3Client.getObject(AmazonS3Client.java:1143)
at com.amazonaws.services.s3.AmazonS3Client.getObject(AmazonS3Client.java:1021)
at aws157.instancecontroller.util.S3Wrapper.copyS3ObjectToFile(S3Wrapper.java:303)
at aws157.instancecontroller.util.S3Wrapper.getFile(S3Wrapper.java:287)
at aws157.instancecontroller.util.S3Wrapper.fetchS3HadoopFileToLocal(S3Wrapper.java:399)
... 10 more
【问题讨论】:
-
如果你已经有一个 NAT 网关,那么它应该自动处理这个流量。
Unable to execute HTTP request: connect timed out暗示 NAT 网关配置错误 - 未包含在路由表中,或者可能部署在它打算服务的同一子网上,这是不正确的。 S3 网关端点永远不会尝试路由跨区域流量。 -
@Michael-sqlbot 是的,它部署在它应该服务的同一子网中。这是怎么回事?
-
NAT 网关必须位于公共子网中,该子网路由表的默认路由指向 Internet 网关。如果部署在它所服务的子网中,当 NAT 网关尝试访问 Internet 时,它的传出流量会直接返回到它自己,因为子网的默认路由指向 NAT 网关。
-
@Michael-sqlbot 谢谢!请转换为答案。
标签: amazon-s3 amazon-emr amazon-vpc vpc private-subnet