question

Upvotes
Accepted
33 4 9 15

RTO AWS PrivateLink with EKS container, initialization timeout

The client is trying to connect to RTO AWS Private Link in AWS EKS container, the host and port to be accessed is ap-southeast-1-aws-1-lrg.optimized-pricing-api.refinitiv.net:14002 and added the DNS config via 'add-host' docker run command option. The creating of the VPC endpoint pointing to the VPC service followed the RTO install guide.
The application is based on the C++ example 450 with minor modification on the 'host' to be used.

It is ok to:

1) telnet ap-southeast-1-aws-1-lrg.optimized-pricing-api.refinitiv.net:14002 in the container shell command line

2) telnet that url in the code's main method.

3) run the application without the setting of the /etc/hosts, then go through the public internet in the AWS docker container environment

However, the running of the application showed 'initialization timeout' warning and then the application exited... so cannot catch the log (I have asked client to set the log level via the 'logger' in ema config xml).

The question is any other possible reason to block the access and suggestion? e.g., proxy or any other setting required for this use case.

ema-apirrtoc++awscontainerdocker
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Or any restriction enforced by the VPC endpoint service?

1 Answer

Upvotes
Accepted
24.9k 87 10 22

Hi @Frederic

Can the customer connect if they use the 450 example without any changes?
I am not familiar with VPC endpoints etc - however, the section of the RTO install guide does state:
Refinitiv recommends that you use service discovery to connect to Refinitiv Real-Time - Optimized. Using service discovery does not require code changes. Once new VIPs are active, any subsequent service discovery call automatically routes to the correct VIPs. However, others connecting to the end points will need to make appropriate changes.

Example 450 use service discovery - removing the need for the customer to specify a particular endpoint.

We can enable the REST API log to see if that provides any further clues - in terms of the REST API calls that EMA makes to the RDP services.

Please add the following log to EmaConfig.xml; if you are using example 450, it should be added under the Consumer_1 section.

<Consumer>

<Name value="Consumer_1"/>

<ChannelSet value="Channel_1"/>

<Logger value="Logger_1"/>

<Dictionary value="Dictionary_1"/>

<XmlTraceToStdout value="0"/>

<RestEnableLog value="1"/>

<RestLogFileName value="Restlog.txt"/>

</Consumer>

You can find additional config from EMACPP_ConfigGuide.pdf provided under folder Docs from RTSDK package.

Ema should generate Restlog.txt under the running directory; containing the REST API messages EMA sends and receive from the server. Please remove any credentials information before sharing on the forum.

If the customer can also share the console output that would also be useful...

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Thanks @umer.nalla . I have suggested client to follow the logger configuration as above. And the issue was resolved due to the missing of the AWS SecurityGroup setting to allow some source addresses in the scenario of VPC peering.