Troubleshooting Flashcards
EC2 Troubleshooting – Connectivity issues to an EC2 instance
Correct ports on the security group are may not be open.
Cannot attach an EBS volume to an EC2 instance
EBS volumes must live in the same AZ as EC2 instance.
create a snapshot from volume and launch volume in the correct AZ.
Cannot launch additional instances
probably reached the EC2 limit and need to contact AWS to increase limit.
Unable to download package updates
EC2 may not have a public/EIP address, or desnot belong to a public subnet
Applications seeming to slow down on T2 micro instances
t2 micro instances utilized CPU credits(for “burstable” processing). so chances are your application is using too much processing power and needs a larger instance or different instance type.
AMI upavailable in other regions
AMI are only available in the regions that they are created.
an AMI can be copied to another region but will receive a new AMI id.
Capacity error when attempting to launch an instance in a placement group
start and stop all the instances in the placement group(AWS tries to locate them as close as possible).
New EC2 instances are not automatically being assigned a public IP address
auto-assign public IP setting on the subnet is checked.
NAT gateway is configured but instances inside a private subnet still cannot download packages
Need to add 0.0.0.0/0 route to the NAT gateway on the route table for private subnets.
Traffic is not making it to the instances even though security group rules are correct
check the NACL to ensure the proper ports from the proper sources are open(also check your IGW and route table settings).
Error when attempting to attach multiple internet gateways to a VPC
Only one internet gateway can be attached to a VPC at any given time.
error when attempting to attach multiple Virtual Private gateways to a VPC
only one virtual private gateway can be attached to a VPC at any given time.
VPC Security group for EC2 instnace does not have enough rules for the required application
Assign the EC2 instance to multiple Security groups.
Cannot SSH/communicate with resources inside of a private subnet.
not set up a VPN or not connected to Bastion host within the VPC to launch a connection from.
Successful site to site VPN connection but unable to access extended resources
need to add on-premise routes to the Virtual Private Gateway route table
Failure to create a VPC peering connection between two VPC’s in different regions
Previously peering connection has to between 2 VPC’s in the same region. But VPC can now be connected across regions.
Load balancing is not occurring between instances in multiple availability zones
Make sure “Enable Cross-Zone load balancing” has been selected.
Instances are healthy but are not registering as healthy with the ELB
Check configuration for the “health check” to make sure you have selected the proper ping protocol, ping port, and pig path.
ELB is configured to listen on port 80, but traffic is not making it to the instances that belong to the ELB
may have mistaken the “Listener” for the security group. Listeners are not the same as the security group rules, port 80 still needs to be open on the security group that the ELB is using.
Access logs on web servers show IP address of the E<b></b>
Enable Access Logs to Amazon s3.
Unable to add instances from a specific subnet to the ELB
MOST LIKELY THE SUBNET THAT THE INSTANCE lives in has not been added to the ELBs configuration.
Auto Scaled instance continues to start and stop in short intervals
scale-up and scale-down thresholds may be too close to each other. Either raise the scale-up or lower the scale-down thresholds.
Auto scaling does not occur even though scaling policies are configured correctly
The “max” number of instances set in the auto scaling group may have been reached.
If you are unable to download software packages to an EC2 instance, that means you have definitely provisioned it in a private subnet.
There can be many reasons why you cannot download software packages besides the instance being provisioned in a private subnet. For example, creating an instance without a public IP address or not having the proper ports open on the security group can cause issues downloading software.
