En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Cannot attach EBS to EC2 when instance is in specific subnet

0

Hello gurus! I have two private subnets A and B in the same AZ. I have also created an EBS volume in the same AZ. When I create an EC2 instance in subnet A I am able to use aws-cli to attach the volume. However, when creating an instance in subnet B, the "aws ec2 attach-volume..." results in a "Connect timeout..." error message. Note: The EBS volume is not attached to the instance in A when trying to attach it to the instance in B.

I am using Terraform for provisioning of the EC2 instance, including security group creation and instance profile. The only thing I am altering when trying subnet A vs B is the subnet. Nothing else is different.

When looking at the two subnets in AWS Console, they are identical, except for the CIDR, They are connected to separate NAT GWs and routing tables "of their own"

What am I missing?

Best regards Vidar Evenrud Seeberg

  • Gary Mclean EXPERT
    il y a un an

    are you 100 Sure the 2nd EC2 is in the same AZ as the volume?

Sujets
Réseaux et diffusion de contenuCalculStockage
Balises
Amazon VPCAmazon EC2Amazon Elastic Block Store
Langue
English
globus68-2
demandé il y a un an352 vues
5 réponses
1
Réponse acceptée

Problem solved; I NATed to the same private subnet... :D. Don't ask me why... Sorry for troubling you @Tom-B and @kentrad. I was not thorough enough when I inspected the NAT first time. Have a nice weekend!

globus68-2
répondu il y a un an
1

The "Connection timeout ...." message leads me to believe that the routing for subnet B is not quite right. That is assuming you are running the aws ec2 attach-volume... command from the instance in subnet B. The CLI can't communicate with the EC2 service.

profile pictureAWS
EXPERT
kentrad
répondu il y a un an
0

@gary: yes, they are both in eu-west-1a

globus68-2
répondu il y a un an
0

If you're getting a connection timeout error, I would start by checking that you can reach the ec2 API endpoint from your host by running:

ping ec2.eu-west-1.amazonaws.com

If the ping times out. I'd suggest reviewing your routing tables, security groups and Network ACL's.

AWS
Tom-B
répondu il y a un an
0

Thank you for good suggestions about routing etc @Tom-B and @kentrad. I have looked thoroughly at the routing tables, and to me, they look the same, but I may have missed something. I will have another look tonight and report back. Time for cooking dinner now :)

globus68-2
répondu il y a un an

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents