Cannot attach EBS to EC2 when instance is in specific subnet

0

Hello gurus! I have two private subnets A and B in the same AZ. I have also created an EBS volume in the same AZ. When I create an EC2 instance in subnet A I am able to use aws-cli to attach the volume. However, when creating an instance in subnet B, the "aws ec2 attach-volume..." results in a "Connect timeout..." error message. Note: The EBS volume is not attached to the instance in A when trying to attach it to the instance in B.

I am using Terraform for provisioning of the EC2 instance, including security group creation and instance profile. The only thing I am altering when trying subnet A vs B is the subnet. Nothing else is different.

When looking at the two subnets in AWS Console, they are identical, except for the CIDR, They are connected to separate NAT GWs and routing tables "of their own"

What am I missing?

Best regards Vidar Evenrud Seeberg

  • are you 100 Sure the 2nd EC2 is in the same AZ as the volume?

已提问 1 年前341 查看次数
5 回答
1
已接受的回答

Problem solved; I NATed to the same private subnet... :D. Don't ask me why... Sorry for troubling you @Tom-B and @kentrad. I was not thorough enough when I inspected the NAT first time. Have a nice weekend!

已回答 1 年前
1

The "Connection timeout ...." message leads me to believe that the routing for subnet B is not quite right. That is assuming you are running the aws ec2 attach-volume... command from the instance in subnet B. The CLI can't communicate with the EC2 service.

profile pictureAWS
专家
kentrad
已回答 1 年前
0

@gary: yes, they are both in eu-west-1a

已回答 1 年前
0

If you're getting a connection timeout error, I would start by checking that you can reach the ec2 API endpoint from your host by running:

ping ec2.eu-west-1.amazonaws.com

If the ping times out. I'd suggest reviewing your routing tables, security groups and Network ACL's.

AWS
Tom-B
已回答 1 年前
0

Thank you for good suggestions about routing etc @Tom-B and @kentrad. I have looked thoroughly at the routing tables, and to me, they look the same, but I may have missed something. I will have another look tonight and report back. Time for cooking dinner now :)

已回答 1 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则