使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Lightsail-EC2 peering: can't connect to spot instances

0

Hi, In the Lightsail console, I have enabled VPC peering to my default VPC in EC2 service which has a single public subnet. Both (Lightsail and EC2 networks) are in the same region. Using private IPs I can reach from Lightsail machines EC2's on-demand instances and vice-versa. However, what doesn't work is access from Lightsail machines to the spot instances. The spot instances are created in the mentioned public subnet. Does it require any extra configuration? The spot instances can be accessed without issue from the EC2's on-demand machines.

主題
網路與內容交付運算
標籤
Amazon VPCAmazon LightsailSpot 執行個體
語言
English
adrianf0
已提問 1 年前檢視次數 287 次
1 個回答
0
已接受的答案

AWS VPC peering between Lightsail and EC2 instances should work in a similar way for both On-Demand and Spot Instances, assuming all are launched in the same VPC. This includes all EC2 instance types, including spot instances. Here are a few troubleshooting steps you can try:

  1. Check Spot Instance Security Group Rules: The first thing to check is the security group rules associated with your spot instances. Ensure that you have inbound rules that allow traffic from the CIDR blocks of your Lightsail VPC or Lightsail instance. Also, double-check the outbound rules of your Lightsail instances.

  2. Check Network ACLs: Network ACLs operate at the subnet level, so it's possible that the subnet that your spot instances are in has different rules than the subnet for your on-demand instances. Verify that your Network ACLs allow traffic to and from the Lightsail VPC.

  3. Verify Route Tables: Check the route tables associated with the subnet your spot instances are in. The route tables need to have an entry that allows traffic to flow between the Lightsail and EC2 VPCs.

  4. Check IP Addressing: Make sure you are indeed using the private IP address of the Spot Instances. While it might seem obvious, it can be easy to get mixed up when you are dealing with many instances.

  5. Instance State: It's possible that the spot instance got terminated due to market conditions (i.e., the spot price went above your bid). In this case, the instance would no longer exist to connect to. So, double-check your Spot instances' state.

  6. Try Traceroute: If you are still having problems, you can try using a traceroute from the Lightsail instance to the Spot Instance to see if that gives you any more information on where the packets are getting lost.

Remember, VPC Peering is a one-to-one relationship between two VPCs. You can create multiple VPC peering connections for each VPC that you own, but transitive peering is not allowed. This means that if VPC A is peered with VPC B and VPC B is peered with VPC C, VPC A is not implicitly peered with VPC C. Make sure this is not the case in your setup.

If the answer is helpful, please click "Accept Answer" and upvote it.

profile picture
專家
Ivan Casco
已回答 1 年前
profile picture
專家
Riku_Kobayashi
已審閱 1 年前
  • adrianf0
    1 年前

    Instance Security Group Rules - I forgot about those. Thank you!

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容