Unable to connect to MinIO instance with aws sdk

norbas · July 21, 2023, 11:52am

I have a free MinIO instance with mounted persitent volume to which I would like to connect with rails aws-sdk-s3 client. It looks like the instance is not responding at all, as the call is timing out each time. This is my config:

# MinIO Dockerfile

FROM minio/minio

CMD [ "server", "/data", "--console-address", ":9001"]

# MinIO fly.toml

app = "some-app"
primary_region = "waw"

[mounts]
  source = "miniodata"
  destination = "/data"

[[services]]
  protocol = "tcp"
  internal_port = 9000
  auto_stop_machines = true
  auto_start_machines = true
  processes = ["app"]

  [[services.ports]]
    port = 9000
    handlers = ["http"]

and this is how I try to conenct:

client = Aws::S3::Client.new(
  region: 'us-east-1',
  access_key_id: ENV['AWS_S3_ACCESS_KEY_ID'],
  secret_access_key: ENV['AWS_S3_ACCESS_KEY'],
  endpoint: "https://my-app.fly.dev",
  force_path_style: true
)

When I try to run something as simple as client.list_buckets, I receive error: [...] Connection reset by peer - SSL_connect (Seahorse::Client::NetworkingError)
Is there something that I’m missing in my config, or am I not understanding how the free plan works on fly.io? I would be really greatful for help, pointing to some good resource would also be much appreciated.

PS: Even fly logs for this machine look like the S3 API service is listening on 9000 port to which I’m trying to connect:

lubien · July 21, 2023, 12:16pm

Hi @norbas

Connection reset by peer is a very common issue when the client cannot reach the server.

Can you confirm if you have both IPv6 and IPv4 IP addresses? Sometimes clients struggle to connect via IPv6.

If you’re missing an IPv4 you can run fly ips allocate-v4 --shared to get a shared IPv4.

Another option is looking at your Ruby client to see if there’s something needed to do to reach an URL via IPv6.

norbas · July 21, 2023, 12:28pm

Hm, looks like I don’t have either of those. As I understand these will be needed to connect to my instance from my local environment, however if I’d like my two fly.io instances (one of them being the MinIO instance) to talk to each other, I would need to follow this private network guide, is that right?

lubien · July 21, 2023, 12:32pm

Yea, our 6pn will do magic with minio-app-name.internal for you.

Assuming you don’t want your MinIO reachable from the outside internet for security reasons, you could remove public IPs so only apps in your org can talk to each other and when you want to connect via your personal machine you could use fly proxy command

norbas · July 22, 2023, 5:47pm

Thank you for your help @lubien. I know it’s not even a basic networking, but for future readers the solution was to just use internal 6PN and setting <app-name>.internal:9000 as an endpoint.

lubien · July 22, 2023, 6:39pm

Im glad it’s working and thanks for sharing the solution too

system · July 29, 2023, 6:39pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Mixed content error thrown when communicating over 6PN Questions / Help rails	4	390	August 6, 2023
Minio Instance not working Questions / Help	0	205	October 28, 2022
Minio and proxy with WSL2 Questions / Help	2	589	December 23, 2022
MinIO AppKata - Best way to connect to Web based Admin on non-standard port	3	425	July 17, 2021
MinIO appkata tutorial doesn't work (with 301 error)?	1	1718	April 29, 2022

Unable to connect to MinIO instance with aws sdk

Related topics