CODEWITHSUNDEEP
amazon-web-servicesamazon-ec2amazon-elastic-beanstalkterraform
sdgfsdh
sdgfsdh

Reputation: 37121

Elastic Beanstalk fails to launch in custom VPC and subnet

My Elastic Beanstalk env fails to launch due to connectivity between the EC2 and Elastic Beanstalk:

 Error: Error waiting for Elastic Beanstalk Environment (e-xxxxxxxxxx) to become ready: 2 errors occurred:

    * 2021-02-16 11:00:21.529 +0000 UTC (e-xxxxxxxxxx) : 
            Stack named 'awseb-e-xxxxxxxxxx-stack' aborted operation. Current state: 'CREATE_FAILED'  
            Reason: The following resource(s) failed to create: [AWSEBInstanceLaunchWaitCondition].

    * 2021-02-16 11:00:21.662 +0000 UTC (e-xxxxxxxxxx) : 
            The EC2 instances failed to communicate with AWS Elastic Beanstalk, either because of configuration problems with the VPC or a failed EC2 instance. Check your VPC configuration and try launching the environment again.

However, I can SSH into the EC2 instance, where I find the following:

$ tail /var/log/eb-cfn-init.log 
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:--  0:02:09 --:--:--     0curl: (7) Failed to connect to elasticbeanstalk-platform-assets-eu-west-2.s3.eu-west-2.amazonaws.com port 443: Connection timed out
+ RESULT=7
+ [[ 7 -ne 0 ]]
+ sleep_delay
+ ((  40 < 3600  ))
+ echo Sleeping 40
Sleeping 40
+ sleep 40

This error surprises me, because I have an S3 VPC endpoint in this VPC:

resource "aws_vpc_endpoint" "s3_endpoint_public" {
  vpc_id       = aws_vpc.main.id
  service_name = "com.amazonaws.${var.aws_region}.s3"
}

resource "aws_vpc_endpoint_route_table_association" "s3_public_route_table_association" {
  route_table_id  = aws_route_table.public.id
  vpc_endpoint_id = aws_vpc_endpoint.s3_endpoint_public.id
}

How can I debug / fix my Elastic Beanstalk environment?

Route table / subnet configuration

resource "aws_route_table" "public" {
  vpc_id = aws_vpc.main.id
}

resource "aws_route_table_association" "public_a" {
  route_table_id = aws_route_table.public.id
  subnet_id      = aws_subnet.public_c.id
}

resource "aws_route_table_association" "public_b" {
  route_table_id = aws_route_table.public.id
  subnet_id      = aws_subnet.public_c.id
}

resource "aws_route_table_association" "public_c" {
  route_table_id = aws_route_table.public.id
  subnet_id      = aws_subnet.public_c.id
}

resource "aws_internet_gateway" "public" {
  vpc_id = aws_vpc.main.id
}

resource "aws_route" "public_internet" {
  route_table_id = aws_route_table.public.id
  gateway_id     = aws_internet_gateway.public.id

  destination_cidr_block = "0.0.0.0/0"
}

Upvotes: 2

Views: 5345

Answers (2)

Caio Paulucci
Caio Paulucci

Reputation: 1

At that moment, we verified that amazon unchecks the public ip option and the machine cannot access https://elasticbeanstalk-platform-assets-us-east-1.s3.amazonaws.com/stalks/eb_docker_amazon_linux_2_1.0.2471.0_20230327194222/ lib/UserDataScript.sh , thus causing a problem in docker. What you need to do is put the machine with internet access.

Upvotes: 0

sdgfsdh
sdgfsdh

Reputation: 37121

Ensure that the subnets are associated with a route table, and that the route table has an internet gateway.

Upvotes: 1

Related Questions