Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

AWS Terraform based Webserver Connection Getting refused

0

HI, Anyone faced this problem while learning AWS Terraform ?

I am following the Book to practice the Terraform I am getting below error.

url: (7) Failed to connect to <<<removed Public IP Address of EC2 >> port 8080 after 49 ms: Couldn't connect to server

Please advise if there is any recent upgrade ?

My Code is below

provider "aws" { region="us-east-2" }

resource "aws_security_group" "instance" { name="terraform-example-instance"

ingress { from_port=8080 to_port=8080 protocol="tcp" cidr_blocks=["0.0.0.0/0"] }

} resource "aws_instance" "example" { ami="ami-0a695f0d95cefc163" instance_type="t2.micro" vpc_security_group_ids=[aws_security_group.instance.id]

user_data=<<-EOF #!/bin/bash echo "Hello, World" > index.html nohup busybox httpd -f -p 8080 & EOF tags={ "Name" = "terraform-example" } }

Tópicos
Gestão e governançaComputaçãoRede e entrega de conteúdoSegurança, identidade e conformidade
Tags
AWS CloudFormationAmazon EC2Rede e entrega de conteúdoPolíticas do IAM
Idioma
English
rePost-User-5918101
feita há um ano325 visualizações
2 Respostas
0

To reach out an instance from the internet, your ec2 needs to:

  1. have a public ip address
  2. be deployed on a public subnet (with the routing pointing to an internet gateway)

You said that you are trying to connect to the public ip, so i assume that you have already done the point 1, otherwise add associate_public_ip_address to the aws_instance resource. To accomplish the point 2, first create the internet gateway:

resource "aws_internet_gateway" "gw" {
  vpc_id = aws_vpc.your_vpc_resource_name.id

  tags = {
    Name = "main"
  }
}

then create a routing table that point to it:

resource "aws_route_table" "main" {
  vpc_id = aws_vpc.your_vpc_resource_name.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.gw.id
  }

  tags = {
    Name = "main"
  }
}

then associate it to the subnet where the EC2 has been deployed:

resource "aws_route_table_association" "main" {
  subnet_id      = aws_subnet.your_vpc_subnet_name.id
  route_table_id = aws_route_table.main.id
}

After that, your connection should works.

profile picture
DavideG
respondido há um ano
  • rePost-User-5918101
    há um ano

    Thanks for your advise, Do I need to declare aws_vpc and aws_subnet resource also ?

    │ on main.tf line 6, in resource "aws_internet_gateway" "gw": │ 6: vpc_id = aws_vpc.your_vpc_resource_name.id │ │ A managed resource "aws_vpc" "your_vpc_resource_name" has not been declared in the root module.

0

Sure, you need even a vpc and a subnet, here it's a full example:

resource "aws_vpc" "main" {
  cidr_block       = "10.0.0.0/16"

  tags = {
    Name = "main"
  }
}

resource "aws_subnet" "a" {
  vpc_id     = aws_vpc.main.id
  cidr_block = "10.0.1.0/24"
  availability_zone = "us-east-2a"

  tags = {
    Name = "Main"
  }
}

resource "aws_internet_gateway" "gw" {
  vpc_id = aws_vpc.main.id

  tags = {
    Name = "main"
  }
}

resource "aws_route_table" "main" {
  vpc_id = aws_vpc.main.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.gw.id
  }

  tags = {
    Name = "main"
  }
}

resource "aws_route_table_association" "main" {
  subnet_id      = aws_subnet.a.id
  route_table_id = aws_route_table.main.id
}

Then you need to create a security group and the EC2 with the code that you have already written. regards

profile picture
DavideG
respondido há um ano

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante