How to set up consumer in Azure Container Instances using python qpid proton

gsirigu
gsirigu Member Posts: 4
edited June 2022 in General Discussions #1

Hi all,

I have been trying to deploy a consumer as an Azure Container Instance implemented in python, which uses qpid proton. When running the Docker image locally it works without any issue, however when deploying the image as an ACI, I obtain the following error:

```2022-06-03T16:05:19UTC ERROR: proton - Couldn't connect: 110

2022-06-03T16:05:19UTC ERROR: proton - proton.pythonio: Connection error: 110```

Am I missing some network settings when creating the ACI or is there a best practice to follow?

Thanks!

Tagged:

Answers

  • TomF
    TomF Member, Employee Posts: 409 Solace Employee

    Hi @gsirigu,

    The first thing to do in a case like this is check there's a network connection from your ACI to your broker. Where is your broker hosted? In your Azure subscription? Solace Cloud? Your local machine?

    You say "when running the Docker image locally" which makes me think you might be running your broker on your local machine, but I can't be sure. In any case, perhaps a good test would be to create an ACI with an OS installed so that you can open a command line in the ACI and probe the network connection to your broker. My way of doing this:

    1. Create a linux ACI and make sure it contains the "nc" tool.
    2. Run the ACI, open an ssh to it and run nc to your broker (e.g. nc <broker-ip> 55555). You should see the connection start

    If you can't create a network connection to the broker, you'll need to check your network settings. In Azure, does your ACI have firewall permissions to access the broker?

  • gsirigu
    gsirigu Member Posts: 4
    edited June 2022 #3

    Hi @TomF,

    Thank you for your reply and I'm sorry I wasn't more clear in my question - the broker is deployed in Azure. What I meant by "when running the Docker image locally" was the Docker image of the application that consumes data from Solace using the AMQP endpoint, which is the same image I then deployed to ACI.

    I have whitelisted the IP of the ACI in the Azure firewall and in the broker ACL, but it still did not connect successfully. I will try probing the network connection from ACI and see what happens.

    Thanks,

    Giuseppe

  • Tamimi
    Tamimi Member, Administrator, Employee Posts: 529 admin

    Hey @gsirigu do you still have this issue? And if you solved it what was the solution?

  • gsirigu
    gsirigu Member Posts: 4
    edited June 2022 #5

    @Tamimi I still have this issue - unfortunately I did several tests but it seems that I cannot reach the Solace broker from the ACI, despite having whitelisted the IP in the firewall and ACL.

    I also tried connecting into the ACI instance and use telnet to try and reach the broker, but I get a timeout there too. Do you have any suggestion on how to approach this?

  • TomF
    TomF Member, Employee Posts: 409 Solace Employee

    Hmm, well, this is definitely a network issue. Do your ACI and broker have public IP addresses? If so, you could connect using those. How is the container group set up for networking - is it in the same subnet or virtual network as the broker?

  • gsirigu
    gsirigu Member Posts: 4

    Both broker and ACI have public IP address (the broker does not have a static IP, but unless I restart the ACI it should stay constant) - that's the one that I have whitelisted in the broker firewall. They are not in the same virtual network or subnet; they are even in different subscriptions at the moment. Is there a requirement in terms of ports that need to be activated in the ACI? I know that that's usually for inbound traffic to the ACI, but I was reading another post on this community regarding the fact of allowing traffic on certain ports