I have an ec2 instance which is serving backend-logic for my application and it is not part of a CloudFormation stack. I wanted to create a new stack with new VPC and Subnet and Security group and Autoscaling group which launch an ec2 instance based on the AMI of the former ec2 instance i mentioned before. I created the CDK app and deployed it. But all the requests to any endpoint is failing with Error: connect ECONNREFUSED
I don't know how to troubleshoot this issue., or how to identify where the issue is.
The new ec2 instance which is launched from the CDK app is based on the AMI of the former ec2 instance. what might be wrong ?
Troubleshooting I have done :
1- Security Group Rules: I ensured that the security group attached to my EC2 instance allows inbound traffic for HTTP traffic on port 80.
2- Ensured that the subnet in which my ec2 instance resides has a route to an internet gateway. ( ec2 instance is in a public subnet) and also pinged a sample URL and received a response.
I am using the ec2.GenericLinuxImage API to create the new ec2 instance
const asg= new autoscaling.AutoScalingGroup(this,'autoscaling-cdk',{
vpc,
associatePublicIpAddress:true,
instanceType:ec2.InstanceType.of(ec2.InstanceClass.T3A,ec2.InstanceSize.SMALL),
keyName:.....................,
machineImage:new ec2.GenericLinuxImage({'region':'ami-ID'}),
securityGroup,
vpcSubnets:{subnetType:ec2.SubnetType.PUBLIC},
desiredCapacity:......
})
Note :
1- the ec2 instance launched from CDK code is launched in a region that is different from the source ec2 which the AMI is based on , and there is an RDS instance involved which happens to be in the same region & VPC of the Source Ec2 instance which the AMI is based on. Do I need to create a VPC Peering
taking into consideration that at time of testing the new ec2 instance I was allowing all inbound traffic in the RDS instance.
AWS 官方已更新 2 年前