When you are running with the private DNS name it fails on lookup of the DNS name, since you are not running inside a AWS VPC and use their domain resolvers (DNS servers). > TCP connection to SSH ip/port failed: dial tcp: lookup ip-172-31-34-206.ec2.internal: no such host
When you are running with a public DNS name it is resolved to the IP 52.90.77.167 which Packer tries to connect to (on port 22). But nothings answers, most likely one of these four things are wrong: 1) Your local (company) firewall blocks outgoing SSH (tcp/22), 2) a AWS VPC ACL denies tcp/22, 3) AWS Security Group don't allow traffic to the instance on tcp/22, 4) your EC2 instance fails to bring up sshd and thus doesn't answer. > TCP connection to SSH ip/port failed: dial tcp 52.90.77.167:2: i/o timeout Just speculating, I would guess the most likely is nr 1. Get into contact with one of your network admins. On 8 February 2018 at 20:01, Christopher Kalan <[email protected]> wrote: > I am confused. We connect to our instances through our proxy with a DNS > name. Our proxy rejects anything that is not DNS. So if we try to SSH to an > EC2 instance using IP through our proxy it will fail but will work with DNS. > > When setting packer to use private_DNS is shows DNS not IP. This is what I > would expect when setting it to public_DNS also but the log shows it > setting it to IP. > > Here is an comparison of the logs using > > private: > > 2018/02/08 14:00:27 packer: 2018/02/08 14:00:27 [DEBUG] TCP connection to > SSH ip/port failed: dial tcp: lookup ip-172-31-34-206.ec2.internal: no such > host > > public: > > 2018/02/08 13:03:44 packer: 2018/02/08 13:03:44 [DEBUG] TCP connection to > SSH ip/port failed: dial tcp 52.90.77.167:2: i/o timeout > > > > > > > On Thu, Feb 8, 2018 at 1:34 PM, Rickard von Essen < > [email protected]> wrote: > >> Sorry I'm not sure I follow what your problem is? >> >> A DNS record resolves to an IP, it is impossible "to connect to a DNS >> name" >> >> On Feb 8, 2018 19:27, "Dayma" <[email protected]> wrote: >> >>> All, our proxy is only allowing us to go after DNS instead of IP. When I >>> use the : "ssh_interface": "public_dns" I was hoping that it would use >>> the DNS of the EC2 instance. Looking in the logs it appears that even >>> though I am telling it to use DNS it's still using the IP of the EC2 >>> instance: >>> >>> 018/02/08 13:02:29 packer: 2018/02/08 13:02:29 [INFO] Waiting for SSH, >>> up to timeout: 5m0s >>> 2018/02/08 13:02:29 ui: [1;32m==> amazon-ebs: Waiting for SSH to become >>> available... [0m >>> 2018/02/08 13:02:44 packer: 2018/02/08 13:02:44 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 52.90.77.167:2: i/o timeout >>> 2018/02/08 13:03:04 packer: 2018/02/08 13:03:04 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 52.90.77.167:2: i/o timeout >>> 2018/02/08 13:03:24 packer: 2018/02/08 13:03:24 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 52.90.77.167:2: i/o timeout >>> 2018/02/08 13:03:44 packer: 2018/02/08 13:03:44 [DEBUG] TCP connection >>> to SSH ip/port failed: dial tcp 52.90.77.167:2: i/o timeout >>> >>> *Interesting though. When I set it to "private_DNS" is seems to actually >>> go after the private DNS of the EC2 instance. So that appears to be working >>> for private_DNS. >>> >>> Any help is appreciated. >>> >>> Thanks!!! >>> >>> -- >>> This mailing list is governed under the HashiCorp Community Guidelines - >>> https://www.hashicorp.com/community-guidelines.html. Behavior in >>> violation of those guidelines may result in your removal from this mailing >>> list. >>> >>> GitHub Issues: https://github.com/mitchellh/packer/issues >>> IRC: #packer-tool on Freenode >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "Packer" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit https://groups.google.com/d/ms >>> gid/packer-tool/2d767812-d48a-4d26-a518-13e03521e8c6%40googlegroups.com >>> <https://groups.google.com/d/msgid/packer-tool/2d767812-d48a-4d26-a518-13e03521e8c6%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- >> This mailing list is governed under the HashiCorp Community Guidelines - >> https://www.hashicorp.com/community-guidelines.html. Behavior in >> violation of those guidelines may result in your removal from this mailing >> list. >> >> GitHub Issues: https://github.com/mitchellh/packer/issues >> IRC: #packer-tool on Freenode >> --- >> You received this message because you are subscribed to the Google Groups >> "Packer" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit https://groups.google.com/d/ms >> gid/packer-tool/CALz9Rt_1ojMw3F_K8ju5Du%3Dg6XWj71JDCRaj6t- >> KCX4XU12nzw%40mail.gmail.com >> <https://groups.google.com/d/msgid/packer-tool/CALz9Rt_1ojMw3F_K8ju5Du%3Dg6XWj71JDCRaj6t-KCX4XU12nzw%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > -- > This mailing list is governed under the HashiCorp Community Guidelines - > https://www.hashicorp.com/community-guidelines.html. Behavior in > violation of those guidelines may result in your removal from this mailing > list. > > GitHub Issues: https://github.com/mitchellh/packer/issues > IRC: #packer-tool on Freenode > --- > You received this message because you are subscribed to the Google Groups > "Packer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/packer-tool/CADd1N9cGSi-LToZoZ-OzFHiDPECZ%3DyK59WYkhwqGJVCqDffNuA% > 40mail.gmail.com > <https://groups.google.com/d/msgid/packer-tool/CADd1N9cGSi-LToZoZ-OzFHiDPECZ%3DyK59WYkhwqGJVCqDffNuA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt8L4VnmsX5uVe-zpoKp8f%3DcrEdQ5JK-8iAQjDb8AXKtRA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
