cfn-init will not work in VPC using Cloud Formation
-
06-07-2021 - |
Question
This is my first try with VPC.
I just changed my template to use VPC. Everything was fine when the stack was launched outside of VPC, but now that they are inside VPC, I cannot download my files from S3 during bootup of the instance using cfn-init (Ec2Config) package. Its a Windows box.
I see the following logs in cfn-init logs:
2012-10-11 08:11:40,992 DEBUG Client initialized with endpoint https://cloudformation.us-east-1.amazonaws.com
2012-10-11 08:11:41,523 DEBUG Describing resource LaunchConfigName in stack StackName
2012-10-11 08:12:03,113 ERROR URLError: getaddrinfo returns an empty list
2012-10-11 08:12:03,144 DEBUG Sleeping for 0.921699 seconds before retrying
2012-10-11 08:12:25,109 ERROR URLError: getaddrinfo returns an empty list
2012-10-11 08:12:25,109 DEBUG Sleeping for 1.240427 seconds before retrying
2012-10-11 08:12:47,386 ERROR URLError: getaddrinfo returns an empty list
2012-10-11 08:12:47,386 DEBUG Sleeping for 5.528233 seconds before retrying
2012-10-11 08:13:13,968 ERROR URLError: getaddrinfo returns an empty list
2012-10-11 08:13:13,968 DEBUG Sleeping for 4.688940 seconds before retrying
2012-10-11 08:13:39,677 ERROR URLError: getaddrinfo returns an empty list
I see the following logs in cfn-hup logs :
2012-10-11 08:23:06,550 ERROR Error: could not find main configuation at C:\cfn\cfn-hup.conf
2012-10-11 08:23:06,893 ERROR Error: main section must contain stack option
2012-10-11 08:33:06,089 ERROR Error: could not find main configuation at C:\cfn\cfn-hup.conf
2012-10-11 08:33:06,370 ERROR Error: main section must contain stack option
2012-10-11 08:43:06,533 ERROR Error: could not find main configuation at C:\cfn\cfn-hup.conf
2012-10-11 08:43:06,876 ERROR Error: main section must contain stack option
2012-10-11 08:53:06,119 ERROR Error: could not find main configuation at C:\cfn\cfn-hup.conf
2012-10-11 08:53:06,416 ERROR Error: main section must contain stack option
From the instance I can access the internet via a web browser.
Solution
You need to setup a NAT server or assign an elastic IP address to the box otherwise it can't communicate with the internet.
OTHER TIPS
This is a bit old, but I recently spent a lot of time on the similar issue. When using cfn-init, it is not enough to add the NAT or Gateway. It is also necessary to add a depends-on between the instance running cfn-init and the gateway:
"MyInstance1" : {
"Type" : "AWS::EC2::Instance",
"DependsOn" : "Gateway",
....
}
I had a similar problem trying to run the Active Directory CF template, although the error I was getting was slighly different:
gaierror(11001, 'getaddrinfo failed')
It transpired it was to do with the DHCP Options set on the VPC.
I needed to have the domain of the Domain Controllers set:
Options:
domain-name = example.com
domain-name-servers = AmazonProvidedDNS
Obviously, once I'd set up my DC's as DNS Servers, I could change the Amazon Provided statement to my own IPs.