We are setting up cluster on amazon ec2 from rancher through private subnet but it hangs at "Waiting for SSH to be available"
We are able to create cluster when we use public subnet in amazon ec2.But it stuck when we use private subnet.We are able to ping the amazon instance from rancher server.
Related
I currently have a private GKE cluster which is only accessible via a bastion host (the incoming traffic to gke is resticted to bastion host cidr), there is no vpn as well. So the only way as of now is to login to bastion and connect to gke cluster.
But I want to connect to GKE via my laptop through a proxy which redirects traffic from my laptop to bastion to gke. Can this be done in any way ? Can someone please share there inputs. Thanks in advance.
Is there any way to perform DNAT for AWS EC2 instances? I am trying to allocate one public ip and then associate this ip with any instance under my public subnet. We can perform similar action in VMware's NSX using DNAT rules but don't find it's equivalent in AWS.
An AWS Elastic IP is a static public IP address that can be moved between any of your EC2 instances. AWS is using NAT behind the scenes to make that work.
If you want an AWS Elastic IP to point to more than one of your EC2 instances at the same time, you can assign it to an AWS Network Load Balancer.
I am trying to launch node in EC2 VPC using chef knife ec2 server create to launch ec2 instance into VPC, But I looking a flag to specify vpc info.
Anyone know how to spin up ec2 instance into vpc using knife ec2 server create ?
Thanks
There is a --subnet SUBNET_ID flag for knife ec2 command. You can specify which subnet of VPC you want the instance be created using this flag.
Refer: https://docs.chef.io/plugin_knife_ec2.html
You cannot provide VPC identity. However, you can provide subnet identity which eventually will create the instance in your VPC of choice.
Is it possible to tell an Amazon EC2 Instance to reconnect the IP?
I know there are scripts to tell a local router (e.g. at home) to reconnect and assign a new IP adress. Is there something similar to the Amazon VMs?
In essence what you are referring to is actually using Elastic IPs.
Basically you reserve an IP address and you can associate and disassociate it from a EC2 instance as you please. You will be able to use that IP as long as you don't release it. (Initially you need to allocate that IP address)
You can also do all the Elastic IP operations programmatically using the AWS API and any of the available SDKs (Java, Ruby, Python, PHP, etc) or using the AWS CLI
For example:
# Allocate Address
aws ec2 allocate-address
# Associate Address
aws ec2 associate-address --instance-id <Your Instance ID> --public-ip <IP Address>
# Disassociate Address
aws ec2 disassociate-address --public-ip <IP Address>
# Release Address
aws ec2 release-address --public-ip <IP Address>
I have the following setup:
- a VPC, with several subnets, and an access gateway and a NAT instance having public addresses that I can connect to,
- I create a Linux instance in a subnet of the VPC, that has NO public IP address or DNS name (I want that only the Load Balancer be known on the internet).
I want to connect to my Linux instance to install and configure software.
How do you connect to that instance? All the documentation I have seen mentions that you connect using "ec2-user#".
Since I have no public DNS, i have tried to connect from the access gateway via putty with the private DNS of my linux instance but it fails ("host does not exist").
I am obviously missing something ... in the NAT?
Thanks, Laurent
You need to have a hosts in the public subnet which you can access. Once you access this host, then you can connect to your other hosts in VPC using their private IP address.
Your instance in question has only private IP address so connecting it from your workstation is not going to work.
The host I am referring to is usually called Bastion Host. read the Tip in Scenario 2: VPC with Public and Private Subnets documentation.
Also, read first few results of this Google Search to gain overall understanding on use-cases for Bastion hosts.