Unable to SSH into EC2 instance after changes to the example AWS/terraform settings

Hello guys,

I’m experiencing a weird problem with the Terraform/AWS example on https://github.com/kubermatic/kubeone/tree/release/v1.0/examples/terraform/aws

From what I understand, the example will set up 3 new subnets in the given VPC you specify and creates one control plane in each subnet and the bastion host in the first subnet. I tested this out and it worked. I was able to create both the control planes and the worker nodes and SSH into them.

I however have a different use-case where I have a Site to Site VPN from the VPC to my office so I don’t need a bastion host. Taking out the bastion host in the configuration also works fine. Finally, I want the control plane nodes to be created in available subnets (private) rather than creating new ones. Terraform creates the 3 control planes successfully but I’m unable to SSH into these servers which is really weird.Trying to telnet into the servers on port 22 gives me the “connection refused” error or the “connection timed” out error

I have a feeling it might be the data "aws_internet_gateway" "default" and resource "aws_default_vpc" "default" {} section in the main.tf file which I don’t really understand its purpose.

Any pointers will be appreciated. Thanks

I suspect your issue is somehow related to the security groups (or lack of opening rules).

data.aws_internet_gateway is actually a leftover which we forgot to removed, it’s not used. As of aws_default_vpc please see: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/default_vpc (in a nutshell, we ether going to detect the VPC or use the provided via the variable one).

Thanks a lot for the reply.

I have resolved the issue. The issue was caused by an error in the user_data I passed into the ec2 in the Terraform config. Thanks also for the info on the data.aws_internet_gateway update. I’ll take it out of the config.