Unable to retrieve credentials from IAM Role

[pulpfree]

Hello:

I am using hazelcast 3.8 and follow the documents to set iam role for my hazelcast instance on Ec2 node. I created iam role and have it attached correct policy 'ec2:DescribeInstances'. But when I run the code, it throws exception "Unable to retrieve credentials from IAM Role". May I know how to resolve it?

If I just use accesskey and secretkey, my single instance can run, however, my another instance on the other Ec2 nodes can not join together.

May I know by using hazelcast api, how we run a cluster of few hazelcast instances across few Ec2 nodes, please?

Thanks.

[ih...@hazelcast.com]

Can you share stack trace? And logs if available.

Can you also share your configuration?

Regards,

ihsan

[pulpfree]

the previous exception is because I forgot to set iam to instance. However, after setting IAM to each instance. I still can not have client connect to server on different EC2 nodes. From the client log, it seems trying to connect to 127.0.0.1...

Server Node log,

Apr 21, 2017 9:09:19 PM com.hazelcast.instance.DefaultAddressPicker

INFO: [LOCAL] [ec2-euro-group] [3.8] Prefer IPv4 stack is true.

Apr 21, 2017 9:09:19 PM com.hazelcast.instance.DefaultAddressPicker

INFO: [LOCAL] [ec2-euro-group] [3.8] Picked [172.31.20.104]:5701, using socket ServerSocket[addr=/0:0:0:0:0:0:0:0,localport=5701], bind any local is true

Apr 21, 2017 9:09:19 PM com.hazelcast.system

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] Hazelcast 3.8 (20170217 - d7998b4) starting at [172.31.20.104]:5701

Apr 21, 2017 9:09:19 PM com.hazelcast.system

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] Copyright (c) 2008-2017, Hazelcast, Inc. All Rights Reserved.

Apr 21, 2017 9:09:19 PM com.hazelcast.system

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] Configured Hazelcast Serialization version : 1

Apr 21, 2017 9:09:19 PM com.hazelcast.spi.impl.operationservice.impl.BackpressureRegulator

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] Backpressure is disabled

Apr 21, 2017 9:09:20 PM com.hazelcast.instance.Node

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] Creating AWSJoiner

Apr 21, 2017 9:09:20 PM com.hazelcast.spi.impl.operationexecutor.impl.OperationExecutorImpl

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] Starting 2 partition threads

Apr 21, 2017 9:09:20 PM com.hazelcast.spi.impl.operationexecutor.impl.OperationExecutorImpl

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] Starting 3 generic threads (1 dedicated for priority tasks)

Apr 21, 2017 9:09:20 PM com.hazelcast.core.LifecycleService

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] [172.31.20.104]:5701 is STARTING

Apr 21, 2017 9:09:21 PM com.hazelcast.cluster.impl.TcpIpJoinerOverAWS

WARNING: [172.31.20.104]:5701 [ec2-euro-group] [3.8] No EC2 instances found!

Apr 21, 2017 9:09:21 PM com.hazelcast.system

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] Cluster version set to 3.8

Apr 21, 2017 9:09:21 PM com.hazelcast.cluster.impl.TcpIpJoinerOverAWS

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] 

Members [1] {

Member [172.31.20.104]:5701 - 10648feb-f37e-4fd5-8f7f-cf48004ef5b2 this

}

Apr 21, 2017 9:09:21 PM com.hazelcast.core.LifecycleService

INFO: [172.31.20.104]:5701 [ec2-euro-group] [3.8] [172.31.20.104]:5701 is STARTED

Apr 21, 2017 9:14:20 PM com.hazelcast.cluster.impl.TcpIpJoinerOverAWS

WARNING: [172.31.20.104]:5701 [ec2-euro-group] [3.8] No EC2 instances found!

Apr 21, 2017 9:16:20 PM com.hazelcast.cluster.impl.TcpIpJoinerOverAWS

WARNING: [172.31.20.104]:5701 [ec2-euro-group] [3.8] No EC2 instances found!

Apr 21, 2017 9:18:20 PM com.hazelcast.cluster.impl.TcpIpJoinerOverAWS

WARNING: [172.31.20.104]:5701 [ec2-euro-group] [3.8] No EC2 instances found!

Client Node log;

Apr 21, 2017 9:15:39 PM com.hazelcast.core.LifecycleService

INFO: hz.client_0 [ec2-euro-group] [3.8] HazelcastClient 3.8 (20170217 - d7998b4) is STARTING

Apr 21, 2017 9:15:39 PM com.hazelcast.core.LifecycleService

INFO: hz.client_0 [ec2-euro-group] [3.8] HazelcastClient 3.8 (20170217 - d7998b4) is STARTED

Apr 21, 2017 9:15:40 PM com.hazelcast.client.spi.impl.ClusterListenerSupport

INFO: hz.client_0 [ec2-euro-group] [3.8] Trying to connect to [127.0.0.1]:5702 as owner member

Apr 21, 2017 9:15:40 PM com.hazelcast.client.spi.impl.ClusterListenerSupport

INFO: hz.client_0 [ec2-euro-group] [3.8] Trying to connect to [127.0.0.1]:5703 as owner member

Apr 21, 2017 9:15:40 PM com.hazelcast.client.spi.impl.ClusterListenerSupport

INFO: hz.client_0 [ec2-euro-group] [3.8] Trying to connect to [127.0.0.1]:5701 as owner member

Apr 21, 2017 9:15:40 PM com.hazelcast.client.spi.impl.ClusterListenerSupport

WARNING: hz.client_0 [ec2-euro-group] [3.8] Unable to get alive cluster connection, try in 2053 ms later, attempt 1 of 2.

Apr 21, 2017 9:15:42 PM com.hazelcast.client.spi.impl.ClusterListenerSupport

INFO: hz.client_0 [ec2-euro-group] [3.8] Trying to connect to [127.0.0.1]:5703 as owner member

Apr 21, 2017 9:15:42 PM com.hazelcast.client.spi.impl.ClusterListenerSupport

INFO: hz.client_0 [ec2-euro-group] [3.8] Trying to connect to [127.0.0.1]:5702 as owner member

Apr 21, 2017 9:15:42 PM com.hazelcast.client.spi.impl.ClusterListenerSupport

INFO: hz.client_0 [ec2-euro-group] [3.8] Trying to connect to [127.0.0.1]:5701 as owner member

Apr 21, 2017 9:15:42 PM com.hazelcast.client.spi.impl.ClusterListenerSupport

WARNING: hz.client_0 [ec2-euro-group] [3.8] Unable to get alive cluster connection, try in 2914 ms later, attempt 2 of 2.

Apr 21, 2017 9:15:45 PM com.hazelcast.core.LifecycleService

INFO: hz.client_0 [ec2-euro-group] [3.8] HazelcastClient 3.8 (20170217 - d7998b4) is SHUTTING_DOWN

Apr 21, 2017 9:15:45 PM com.hazelcast.core.LifecycleService

INFO: hz.client_0 [ec2-euro-group] [3.8] HazelcastClient 3.8 (20170217 - d7998b4) is SHUTDOWN

java.lang.IllegalStateException: Unable to connect to any address in the config! The following addresses were tried: [localhost/127.0.0.1:5701, localhost/127.0.0.1:5702, localhost/127.0.0.1:5703]

at com.hazelcast.client.spi.impl.ClusterListenerSupport.connectToCluster(ClusterListenerSupport.java:180)

at com.hazelcast.client.spi.impl.ClientClusterServiceImpl.start(ClientClusterServiceImpl.java:189)

at com.hazelcast.client.impl.HazelcastClientInstanceImpl.start(HazelcastClientInstanceImpl.java:402)

at com.hazelcast.client.HazelcastClientManager.newHazelcastClient(HazelcastClientManager.java:78)

at com.hazelcast.client.HazelcastClient.newHazelcastClient(HazelcastClient.java:72)

my client code.

                GroupConfig groupConfig = new GroupConfig();

                groupConfig.setName(groupName);

                groupConfig.setPassword(groupPasswd);

        

ClientConfig clientConfig = new ClientConfig();

ClientAwsConfig clientAwsConfig = new ClientAwsConfig();

clientAwsConfig.setInsideAws( true )

              .setAccessKey( accesskey )

              .setSecretKey( secretkey )

       .setIamRole("my-role")

              .setRegion( region )

              .setSecurityGroupName( securityGroupName )

              .setEnabled(true);

clientConfig.getNetworkConfig().setAwsConfig( clientAwsConfig );

clientConfig.setGroupConfig(groupConfig);

 

HazelcastInstance client = HazelcastClient.newHazelcastClient(clientConfig);

[Emrah Kocaman]

Looks like there are no EC2 instances are found with your config.

Can you please check if your IAM user policy is correct according to https://github.com/hazelcast/hazelcast-aws/blob/master/README.md#policy-for-iam-user

Also you can try this sample to check if your configuration is correct.

--
You received this message because you are subscribed to the Google Groups "Hazelcast" group.
To unsubscribe from this group and stop receiving emails from it, send an email to hazelcast+unsubscribe@googlegroups.com.
To post to this group, send email to haze...@googlegroups.com.
Visit this group at https://groups.google.com/group/hazelcast.
To view this discussion on the web visit https://groups.google.com/d/msgid/hazelcast/7d52701e-7174-46f5-9f64-08c3578241c3%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.