Websocket with Tomcat 7 on AWS Elastic Beanstalk

13
votes

I'm trying to run a simple websocket echo application on Elastic Beanstalk. But if I run it I'm getting an error 400 on the Socket Upgrade from Tomcat, but this just happens on port 80 if I pass port 8080 thought the loadbalancer I can access the websocket without the error 400 on socket upgrade (on port 8080). Port 8080 and Port 80 are both on TCP not HTTP.

My question is who is doing the translation from 80 to 8080 as the default configuration on the loadbalancer just pass traffic from 80 to 80. The translation has to be on the EC2 instance. IPTables? In this translation something goes wrong.

It would be nice to get some inforamtion from amazon on how this traffic is routet.

1
amazon-web-serviceswebsockettomcat7amazon-elastic-beanstalk
is you EC2 securityGroup allowing port 80?Scary Wombat
yes, I can access every servlet over port 80. Just the protocol upgrade is not working.patrick
it seams to be the Apache Proxy on the EC2 Instance in front of the Tomcatpatrick
Apache Proxy: tomcat.10.x6.nabble.com/Tomcat7-WebSocket-mod-jk-td4986848.htmlpatrick
what is the use of this Apache in front of the tomcat?patrick

1 Answers

16
votes

The solution is to configure the Loadbalacer to connect directly to the Tomcat: 

Resources:
  AWSEBSecurityGroup:
    Type: "AWS::EC2::SecurityGroup"
    Properties:
      GroupDescription: "Security group to allow HTTP, SSH and 8080 for all"
      SecurityGroupIngress:
        - {CidrIp: "0.0.0.0/0", IpProtocol: "tcp", FromPort: "80", ToPort: "80"}
        - {CidrIp: "0.0.0.0/0", IpProtocol: "tcp", FromPort: "8080", ToPort: "8080"}
        - {CidrIp: "0.0.0.0/0", IpProtocol: "tcp", FromPort: "22", ToPort: "22"}
  AWSEBLoadBalancer:
    Type: "AWS::ElasticLoadBalancing::LoadBalancer"
    Properties:
      Listeners:
        - {LoadBalancerPort: 443, InstanceProtocol: "TCP", InstancePort: 8080, Protocol: "SSL", SSLCertificateId: "arn:aws:iam::9999999999999:server-certificate/sslcert"}
        - {LoadBalancerPort: 80, InstanceProtocol: "TCP", InstancePort: 8080, Protocol: "TCP"}
      AppCookieStickinessPolicy:
        - {PolicyName: "lb-session", CookieName: "lb-session"}
      HealthCheck:
        HealthyThreshold: "3"
        Interval: "30"
        Target: "HTTP:8080/ping.html"
        Timeout: "5"
        UnhealthyThreshold: "5"
  1. Create a folder called .ebextensions in the WEB-INF folder Maybe in newer Version the .ebextensions has to be in the root folder, can somebody confirm this?
  2. Create a file called websocket.config in this folder with the content from above
  3. Deploy the application
  4. Rebuild the environment

For a setup without SSL remove this:

 - {LoadBalancerPort: 443, InstanceProtocol: "TCP", InstancePort: 8080, Protocol: "SSL", SSLCertificateId: "arn:aws:iam::9999999999999:server-certificate/sslcert"}

Or replace Apache by Nginx and configure Niginx to support WebSocket