Hi there, I'm new to Prefect and checking out opti...
# ask-communityc
Claire Herdeman
05/26/2021, 9:02 PMHi there, I'm new to Prefect and checking out options to see if Prefect will work for my company. I'm having trouble starting an ECS Agent within our infrastructure that communicates with PrefectCloud. We are using HIPAA compliant AWS architecture as described here, i.e. most of the infrastructure is in private VPCs and exposed via a public VPC. Can you help me figure out if that's my issue?
Claire Herdeman
05/26/2021, 9:03 PMI ran the following start command from within a private vpc:
Copy code
prefect agent ecs start \
--cluster <arn> \
--run-task-kwargs "config.yaml"Claire Herdeman
05/26/2021, 9:03 PMwhere
config.yaml Copy code
networkConfiguration:
awsvpcConfiguration:
assignPublicIP: ENABLE
subnets: [private_subnet]
securityGroups: [security_group]Claire Herdeman
05/26/2021, 9:06 PMThis is the (abridged) connection refused error I'm getting:
Copy code
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPConnectionPool(host='localhost', port=4200): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7fa5b7613ed0>: Failed to establish a new connection: [Errno 111] Connection refused'))k
Kevin Kho
05/26/2021, 9:06 PM
Hi @Claire Herdeman, do you mean the Agent is even able to be seen by Cloud?
c
Claire Herdeman
05/26/2021, 9:07 PMNo, it doesn't seem to launch at all
Claire Herdeman
05/26/2021, 9:08 PMI got a similar connection error when I ran
prefect create project <name>k
Kevin Kho
05/26/2021, 9:08 PM
Is this ecs agent running on an EC2? Does it have permissions for HTTP going out?
c
Claire Herdeman
05/26/2021, 9:10 PMNo, i'm just trying to run
prefect ecs startClaire Herdeman
05/26/2021, 9:11 PMalso this is my first time trying to get it set up so I could be misunderstanding agent usage!
k
Kevin Kho
05/26/2021, 9:14 PM
Let me try setting up an ec2 on my end without traffic allowed and see if I replicate
🙏 1
c
Claire Herdeman
05/26/2021, 9:15 PMAs another workaround, would using server rather than cloud be easier if it can be launched within our infrastructure?
k
Kevin Kho
05/26/2021, 9:15 PM
Are you on Prefect Cloud or Server?
c
Claire Herdeman
05/26/2021, 9:15 PMI just set up a free Prefect Cloud
k
Kevin Kho
05/26/2021, 9:16 PM
We do have people using Prefect Server because of regulations that don’t let them have connections, but really Prefect is a tool of choice for organizations that need HIPAA compliant because we don’t see any of the data or the code
c
Claire Herdeman
05/26/2021, 9:19 PMAhhh makes sense
k
Kevin Kho
05/26/2021, 9:38 PM
Could you walk me over what you did? Did you change your backend to server by any chance? Did you authenticate Prefect with the CLI?
c
Claire Herdeman
05/26/2021, 9:39 PMI actually did change backend to server, how do I switch back? and I'm not sure, which means probably not. What's the best way to do that?
k
Kevin Kho
05/26/2021, 9:40 PM
prefect backend cloudc
Claire Herdeman
05/26/2021, 9:42 PMlooks like that did it, thank you so much for your help!
k
Kevin Kho
05/26/2021, 9:42 PM
Oh nice! Happy to help 🙂
Kevin Kho
05/26/2021, 9:43 PM
That error was because it was trying to access the local database spun up by Prefect server at localhost:4200, but that wasn’t available.
66 Views