AWS create vpc and launch instance

4
votes

I trying to launch a ec2 instance and login through ssh. I had accidentally deleted the deafaul vpc and hence creating a vpc from scratch to do this. I have created a VPC with 10.0.0.0/16 VPC CIDR and 10.0.0.0/24 as subnet and also created a gateway. A have also modified the routing table to this.

10.0.0.0/16 local

0.0.0.0/0 igw-xxxx

I have picked a ubuntu ami and launched it in my vpc and assigned an elastic ip to the instance.

I have a public ip assigned to my instance and the security group has port 22 open as well. I am able to ping this public ip but when i try to ssh into the ec2 instance with

ssh -i access.pem [email protected]

my connection times out, am I missing anything in the configuration ?

1
amazon-web-servicessshamazon-ec2amazon-vpc
I haven't used ubuntu but with suse, it creates a user 'ec2-user' and attaches the keypair. You could try login to [email protected]. hth. - Dinesh
ubuntu is the default user for ubuntu ami's and I have a connection time out, not an authentication error - Diadara

1 Answers

5
votes

Recently, I have played with such configuration. Below is my notes (this worked for me), check if you didn't miss something. It looks like something wrong with security group if you can ping instance IP, but can't connect via ssh. I would also check different AMI.

Create VPC

$ vpcId=`aws ec2 create-vpc --cidr-block 10.0.0.0/24 --query 'Vpc.VpcId' --output text` $$ echo $vpcId
vpc-xxxxxxxx

Enable DNS resolution within VPC

$ aws ec2 modify-vpc-attribute --vpc-id $vpcId --enable-dns-support "{\"Value\":true}"
$ aws ec2 modify-vpc-attribute --vpc-id $vpcId --enable-dns-hostnames "{\"Value\":true}"

Create default gateway for created VPC

$ internetGatewayId=`aws ec2 create-internet-gateway --query 'InternetGateway.InternetGatewayId' --output text` && echo $internetGatewayId
igw-yyyyyyy
$ aws ec2 attach-internet-gateway --internet-gateway-id $internetGatewayId --vpc-id $vpcId

Create subnet in VPC

$ subnetId=`aws ec2 create-subnet --vpc-id $vpcId --cidr-block 10.0.0.0/24 --query 'Subnet.SubnetId' --output text` && echo $subnetId
subnet-zzzzzzz

Configure routing table

$ routeTableId=`aws ec2 create-route-table --vpc-id $vpcId --query 'RouteTable.RouteTableId' --output text` && echo $routeTableId

$ aws ec2 associate-route-table --route-table-id $routeTableId --subnet-id $subnetId

$ aws ec2 create-route --route-table-id $routeTableId --destination-cidr-block 0.0.0.0/0 --gateway-id $internetGatewayId

Create security group and open port 22 to any connection

$ securityGroupId=`aws ec2 create-security-group --group-name ec2-dev-secgroup --description "security group" --vpc-id $vpcId --query 'GroupId' --output text` && echo $securityGroupId
sg-xyzyzyz

$ aws ec2 authorize-security-group-ingress --group-id $securityGroupId --protocol tcp --port 22 --cidr 0.0.0.0/0

Create ssh keys

aws ec2 create-key-pair --key-name ec2-dev --query 'KeyMaterial' --output text > ~/.ssh/ec2-dev.pem

chmod 400 ~/.ssh/ec2-dev.pem

Create EC2 instance

$ instanceId=`aws ec2 run-instances --image-id ami-ecd5e884 --count 1 --instance-type t2.micro --key-name ec2-dev --security-group-ids $securityGroupId --subnet-id $subnetId --associate-public-ip-address --query 'Instances[0].InstanceId' --output text`

ssh -i .ssh/ec2-dev.pem [email protected]