堆栈内存溢出
  简体   繁体   English

Terraform AWS 无法 ping,或者 ssh 刚刚创建了 EC2 实例

[英]Terraform AWS not able to ping, or ssh just created EC2 instances

 原文  2020-10-21 03:31:20       amazon-web-services/ ssh/ terraform/ ping

问题描述

I would like to ask for assistance.我想寻求帮助。 I wrote terraform script which is creating 5 EC2 instances but I am not able to ping or SSH them.我编写了创建 5 个 EC2 实例的 terraform 脚本,但我无法 ping 或 SSH 它们。 Do you see any potential issue with this?您认为这有什么潜在问题吗? I have opened icmp, ssh, not when I checked form other computers/sites I get port is closed.我已经打开了 icmp、ssh,而不是在我检查其他计算机/站点时发现端口已关闭。 When I create manually EC2 is working from my computer, I am able to ssh/ping, but not with this terraform script.当我在我的计算机上手动创建 EC2 时,我可以 ssh/ping,但不能使用这个 terraform 脚本。


provider "aws" {
  version = "~> 3.0"
  region  = "us-east-1"
  access_key = "AKxxxxxxxxxxx"
  secret_key = "2CLBj/s9dC5r52Y"
}

# Create a VPC
resource "aws_vpc" "BrokenByteVPC" {
  cidr_block = "192.168.100.0/28"
  tags = {
    Name = "BrokenByteVPC"
  }
}

resource "aws_subnet" "BrokenbyteLB-subnet" {
  vpc_id     = aws_vpc.BrokenByteVPC.id
  cidr_block = "192.168.100.0/28"
  availability_zone = "us-east-1a"
  tags = {
    Name = "BrokenbyteLB-subnet"
  }
}

resource "aws_internet_gateway" "BrokenByte-gateway" {
  vpc_id = aws_vpc.BrokenByteVPC.id

  tags = {
    Name = "BrokenByte-gateway"
  }
}

resource "aws_route_table" "BrokenByte-Route-table" {
  vpc_id = aws_vpc.BrokenByteVPC.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.BrokenByte-gateway.id
  }
}

resource "aws_route_table_association" "a" {
  subnet_id      = aws_subnet.BrokenbyteLB-subnet.id
  route_table_id = aws_route_table.BrokenByte-Route-table.id
}


resource "aws_security_group" "allow_traffic" {
  name        = "allow_Traffic"
  description = "Allow SSH,HTTP and HTTPS  inbound traffic"
  vpc_id      = aws_vpc.BrokenByteVPC.id


ingress {
    description = "Dozvoli SVEEEEEEEE"
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

ingress {
    description = "SSH traffic"
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

ingress {
    description = "HTTP traffic"
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
  ingress {
    description = "HTTPS traffic"
    from_port   = 443
    to_port     = 443
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  tags = {
    Name = "Allow_ssh_http_https"
  }
}

resource "aws_network_interface" "NginX-public" {
  subnet_id       = aws_subnet.BrokenbyteLB-subnet.id
  #private_ips     = ["192.168.100.2"]
  security_groups = [aws_security_group.allow_traffic.id]
}

resource "aws_network_interface" "NginX-LB" {
  subnet_id       = aws_subnet.BrokenbyteLB-subnet.id
  private_ips     = ["192.168.100.10"]
  security_groups = [aws_security_group.allow_traffic.id]
}
resource "aws_network_interface" "www1" {
  subnet_id       = aws_subnet.BrokenbyteLB-subnet.id
  private_ips     = ["192.168.100.11"]
  security_groups = [aws_security_group.allow_traffic.id]
}
resource "aws_network_interface" "www2" {
  subnet_id       = aws_subnet.BrokenbyteLB-subnet.id
  private_ips     = ["192.168.100.12"]
  security_groups = [aws_security_group.allow_traffic.id]
}

resource "aws_network_interface" "www3" {
  subnet_id       = aws_subnet.BrokenbyteLB-subnet.id
  private_ips     = ["192.168.100.13"]
  security_groups = [aws_security_group.allow_traffic.id]
}

resource "aws_eip" "BrokenByte-PublicIP" {
  vpc                       = true
  network_interface         = aws_network_interface.NginX-public.id
  #associate_with_private_ip = "192.168.100.10"
  depends_on = [aws_internet_gateway.BrokenByte-gateway, aws_instance.BrokenByteNginX]
}

resource "aws_instance" "BrokenByteNginX" {
  ami = "ami-0dba2cb6798deb6d8"
  availability_zone = "us-east-1a"
  instance_type = "t2.micro"
  key_name = "aws_test"
  network_interface {
       device_index=0
       network_interface_id = aws_network_interface.NginX-LB.id
  }
    network_interface {
       device_index=1
       network_interface_id = aws_network_interface.NginX-public.id
  }
  
  
  tags = {
    Name = "BrokenByteNginXLB"
  }

  user_data =  <<-EOF
               #!/bin/bash
               sudo apt-get update -y
               EOF
}

resource "aws_instance" "BrokenByteWWW1" {
  ami = "ami-0dba2cb6798deb6d8"
  availability_zone = "us-east-1a"
  instance_type = "t2.micro"
  key_name = "aws_test"
  network_interface {
       device_index=0
       network_interface_id = aws_network_interface.www1.id
  }
  tags = {
    Name = "BrokenByteWWW1"
  }

}

resource "aws_instance" "BrokenByteWWW2" {
  ami = "ami-0dba2cb6798deb6d8"
  availability_zone = "us-east-1a"
  instance_type = "t2.micro"
  key_name = "aws_test"
  network_interface {
       device_index=0
       network_interface_id = aws_network_interface.www2.id
  }
  tags = {
    Name = "BrokenByteWWW2"
  }

}

resource "aws_instance" "BrokenByteWWW3" {
  ami = "ami-0dba2cb6798deb6d8"
  availability_zone = "us-east-1a"
  instance_type = "t2.micro"
  key_name = "aws_test"
  network_interface {
       device_index=0
       network_interface_id = aws_network_interface.www3.id
  }
  tags = {
    Name = "BrokenByteWWW3"
  }

}

2 个解决方案

解决方案1
 0  2020-10-21 04:01:38

None of your instances have public IP address (except the one with aws_eip.BrokenByte-PublicIP ), since your public subnet is missing map_public_ip_on_launch .您的所有实例都没有公共 IP 地址(带有aws_eip.BrokenByte-PublicIP的实例除外),因为您的公共子网缺少map_public_ip_on_launch You can rectify the issue by:您可以通过以下方式纠正问题:

resource "aws_subnet" "BrokenbyteLB-subnet" {
  vpc_id     = aws_vpc.BrokenByteVPC.id
  cidr_block = "192.168.100.0/28"
  availability_zone = "us-east-1a"

  map_public_ip_on_launch = true

  tags = {
    Name = "BrokenbyteLB-subnet"
  }
}

解决方案2
 0  2020-10-21 05:26:53

I was sure is something related to network card, but wasn't sure what.我确定与网卡有关,但不确定是什么。 Now is fine, I can ping and SSH, just swapped public IP to be network 0, and I removed code for network.现在很好,我可以 ping 和 SSH,只是将公共 IP 交换为网络 0,并且我删除了网络代码。 @Marcin, your first reply showed me in which direction to look. @Marcin,您的第一个回复向我展示了该看哪个方向。

  # network_interface {
  #      device_index=0
  #      network_interface_id = aws_network_interface.NginX-LB.id
  # }
    network_interface {
       device_index=0
       network_interface_id = aws_network_interface.NginX-public.id
  }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 地形 aws ec2 ssh - terraform aws ec2 ssh AWS - SSH 到通过 Cloudformation 创建的 EC2 - AWS - SSH into EC2 created via Cloudformation AWS ec2 SSH 超时,但仍然可以 ping 通 - AWS ec2 SSH timed out but still can ping it 在 AWS 中监控 Windows EC2 实例的服务器可访问性 (Ping) 和正常运行时间 - Monitoring Server Accessibility(Ping) and Uptime of Windows EC2 instances in AWS AWS EC2 实例能否在同一个 VPC 上 ping 客户端 VPN? - Could AWS EC2 instances ping Client VPN on the same VPC? 无法 SSH 进入使用 Terraform 创建的 EC2 实例 - Can't SSH into EC2 instance created with Terraform 我可以将变量传递给使用 terraform 和 user_data 创建的 AWS EC2 实例吗? 或者更新一个已经创建的资源 - Can i pass variables to AWS EC2 instances created with terraform and user_data? Or update an already created resource Terraform 创建的 EC2 实例未与 ECS 集群关联 - Terraform created EC2 Instances not associated with ECS Cluster 通过 Spinnaker/Terraform 在 EC2 实例上安装 AWS CLI - Installing AWS CLI on EC2 instances via Spinnaker/Terraform 无法连接 ssh 密钥 terraform aws ec2 - unable to connect with ssh key in terraform aws ec2
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM