SSH到EC2实例超时

分享于 

4分钟阅读

互联网

  繁體

问题:

我创建了一个AWS EC2实例以在其上设置Prometheus,创建了一个新的ssh密钥对,并使用terraform进行了配置,我使用的实例类型为"t3.large",并且SSD磁盘为120GB,操作系统为Ubuntu 18.04。 ,并且我可以正常使用ssh进入实例。直到现在一切正常。

我得到以下问题:


ssh: connect to host [ip] port 22: Connection timed out




provider "aws" {


 profile = "default"


 region = "eu-west-1"


}



resource "aws_key_pair" "ubuntu" {


 key_name = "ubuntu"


 public_key = file("ubuntu.pem.pub")


}



resource "aws_security_group" "ubuntu" {


 name = "ubuntu-security-group"


 description = "Allow HTTP, HTTPS and SSH traffic"



 ingress {


 description = "SSH"


 from_port = 22


 to_port = 22


 protocol = "tcp"


 cidr_blocks = ["0.0.0.0/0"]


 }



 ingress {


 description = "HTTPS"


 from_port = 443


 to_port = 443


 protocol = "tcp"


 cidr_blocks = ["0.0.0.0/0"]


 }



 ingress {


 description = "HTTP"


 from_port = 80


 to_port = 80


 protocol = "tcp"


 cidr_blocks = ["0.0.0.0/0"]


 }



 ingress {


 description = "HTTP"


 from_port = 3000


 to_port = 3000


 protocol = "tcp"


 cidr_blocks = ["0.0.0.0/0"]


 }



 ingress {


 description = "HTTP"


 from_port = 9090


 to_port = 9090


 protocol = "tcp"


 cidr_blocks = ["0.0.0.0/0"]


 }



 ingress {


 description = "HTTP"


 from_port = 9100


 to_port = 9100


 protocol = "tcp"


 cidr_blocks = ["0.0.0.0/0"]


 }



 egress {


 from_port = 0


 to_port = 0


 protocol = "-1"


 cidr_blocks = ["0.0.0.0/0"]


 }



 tags = {


 Name = "terraform"


 }


}



resource "aws_instance" "ubuntu" {


 key_name = aws_key_pair.ubuntu.key_name


 ami = "ami-0dc8d444ee2a42d8a"


 instance_type = "t3.large"



 tags = {


 Name = "ubuntu-prometheus"


 }



 vpc_security_group_ids = [


 aws_security_group.ubuntu.id


 ]



 connection {


 type = "ssh"


 user = "ubuntu"


 private_key = file("key")


 host = self.public_ip


 }



 ebs_block_device {


 device_name = "/dev/sda1"


 volume_type = "gp2"


 volume_size = 120


 }


}



resource "aws_eip" "ubuntu" {


 vpc = true


 instance = aws_instance.ubuntu.id


}





答案1:

解决方案是创建新的EC2实例并将旧EC2实例的卷挂载到这个新创建的实例。

按如下方式列出可用磁盘:


buntu@ip-172-31-27-78:~$ lsblk


NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT


loop0 7:0 0 97.8M 1 loop /snap/core/10185


loop1 7:1 0 28.1M 1 loop /snap/amazon-ssm-agent/2012


nvme0n1 259:0 0 120G 0 disk 


└─nvme0n1p1 259:1 0 120G 0 part /


nvme1n1 259:2 0 120G 0 disk 


└─nvme1n1p1 259:3 0 120G 0 part 



在此将分区挂载到目录之后:


$ sudo mkdir /data


$ sudo mount /dev/nvme1n1p1 /data/



现在你可以访问卷文件,以便允许ssh访问编辑位于目录user.rulesuser6.rules中的文件/data/etc/ufw和行:


#user.rules


-A ufw-user-input -p tcp --dport 22 -j ACCEPT


-A ufw-user-input -p udp --dport 22 -j ACCEPT




user6.rules


-A ufw6-user-input -p tcp --dport 22 -j ACCEPT


-A ufw6-user-input -p udp --dport 22 -j ACCEPT





时间  SSH  Instance  ec2  Timed  
相关文章