Window server instance reachability health check is failing - aws-ec2-instance-connect

I am trying to move windows active directory server from one region to another region but i am finding instance health failing issue.I have followed below steps
Take image of the server running in one region (T2.medium)
Launch the instance from AMI in separate vpc in same region and instance health check is failing.
3.system log showing blank error.
4.I tried to attach secondary network interface and restart the machine and it passing health check.could anyone help on fixing this issue

Related

Shared VPC Interconnect

I have configured an Interconnect connection to my on-premise network and it is working perfectly. Now I want to shared this connection to other VPCs and I enabled the shared VPC option, my project is as host and the second project is as service.
The problem I have is when I tried to configured the shared-interconnect in the service project I got the message:
The resource 'projects/host-project-name/global/interconnects/xxxxxxx' was not found.
Now, on my host project I don't see the interconnect name I only see the attached vlans which are both up.
I also ran the command on the shell, but I did not get any result:
ricardo_ramos#cloudshell:~ (hosting-project-name)$ gcloud compute interconnects list
Listed 0 items.
Any thoughts about this? someone had the same issue before?
Thanks in advance,
Ricardo.

AWS EC2 instance created from AMI don't works (Error 504) - WEBb don't run

I'm new on AWS but I read a lot of documentation to create, launch and image instances. Now I have a client that use AWS and have 2 instances EC2 runing commercial web sites (using Nginx and MySQL in Amazon RDS and Wordpress).
I need to create clones of this websites to have a Q.A. ambient. I try creating images from these instances and launching new instances with this, but this don't work. When I Try to visit the website clone using the IP of the instance, that shows a 504 error. (The idea is to have two instances ready to use with the same website. One for visitors use and another to do testes, updates, changes or to use when the another instance crash)
The on-air website domain is ibser.org, and the new instance domain (runing now) is link to instance
Somebody may give me info that what can I do?
#Wilmar Sometimes it do happen as you have created the image successfully but due to manual setup you have to start the services inside the Instance manually.
As per the link provided, its showing 504 Gateway time out, so please check with the Security group of your newly created Instance and sometimes A corrupt WordPress database may also trigger a 504 gateway timeout error. This means may be your mysql service is not running.
So my suggestion is SHH into your New instances and check with all the required services which all need to be in running state and do check with the database.

AWS: Unable to connect Amazon QuickSight to RDS [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 3 years ago.
Improve this question
We have a few MySQL RDS instances in West-1 (N. California) and wanted to create some reports using QuickSight. First issue was that QuickSight was only available in West-2 (Oregon) and did not show our RDS, so I created a read-replica database into West-2.
I was still not able to connect to my instance, and it showed the following error:
Connection failed. Make sure your instance is accessible from the appropriate Amazon QuickSight IP address range.
I had already created a Security Group allowing IP 54.70.204.128/27 in the inbound rules and applied it to my instance. What eventually allowed me to connect to the instance was to set the 'Publicly Available' field of the instance to 'Yes'.
However, my boss prefers it to remain 'No' and we were also able to connect to the non-public instance via DOMO using MySQL SSH connection method.
Is it possible to get the connection between QuickSight and RDS working without setting Publicly Accessible to Yes?
I created a support request with AWS about this, their answer is below. I will give it a try.
Hi Alistair,
Thank you for contacting AWS Premium Support. I am happy to assist you today.
I understand that you would like to connect to your Prod RDS database from QuickSight, but you getting an error: "Not Validated". You also would like to know if there is a workaround seeing that your RDS instance in not Publicly accessible.
Amazon Web Services offers a service called CloudFormation, this service helps automate certain processes.
This service will allow your RDS instance to connect to QuickSight through a custom NAT instance. Therefore you will not have to put your Data Base in a public subnet.
Attached is a CloudFormation template (NAT_RDS_Provisioning.template), after launching the CloudFormation stack [1] an instance and a security group will be created, you then enter the required variables.
This will then give access from the source address on the source port you define to the endpoint of the EC2 instance which will then allow QuickSight to access your RDS instance server without making your RDS instance public.
To launch this CloudFormation stack please see the steps below… Please keep in mind that the region you create this in must be the same region that your database resides in.
1. From your AWS console navigate to " CloudFormation "
2. Click " create stack ", you will then be asked to Select Template, you will then select " Design template".
3. Next to Parameters - click " Mappings ", at the bottom of that page you will see: Components and Template.
4. Select " Template " and copy and paste the provided script in there. (see attached: NAT_RDS_Provisioning.template)(Please use case link below signature)
5. In the top right hand corner you will see a refresh button, click to refresh.
6. On the top left there is a square with a tick inside (clicking this validates the template).
7. Once validated - click the little cloud with the arrow in it , this will create the stack.
8. You will be taken back to the select template page, click "next" in the bottom right corner.
9. Under Specify Details, name your stack and then complete all Parameters, info on parameters provided below:
9.1 Stack name (Example: NAT-RDS-QuickSight)
9.2 DestinationAddress - Add your RDS instance Endpoint here. (That way when a fail-over occurs the endpoint should be updated in 60 seconds maximum).
9.3 DestinationPort - The service remote destination port:
9.4 InstanceType - The EC2 instance class. (The size of the NAT instance will depend on the amount of data you want to pull into QuickSight)
9.5 KeyName - Name of an existing EC2 KeyPair to enable SSH access to the instance:
9.6 SourceAddress - The source range you want to allow access from: example 0.0.0.0/0.
9.7 SourcePort - The port the service must listen on:
9.8 Subnet - a Public Subnet that is in the same VPC as your RDS instance:
10. Click " Next "
11. On the Options page - complete the desired fields and click " Next " (Optional)
12. Review all information - (Confirm the details for your NAT EC2 instance)
13. Under template you will see "Estimate cost - click on cost to give you an idea of the monthly estimate to have this service running)
14. Then select " Create " in the bottom right hand corner.
15. On the main CloudFormation Page, click "refresh" You will the notice the status of your Stack being created.
16. If you navigate to your EC2 console you will notice your NAT instance running / creating.
Please ensure that the NAT instance has access to your RDS instance, this includes Security Group settings.
This should be done by including the IP address of the NAT instance in the Security Group of the RDS instance database.
You should then be able to access the EC2 IP address and port as setup, this will then forward traffic to your Database.
When creating the above you would have seen the estimate costs involved however I have added two more links below for some more information on this and also the cost calculator for you too.
Costs will be the same as an EC2 instance, this launches the AWS Linux latest standard AMI, and throughput will be determined by the instance class [2] & [3]:
[1] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/GettingStarted.Walkthrough.html
[2] https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html
[3] https://calculator.s3.amazonaws.com/index.html
I hope the above information and solution is helpful.
Should you run into any difficulties with any of the above or if you are unsure of anything, please free to reach out to me and I will be more than happy to assist.
To see the file named 'NAT-RDS-Provisioning-Template.template' included with this correspondence, please use the case link given below the signature.
Best regards,
Delene T.
Amazon Web Services
See the provided template file content here: https://pastebin.com/m67sz4bR
Things have changed, luckily.
It is possible to connect Amazon QuickSight to a DB in RDS which is in a VPC, although the AWS docs are not clear about all the necessary steps.
Basically, follow the steps here,
https://docs.aws.amazon.com/quicksight/latest/user/working-with-aws-vpc.html
but make sure you will create TWO security groups:
Security Group for the Instance in Your VPC
Security Group for Amazon
QuickSight's Elastic Network Interface
Let’s start with the second one:
It is the one which will QuickSight assign to a network interface (ENI), which will be automatically created in your VPC to access the DB. This is the one I missed to create at first and this is the one you use to create a VPC Connection in QuickSight. The details are in the above docs in the paragraph “Security Group Rules for Amazon QuickSight's Elastic Network Interface”.
The first one looks like this:
Inbound: TCP / port according to the DB – in the case of MySQL it is “MYSQL/Aurora, TCP,
3306”, Source: the previous security group.
Do not forget to add this one to your DB instance.
Good luck.
Does your RDS Replica is in a VPC or not?
Identify first and then accordingly create a security group and attach neccessary rules to it !
I would recommend you to read Authorizing Connections from Amazon QuickSight to Amazon RDS Instances

ArangoDB - Asymmetrical clustering doesn't work

i've installed an arangodb instance on a virtual machine of Google Cloud (tcp://10.240.0.2). I would setup an asymmetrical cluster with another vm where i've installed arangodb (tcp://10.240.0.3).
I follow the official guide to config the production scenario: 1 coordinator and 1 DBServer on the same machine
I tried also a second configuration to cluster with two vm instances, but it doesn't work, showing this error in the GoogleChromeConsole :
{"error":true,"code":500,"errorNum":500,
"errorMessage":"Cannot check port on dispatcher tcp://10.240.0.3:8529"}
Here you can find the configurations that I have tried
What could be the error?
PS: I've open in the firewall the ports: 8529,8530,8629
Thanks in advance.
Daniele
Have you installed ArangoDB on both virtual machines and changed the configuration (on both) to set
[cluster]
disable-dispatcher-kickstarter = false
disable-dispatcher-frontend = false
and then restarted the database servers? I assume so, since you get "Connection OK" for both servers. Your browser would then talk to the first dispatcher, which in turn will contact the second one. The error message you get suggests that this latter step does not work, since checking ports is the first request the first dispatcher would send to the second one.
Is it possible that processes in the first VM cannot access tcp://10.240.0.3:8529 on the second VM? Maybe the respective other subnets are not routed from within the VMs?
Furthermore, when you have got this to work, you will almost certainly also need port 4001 on the first VM, because that is where our etcd (Agency) will listen. In addition, the ports 8530 and 8629 are the defaults which are tried first. If they are not usable for some reason, the dispatchers will use subsequent port numbers instead to assign them to the coordinators and DBservers. In that case you would have to open these as well, at least from the respective other VM.

Compute Engine VM instance group got wiped out?

I'm new to GCE and want to migrate my web site there. I created a VM instance group hoping. I installed all the packages and set it up a couple days ago. But today I noticed my VM instance group has a different name (postfix, to be exact), and the disk is flushed empty. Is it possible to restore its status, or at least make sure it won't get wiped out again? I'm so surprised that GCE wiped out everything and I wonder if I'm missing something during setup.
A few details in case they are related:
I'm using a trusty image for the VM.
The cloud storage is chosen to be a regular persistent disk.
It was working with emphemeral IP, and yesterday I started to use Cloud DNS to host my domain. I should have used a static IP, but that mistake shouldn't cause the VM instance group to be flushed...
I'm using cloud sql as the database service.
Maybe I should just use VM instance, given I don't have much traffic now?
Any help will be greatly appreciated~