Complete newbie here so apologies if I’ve missed something obvious.
When I launch the RancherOS AMI in a AWS default VPC, everything works well. However when I launch the same AMI into a public subnet within a custom VPC, the Rancher instance is unable to pull down the docker image, infact, its unable to even run a wget on www.google.com
I’ve checked the following:
Non RancherOS instances in the same subnet can access internet ok.
No NACLs are blocking traffic.
IGW is attached.
ping to 184.108.40.206 works ok
nslookup for www.google.com fails
I’ve gone as far as rebuilding the VPC but same results persist.
resolv.conf is controlled by AWS, and looks the same as other nodes which are working. I can’t wget a site using an IP address either so it’s not just name resolution. I did also set the name servers using ros config but issue persists.
The fact I can ping external but nothing else is strange. Do you know if/how I can install netcat or tcpdump? This may help me troubleshoot.
Note you might also be have to set the ssh_authorized_keys in the user_datacloud-config, i haven’t tested on aws, but on openstack that’s the case, setting cloud-config in the user_data will cause the public_key selected not to be injected by nova (cloud-init). In openstack you also have to set this config_drive option to be true for cloud-init or user_data to work. haven’t tried AWS case