By using AWS re:Post, you agree to the Terms of Use
/Amazon EC2/

Questions tagged with Amazon EC2

Sort by most recent
  • 1
  • 90 / page

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Session Manager unable to connect to instance in public subnet

I can't seem to get an instance in a public subnet to connect via session manager. The subnet that the instance ends up deploying to has `0.0.0.0/0` set to an internet gateway. The security group has no inbound rules and an outbound rule of `Allow` `0.0.0.0/0`. The instance profile has the `AmazonSSMManagedInstanceCore` managed policy, the instance is on a public subnet with an internet gateway and a security group that allows all outbound requests, and it’s running AmazonLinux 2, so the SSM agent should be installed. I even added a userData command to install the latest again, but that didn’t change anything. From the console, I see the following error message: > **We weren't able to connect to your instance. Common reasons for this include:** > * SSM Agent isn't installed on the instance. You can install the agent on both [Windows instances](https://docs.aws.amazon.com/en_us/console/systems-manager/agent-windows) and [Linux instances](https://docs.aws.amazon.com/en_us/console/systems-manager/agent-linux). > * The required [IAM instance profile](https://docs.aws.amazon.com/en_us/console/systems-manager/qs-instance-profile) isn't attached to the instance. You can attach a profile using [AWS Systems Manager Quick Setup](https://docs.aws.amazon.com/en_us/console/systems-manager/qs-quick-setup). > * Session Manager setup is incomplete. For more information, see [Session Manager Prerequisites.](https://docs.aws.amazon.com/en_us/console/systems-manager/session-manager-prerequisites) Here's a sample of CDK code that replicates the problem: ```typescript const region = 'us-east-2' const myInstanceRole = new Role(this, 'MyRole', { assumedBy: new ServicePrincipal('ec2.amazonaws.com'), }) myInstanceRole.addManagedPolicy( ManagedPolicy.fromAwsManagedPolicyName('AmazonSSMManagedInstanceCore') ) const myUserData = UserData.forLinux() myUserData.addCommands( `sudo yum install -y https://s3.${region}.amazonaws.com/amazon-ssm-${region}/latest/linux_amd64/amazon-ssm-agent.rpm`, 'sudo systemctl restart amazon-ssm-agent', ) const myInstance = new Instance(this, 'MyInstance', { instanceType: InstanceType.of(InstanceClass.C6I, InstanceSize.LARGE), machineImage: MachineImage.latestAmazonLinux({ generation: AmazonLinuxGeneration.AMAZON_LINUX_2, cpuType: AmazonLinuxCpuType.X86_64, }), vpc: Vpc.fromLookup(this, 'ControlTowerVPC', { vpcName: 'aws-controltower-VPC', }), vpcSubnets: { subnetType: SubnetType.PUBLIC, }, blockDevices: [ { deviceName: '/dev/xvda', volume: BlockDeviceVolume.ebs(30, { volumeType: EbsDeviceVolumeType.GP2, encrypted: true, }), }, ], userData: myUserData, role: myInstanceRole, detailedMonitoring: true, }) ```
1
answers
0
votes
29
views
asked 3 days ago

Creating EC2 Ingress rule in C#

I'm trying to create an ingress rule in C# and I'm getting an error at runtime. Here's the relevant code: ` ///////////BEGIN Set Vars////////////////////// /////////////////////////////////////////////// Amazon.EC2.AmazonEC2Client ec2Client = new Amazon.EC2.AmazonEC2Client(); Amazon.EC2.Model.AuthorizeSecurityGroupIngressRequest secRequest = new **Amazon.EC2.Model.AuthorizeSecurityGroupIngressRequest(); Amazon.EC2.Model.IpPermission ipPerm = new Amazon.EC2.Model.IpPermission(); Amazon.EC2.Model.IpRange ipRange = new Amazon.EC2.Model.IpRange(); List<Amazon.EC2.Model.IpPermission> ipRangeList = new List<Amazon.EC2.Model.IpPermission>(); /////////////////////////////////////////////// ///////////END Set Vars//////////////////////// /////////////////////////////////////////////// /////////////////////////////////////////////// ///////////BEGIN IP Range////////////////////// /////////////////////////////////////////////// ipRange.CidrIp = "5.5.5.10/32"; ipRange.Description = "My new IP rule"; ipRangeList.Add(ipPerm); /////////////////////////////////////////////// ///////////END IP Range//////////////////////// /////////////////////////////////////////////// /////////////////////////////////////////////// ///////////BEGIN IP Perms////////////////////// /////////////////////////////////////////////// ipPerm.IpProtocol = "tcp"; ipPerm.ToPort = 3389; ipPerm.FromPort = 3389; ipPerm.Ipv4Ranges.AddRange((IEnumerable<Amazon.EC2.Model.IpRange>)ipRangeList); /////////////////////////////////////////////// ///////////END IP Perms//////////////////////// ///////////////////////////////////////////////` If I just try to add ipRange as a range to *ipPerm*, the precompiler complains that it needs to be type of *List<Amazon.EC2.Model.IpPermission>*. When I use the code above and cast it to *List<Amazon.EC2.Model.IpPermission>*, the precompiler gets happy, but I get a runtime error: ** Message=Unable to cast object of type 'System.Collections.Generic.List`1[Amazon.EC2.Model.IpPermission]' to type 'System.Collections.Generic.IEnumerable`1[Amazon.EC2.Model.IpRange]'. Source=System.Private.CoreLib StackTrace: at System.Runtime.CompilerServices.CastHelpers.ChkCastAny(Void* toTypeHnd, Object obj) at AWSFirewall.Program.Main(String[] args) in C:\Users\SeanMcCown\source\repos\AWSFirewall\Program.cs:line 44**
1
answers
0
votes
29
views
asked 7 days ago

Connecting TypeScript backend in EC2 to PostgreSQL RDS

I have a TypeScript backend running in a t3.micro EC2 instance. I'm using NPM as the package manager, and TypeORM to seed the database. I have a PostgreSQL database set up in RDS that I'm trying to connect to. In my local dev environment, I didn't have any problem seeding and running the backend and having it connect to RDS. However, in the EC2, it won't finish seeding when running ``` npm run seed ``` which runs the script ``` ts-node -r tsconfig-paths/register src/seeder/seed.ts ``` Running ```npm run migration:run``` runs the script ``` yarn run typeorm migration:run ``` and gives this error: ``` $ ts-node -r tsconfig-paths/register ./node_modules/typeorm/cli.js migration:run Error during migration run: TypeORMError: No connection options were found in any orm configuration files. at new TypeORMError (/home/ec2-user/backend/src/error/TypeORMError.ts:7:9) at ConnectionOptionsReader.<anonymous> (/home/ec2-user/backend/src/connection/ConnectionOptionsReader.ts:46:19) at step (/home/ec2-user/backend/node_modules/typeorm/node_modules/tslib/tslib.js:144:27) at Object.next (/home/ec2-user/backend/node_modules/typeorm/node_modules/tslib/tslib.js:125:57) at fulfilled (/home/ec2-user/backend/node_modules/typeorm/node_modules/tslib/tslib.js:115:62) error Command failed with exit code 1. info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command. ``` I'm not too experienced with this, but I've tried deleting node_modules, dist, yarn install, npm install. Any answers as to what I'm missing?
1
answers
0
votes
33
views
asked 8 days ago

Exec linux command inside a container

Hi team, I connected to my envoy container using this command : ``` aws ecs execute-command --cluster cluster-name --task task-id --container container-name --interactive --command "/bin/sh" ``` once inside the container I'm trying to execute this Linux command: ` ps aux` I have this error : `sh: ps: command not found` the version of the distribution inside the envoy container is " ``` Linux version 4.14.276-211.499.amzn2.x86_64 (mockbuild@ip-xx-x-xx-225) (gcc version 7.3.1 20180712 (Red Hat 7.3.1-13) (GCC)) #1 SMP Wed Apr 27 21:08:48 UTC 2022 ``` I tried to install ps : `yum install -y procps` I have this error : ``` Loaded plugins: ovl, priorities Could not retrieve mirrorlist http://amazonlinux.default.amazonaws.com/2/core/latest/x86_64/mirror.list error was 14: curl#56 - "Recv failure: Connection reset by peer" One of the configured repositories failed (Unknown), and yum doesn't have enough cached data to continue. At this point the only safe thing yum can do is fail. There are a few ways to work "fix" this: 1. Contact the upstream for the repository and get them to fix the problem. 2. Reconfigure the baseurl/etc. for the repository, to point to a working upstream. This is most often useful if you are using a newer distribution release than is supported by the repository (and the packages for the previous distribution release still work). 3. Run the command with the repository temporarily disabled yum --disablerepo=<repoid> ... 4. Disable the repository permanently, so yum won't use it by default. Yum will then just ignore the repository until you permanently enable it again or use --enablerepo for temporary usage: yum-config-manager --disable <repoid> or subscription-manager repos --disable=<repoid> 5. Configure the failing repository to be skipped, if it is unavailable. Note that yum will try to contact the repo. when it runs most commands, so will have to try and fail each time (and thus. yum will be be much slower). If it is a very temporary problem though, this is often a nice compromise: yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true Cannot find a valid baseurl for repo: amzn2-core/2/x86_64 ``` is there a way to run basic commands inside the envoy container like ps, map...? Thank you.
1
answers
0
votes
40
views
asked 9 days ago

ClientError: ENA must be supported with uefi boot-mode

I am trying to run a Windows 10 Home VM in EC2. The plan is to run it in EC2 for about two days, our partner will access it through RDP and then transfer it back to VirtualBox. I prepared the image in VirtualBox, then exported .ova file, uploaded it to S3 and tried to convert it to AMI with following command as described [here](https://docs.aws.amazon.com/vm-import/latest/userguide/what-is-vmimport.html). ``` $ aws ec2 import-image --description "Windows 10 VM" --platform Windows --disk-containers "file://foo/containers.json" --boot-mode uefi --license-type BYOL --architecture x86_64 ``` But I get following error after the import process reaches progress 27%: ``` $ aws ec2 describe-import-image-tasks --import-task-ids fooID { "ImportImageTasks": [ { "Architecture": "x86_64", "Description": "Windows 10 VM", "ImportTaskId": "fooID", "LicenseType": "BYOL", "Platform": "Windows", "SnapshotDetails": [ { "DeviceName": "/dev/sda1", "DiskImageSize": 8298251264.0, "Format": "VMDK", "Status": "completed", "Url": "s3://foo/Windows-10.ova", "UserBucket": { "S3Bucket": "foo", "S3Key": "Windows-10.ova" } } ], "Status": "deleted", "StatusMessage": "ClientError: ENA must be supported with uefi boot-mode", "Tags": [], "BootMode": "uefi" } ] } ``` I have done these steps: 1. [Installed ENA driver](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/enhanced-networking-ena.html#ena-adapter-driver-versions) (Didn't help) 2. [Installed AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) (Didn't help) What should I do? I know for sure that the VM boots using UEFI in VBox. Should I convert it to BIOS boot? Is there anything I need to install or what? Google returns only [this thread](https://repost.aws/questions/QUqKQIF1cdQrq6h3hb8yJYiw/does-aws-support-windows-11-ec-2-instances) which is unanswered and they are talking about instance types. So I asked my own question.
1
answers
0
votes
35
views
asked 11 days ago

Inconsistent keras model.summary() output shapes on AWS SageMaker and EC2

I have the following model in a jupyter notebook: ```python import tensorflow as tf from tensorflow.keras.models import Model from tensorflow.keras.optimizers import Adam from tensorflow.keras import layers physical_devices = tf.config.list_physical_devices('GPU') tf.config.experimental.set_memory_growth(physical_devices[0], True) SIZE = (549, 549) SHUFFLE = False BATCH = 32 EPOCHS = 20 train_datagen = DataGenerator(train_files, batch_size=BATCH, dim=SIZE, n_channels=1, shuffle=SHUFFLE) test_datagen = DataGenerator(test_files, batch_size=BATCH, dim=SIZE, n_channels=1, shuffle=SHUFFLE) inp = layers.Input(shape=(*SIZE, 1)) x = layers.Conv2D(filters=549, kernel_size=(5,5), padding="same", activation="relu")(inp) x = layers.BatchNormalization()(x) x = layers.Conv2D(filters=549, kernel_size=(3, 3), padding="same", activation="relu")(x) x = layers.BatchNormalization()(x) x = layers.Conv2D(filters=549, kernel_size=(1, 1), padding="same", activation="relu")(x) x = layers.BatchNormalization()(x) x = layers.Conv2D(filters=549, kernel_size=(3, 3), padding="same", activation="sigmoid")(x) model = Model(inp, x) model.compile(loss=tf.keras.losses.binary_crossentropy, optimizer=Adam()) model.summary() ``` Sagemaker and EC2 are running tensorflow 2.7.1. The EC2 instance is p3.2xlarge with Deep Learning AMI GPU TensorFlow 2.7.0 (Amazon Linux 2) 20220607. The SageMaker notebook is using ml.p3.2xlarge and I am using the conda_tensorflow2_p38 kernel. The notebook is in an FSx Lustre file system that is mounted to both SageMaker and EC2 so it is definitely the same code running on both machines. nvidia-smi output on SageMaker: ``` +-----------------------------------------------------------------------------+ | NVIDIA-SMI 510.47.03 Driver Version: 510.47.03 CUDA Version: 11.6 | |-------------------------------+----------------------+----------------------+ | GPU Name Persistence-M| Bus-Id Disp.A | Volatile Uncorr. ECC | | Fan Temp Perf Pwr:Usage/Cap| Memory-Usage | GPU-Util Compute M. | | | | MIG M. | |===============================+======================+======================| | 0 Tesla V100-SXM2... On | 00000000:00:1E.0 Off | 0 | | N/A 37C P0 24W / 300W | 0MiB / 16384MiB | 0% Default | | | | N/A | +-------------------------------+----------------------+----------------------+ +-----------------------------------------------------------------------------+ | Processes: | | GPU GI CI PID Type Process name GPU Memory | | ID ID Usage | |=============================================================================| | No running processes found | +-----------------------------------------------------------------------------+ ``` nvidia-smi output on EC2: ``` +-----------------------------------------------------------------------------+ | NVIDIA-SMI 510.47.03 Driver Version: 510.47.03 CUDA Version: 11.6 | |-------------------------------+----------------------+----------------------+ | GPU Name Persistence-M| Bus-Id Disp.A | Volatile Uncorr. ECC | | Fan Temp Perf Pwr:Usage/Cap| Memory-Usage | GPU-Util Compute M. | | | | MIG M. | |===============================+======================+======================| | 0 Tesla V100-SXM2... On | 00000000:00:1E.0 Off | 0 | | N/A 42C P0 51W / 300W | 2460MiB / 16384MiB | 0% Default | | | | N/A | +-------------------------------+----------------------+----------------------+ +-----------------------------------------------------------------------------+ | Processes: | | GPU GI CI PID Type Process name GPU Memory | | ID ID Usage | |=============================================================================| | 0 N/A N/A 11802 C /bin/python3.8 537MiB | | 0 N/A N/A 26391 C python3.8 1921MiB | +-----------------------------------------------------------------------------+ ``` The model.summary() output on SageMaker is: ```python Model: "model" _________________________________________________________________ Layer (type) Output Shape Param # ================================================================= input_1 (InputLayer) [(None, 549, 549, 1)] 0 conv2d (Conv2D) (None, 549, 549, 1) 7535574 batch_normalization (BatchN (None, 549, 549, 1) 4 ormalization) conv2d_1 (Conv2D) (None, 549, 549, 1) 2713158 batch_normalization_1 (Batc (None, 549, 549, 1) 4 hNormalization) conv2d_2 (Conv2D) (None, 549, 549, 1) 301950 batch_normalization_2 (Batc (None, 549, 549, 1) 4 hNormalization) conv2d_3 (Conv2D) (None, 549, 549, 1) 2713158 ================================================================= Total params: 13,263,852 Trainable params: 13,263,846 Non-trainable params: 6 ``` The model.summary() output on EC2 is (notice the shape change): ```python Model: "model" _________________________________________________________________ Layer (type) Output Shape Param # ================================================================= input_1 (InputLayer) [(None, 549, 549, 1)] 0 conv2d (Conv2D) (None, 549, 549, 549) 14274 batch_normalization (BatchN (None, 549, 549, 549) 2196 ormalization) conv2d_1 (Conv2D) (None, 549, 549, 549) 2713158 batch_normalization_1 (Batc (None, 549, 549, 549) 2196 hNormalization) conv2d_2 (Conv2D) (None, 549, 549, 549) 301950 batch_normalization_2 (Batc (None, 549, 549, 549) 2196 hNormalization) conv2d_3 (Conv2D) (None, 549, 549, 549) 2713158 ================================================================= Total params: 5,749,128 Trainable params: 5,745,834 Non-trainable params: 3,294 _________________________________________________________________ ``` One other thing that is interesting, if I change my model on the EC2 instance to: ```python inp = layers.Input(shape=(*SIZE, 1)) x = layers.Conv2D(filters=1, kernel_size=(5,5), padding="same", activation="relu")(inp) x = layers.BatchNormalization()(x) x = layers.Conv2D(filters=1, kernel_size=(3, 3), padding="same", activation="relu")(x) x = layers.BatchNormalization()(x) x = layers.Conv2D(filters=1, kernel_size=(1, 1), padding="same", activation="relu")(x) x = layers.BatchNormalization()(x) x = layers.Conv2D(filters=1, kernel_size=(3, 3), padding="same", activation="sigmoid")(x) model = Model(inp, x) model.compile(loss=tf.keras.losses.binary_crossentropy, optimizer=Adam()) ``` My model.summary() output becomes: ```python Model: "model_2" _________________________________________________________________ Layer (type) Output Shape Param # ================================================================= input_3 (InputLayer) [(None, 549, 549, 1)] 0 conv2d_8 (Conv2D) (None, 549, 549, 1) 26 batch_normalization_6 (Batc (None, 549, 549, 1) 4 hNormalization) conv2d_9 (Conv2D) (None, 549, 549, 1) 10 batch_normalization_7 (Batc (None, 549, 549, 1) 4 hNormalization) conv2d_10 (Conv2D) (None, 549, 549, 1) 2 batch_normalization_8 (Batc (None, 549, 549, 1) 4 hNormalization) conv2d_11 (Conv2D) (None, 549, 549, 1) 10 ================================================================= Total params: 60 Trainable params: 54 Non-trainable params: 6 _________________________________________________________________ ``` In the last model the shape is similar to SageMaker but the trainable parameters are very low. Any ideas as to why the output shape is different and why this is happening with the filters? When I run this model on my personal computer, the shape is the same as EC2. I think there might be an issue with SageMaker.
0
answers
0
votes
8
views
asked 13 days ago

Error SSH from LinuxBastion to EC2 instance running IBM-mq

I just started trying AWS. I have 2 EC2 instances running. One is LinuxBastion and the other is ibm-mq. I can use Putty on my Windows laptop to SSH into LinuxBastion. According to document, I have to use agent forwarding to SSH from LinuxBastion to ibm-mq because it is in the private subnet. On my LinuxBastion session, I got error "Permission denied (publickey)". Console output is shown below. [ec2-user@ip-10-0-149-123 ~]$ ssh -v -A 10.0.54.158 OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 58: Applying options for * debug1: Connecting to 10.0.54.158 [10.0.54.158] port 22. debug1: Connection established. debug1: identity file /home/ec2-user/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /home/ec2-user/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/ec2-user/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/ec2-user/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/ec2-user/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/ec2-user/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/ec2-user/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/ec2-user/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.5 debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.5 pat OpenSSH* compat 0x04000000 debug1: Authenticating to 10.0.54.158:22 as 'ec2-user' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none debug1: kex: curve25519-sha256 need=64 dh_need=64 debug1: kex: curve25519-sha256 need=64 dh_need=64 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ecdsa-sha2-nistp256 SHA256:10R5udxzE60Uxw4p2pxVQOKm1NHt2IILwkATTqFwOdo debug1: Host '10.0.54.158' is known and matches the ECDSA host key. debug1: Found key in /home/ec2-user/.ssh/known_hosts:1 debug1: rekey after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 134217728 blocks debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521> debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/ec2-user/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /home/ec2-user/.ssh/id_dsa debug1: Trying private key: /home/ec2-user/.ssh/id_ecdsa debug1: Trying private key: /home/ec2-user/.ssh/id_ed25519 debug1: No more authentication methods to try. Permission denied (publickey).
2
answers
0
votes
19
views
asked 13 days ago

EC2 instances unhealthy when created via ASG using cdk.

I am creating an ASG which will have a classical load balancer . The desired number of instances is 5 , I am starting the asg creation using a userdata but even after experimenting multiple times the load balancer shows unhealthy hosts,i changed the subnet type of the vpc as public but the number of healthy host for the elb remains 0 . Below is the code segment ``` Vpc vpc=new Vpc(this,"MyVPC"); AutoScalingGroup asg = AutoScalingGroup.Builder.create(this,"AutoScalingGroup").vpcSubnets(SubnetSelection.builder() .subnetType(SubnetType.PUBLIC) .build()).vpc(vpc).instanceType(InstanceType.of(InstanceClass.BURSTABLE2, InstanceSize.MICRO)) .machineImage(new AmazonLinuxImage()).minCapacity(1).desiredCapacity(5).maxCapacity(10).build(); asg.addUserData("#!/bin/bash\n" + "# Use this for your user data (script from top to bottom)\n" + "# install httpd (Linux 2 version)\n" + "yum update -y\n" + "yum install -y httpd\n" + "systemctl start httpd\n" + "systemctl enable httpd\n" + "echo \"<h1>Hello World from $(hostname -f)</h1>\" > /var/www/html/index.html"); LoadBalancer loadbalancer=LoadBalancer.Builder.create(this,"ElasticLoadBalancer").vpc(vpc).internetFacing(Boolean.TRUE).healthCheck(software.amazon.awscdk.services.elasticloadbalancing.HealthCheck.builder().port(80).build()) .build(); loadbalancer.addTarget(asg); ListenerPort listenerPort = loadbalancer.addListener(LoadBalancerListener.builder().externalPort(80).build()); ``` Also the instances those are created by default via ASG cannot be accessed on the web(by hitting their public IP) even after changing the security groups or making them all in a public subnet they are not accessible from instance connect,neither the load balancer shows these hosts healthy
1
answers
0
votes
16
views
asked 14 days ago

ECS Capacity Provider Auto-Scaler Instance Selection

Hello, I am working with AWS ECS capacity providers to scale out instances for jobs we run. Those jobs have a large variation in the amount of memory that is needed per ECS task. Those memory needs are set at the task and container level. We have a capacity provider that is connected to an EC2 auto scaling group (asg). The asg has the instance selection so that we specify instance attributes. Here we gave it a large range for memory and cpu, and it shows hundreds of possible instances. When we run a small job (1GB of memory) it scales up a `m5.large` and `m6i.large` instance and the job runs. This is great because our task runs but the instance it selected is much larger than our needs. We then let the asg scale back down to 0. We then run a large job (16GB) and it begins scaling up. But it starts the same instance types as before. The instance types have 8GB of memory when our task needs double that on a single instance. In the case of the small job I would have expected the capacity provider to scale up only 1 instance that was closer in size to the memory needs to the job (1GB). And for the larger job I would have expected the capacity provider to scale up only 1 instance that had more than 16GB of memory to accommodate the job (16GB). Questions: * Is there a way to get capacity providers and autoscaling groups to be more responsive to the resource needs of the pending tasks? * Are there any configs I might have wrong? * Am I understanding something incorrectly? Are there any resources you would point me towards? * Is there a better approach to accomplish what I want with ECS? * Is the behavior I outlined actually to be expected? Thank you
1
answers
0
votes
18
views
asked 14 days ago

EC2 instance stuck at boot with not enough space. Can't log it via SSH (not responsive enough to connect). What can I do?

The instance is running cloudron from marketplace. I had not enough space left to back up apps in cloudron neither update. So here's what I did : Changed the attached volume to 40 gb instead of 20, in Amazon AWS Came back to cloudron. Was still showing 20gb. 127 mb left. Rebooted the machine using cloudron admin Nothing.. Rebooted in AWS.. nothing. Not responding but booting. I managed to get logs after a successfull boot in a really unstable Cloudron admin. AWS says instance is online. But I can't log it via SSH (not responsive enough to connect). What can I do? ` 2022-06-14T15:27:45.621Z box:server ========================================== 2022-06-14T15:27:45.622Z box:server Cloudron 7.1.4 2022-06-14T15:27:45.622Z box:server ========================================== 2022-06-14T15:27:45.840Z box:settings initCache: pre-load settings 2022-06-14T15:27:45.884Z box:tasks stopAllTasks: stopping all tasks 2022-06-14T15:27:45.885Z box:shell stopTask spawn: /usr/bin/sudo -S /home/yellowtent/box/src/scripts/stoptask.sh all 2022-06-14T15:27:45.970Z box:shell stopTask (stdout): sudo: unable to resolve host ip-1xx-xx-30-1xx: Name or service not known Cloudron is up and running. Logs are at /home/yellowtent/platformdata/logs/box.log 2022-06-14T15:27:46.058Z box:reverseproxy writeDashboardConfig: writing admin config for levis.app 2022-06-14T15:27:46.098Z box:shell reload spawn: /usr/bin/sudo -S /home/yellowtent/box/src/scripts/restartservice.sh nginx 2022-06-14T15:27:46.131Z box:shell reload (stdout): sudo: unable to resolve host ip-1xx-xx-30-1xx: Name or service not known 2022-06-14T15:27:46.312Z box:cloudron onActivated: running post activation tasks 2022-06-14T15:27:46.312Z box:platform initializing addon infrastructure 2022-06-14T15:27:46.314Z box:platform platform is uptodate at version 49.0.0 2022-06-14T15:27:46.314Z box:platform onPlatformReady: platform is ready. infra changed: false 2022-06-14T15:27:46.314Z box:apps schedulePendingTasks: scheduling app tasks 2022-06-14T15:27:46.352Z box:cron startJobs: starting cron jobs 2022-06-14T15:27:46.383Z box:cron backupConfigChanged: schedule 00 00 23 * * * (America/Toronto) 2022-06-14T15:27:46.390Z box:cron autoupdatePatternChanged: pattern - 00 00 1,3,5,23 * * * (America/Toronto) 2022-06-14T15:27:46.392Z box:cron Dynamic DNS setting changed to false 2022-06-14T15:27:46.393Z box:dockerproxy startDockerProxy: started proxy on port 3003`
1
answers
0
votes
34
views
asked 15 days ago

ECS services not scaling in (scale in protection is disabled)

Hello. I've an ECS cluster (EC2 based) attached to a CSP. The service scaling out is OK, but it isn't scaling IN. And I've already checked the scale in protection and it's disabled (Disable Scale In: false) Description of the environment: - 1 cluster (ec2-based), 2 services - Services are attached to an ALB (registering and deregistering fine) - Services are with autoscaling enabled, checking memory (above 90%), NO scale in protection,1 task minimum, 3 tasks max. - Services are using a Capacity Service provider, apparently working as intended: it's creating new EC2 instances when new tasks are provisioned and dropping when they're with 0 tasks running, registering and deregistering as expected. - The cloudwatch alarms are working fine, Alarming when expected (with Low and High usages) Description of the test and what's "not working": - Started with 1 task for each service and 1 instance for both services. - I've managed to enter one of the containers and run a memory test, increasing its usage to over 90% - The service detected it and asked for the provision of a new task. - There were no instances that could allocate the new task, so the ECS asked for the CSP/Auto Scaling Group a new ec2 instance - The new instance was provisioned, registered in the cluster and ran the new task. - The service's memory usage avg. decreased from ~93% to ~73% (average from the sum of both tasks) - All's fine, the memory stress ran for 20 minutes. - After the memory stress was over, the memory usage dropped to ~62% - The cloudwatch alarm was triggered (maybe even before, when it was with 73% usage, I didn't check it) - The service is still running 2 tasks right now (after 3 hours or more) and it's not decreasing the Desired Count from 2 to 1. Is there anything that I'm missing here? I've already done a couple of tests, trying to change the service auto scaling thresholds and other configurations, but nothing is changing this behaviour. Any help would be appreciated. Thanks in advance.
1
answers
0
votes
23
views
asked 15 days ago
  • 1
  • 90 / page