Postgresql – Connect with Java to Amazon EC2 instances

amazon ec2amazon-web-servicesjavapostgresqlsocket

I have written a client-server application in Java and I want to run it on Amazon EC2 Ubuntu instacnes. The client runs on an EC2 instance and the server on one and the third EC2 instance is for hosting postgreSQL database. I have some questions regarding the network connection and hope that somebody could help. 🙂

  1. I know that I have to use the public DNS to connect from the client to the server. Can I just use socket = new Socket(host, port); with the host the public DNS as a string or do I have to use something like InetAddress address = InetAddress.getByName(host);?

  2. Which ports are I am allowed to use? Socket will listen on this port.

  3. Do I have to configure something else for the EC2 instance to get a connection?

  4. On one EC2 instance I will install postgreSQL. I think that I just can install it like with normal Ubuntu. Can I then just connect to the database using the public DNS from the EC2 instance and the port I set in the postgreSQL or do I have to maker other settings?

Best Answer

In general it'd best to avoid this sort of multi-question. It's hard to provide a definitive answer to four questions in one, especially with not fully overlapping areas of expertise. Still, best effort:

  1. Establishment of TCP socket connections is the same within EC2 as outside it. Everything you do in normal TCP/IP networking you do the same within ETC.

    The only difference is outside your code, and that's the fact that within an EC2 region the hostnames for other nodes in that region resolve as internal IPs, while outside that region they resolve as public IPs.

    That's usually just what you want to have happen automatically, and you generally don't have to change anything.

  2. You can use any port you like so long as you allow it in your security groups. EC2 is no different to anything else here. The usual rules apply, e.g. on most unix/linux systems ports 1024 and below are reserved for root.

  3. EC2-classic instances can always connect to the Internet for outbound connections.

    To connect to each other, and to receive inbound connections from the wider Internet, you must add security group settings that allow other security groups and/or IP addresses to connect. See the EC2 documentation on security groups.

    For VPC instances you configure VPC security groups, and you also have subnet routing rules. For details, see the documentation on VPC. Increasingly EC2-classic is being deprecated in favour of VPC, so it might be worth starting with a single-subnet VPC with default public IP addresses instead of starting with EC2 classic.

  4. Use the hostname (yes, "public DNS"), not the IP address, to connect to the instance running PostgreSQL. It'll resolve to the internal IP address when connecting from another EC2 instance in the same region, which is what you want to happen so your traffic isn't metered as Internet traffic.

    You'll have to configure the security group for the instance to allow incoming connections on the port. If the host OS has a firewall you'll need to allow connections through it, too. Finally, you'll need to set PostgreSQL's listen_addresses so it actually accepts connections from non-local addresses.

I strongly advise you to study some EC2 tutorial and documentation material before attempting this. Play with some micro instances and get used to working with security groups, the split public/private DNS arrangement, etc.

Related Topic