Question

I have a few EC2 t2 instances, some of them are micro, and some are small and medium. All of these EC2 machines are accessible on port 22 via SSH.

Following are the specifications of my t2 machines:

1. OS Ubuntu 14 or Ubuntu 16
2. EBS attached
3. Type classes are t2 micro, small, medium
4. SSH access is given via port 22 in security group inbound rules.

I have decided to upgrade these machines to t3 or t3a class instances to save some cost. I have followed these steps as per the documentation:

1. Stop the instance
2. Instance Settings -> Change Instance type to t3
3. Start the Instance

Everything works fine, no error anywhere in these 3 steps. But after the instance is in the Running state with both system and instance checks passed, I am not able to SSH on these machines. Error is

ssh: connect to host machine_ip_here port 22: Connection refused

Then I tried the following methods:

• Revert the class type from t3 to t2 again, and SSH starts working.
• Created a new t2 machine with the latest OS (Ubuntu 22) and upgrade that to t3, and SSH was working fine after the upgrade.
• Created a new t3 machine, and verify SSH is working, detach its EBS, and then detach the root EBS of my t2 machine and connect it to the t3 new machine, SSH stop working.

What exactly is missing here?
 

Answer 1

It sounds like the issue you are facing is related to the security group configuration for your EC2 instances. When you change the instance type from t2 to t3, the underlying network interfaces of the instance may change, and the security group rules may not be applied correctly.

To resolve this issue, you can try the following:

1. Check the security group configuration for the instances that are not accessible via SSH after upgrading to t3. Make sure that the inbound rules allow traffic on port 22 from your IP address or a range of IP addresses. Also, make sure that the security group is associated with the correct network interface of the instance.

2. If the security group configuration is correct, try restarting the SSH service on the instance. You can do this by running the following command on the instance:

   sudo service ssh restart

   This will restart the SSH service, and you should be able to connect to the instance via SSH.

3. If the above steps do not work, try creating a new security group with the required inbound rules for port 22 and associate it with the instance. Then, try connecting to the instance again.

4. If none of the above steps work, you can try creating a new instance from scratch and copying the data from the old instance to the new one. This may be a more time-consuming solution, but it should work.

It's also worth noting that upgrading the instance type can sometimes cause issues with the instance's network configuration. If you continue to face issues after trying the above steps, you may want to reach out to AWS support for further assistance.

Elevate Your Expertise with Microservices Software Architecture Certification Training!