2023. 9. 14. 19:30ㆍDev/AWS DEVOPS
Problem:
{ ec2, lambda, ecs, eks } could not resolve { public, private } dns host name
or
could not resolve { s3, sqs, dynamodb, sns, execute-api, rds, elasticfilesystem ... } in { ec2, lambda, ecs, eks }
---
The error message was No subject alternative DNS name matching my.domain.com found.
server can't find kubernetes.default: NXDOMAIN
nslookup -> server can't find ip-192-168-1-86.ec2.internal: NXDOMAIN
Solution:
1. Check the routing table to see if that IP address is being routed to a black hole.
Deleted routing targets can cause problems.
Targets can be Instance, Internet Gateway, Peering Connection, Transit Gateway, etc.
2. Does your account VPC have a VPC ENDPOINT for AWS SERVICES and is PRIVATE DNS enabled?
If yes, there are two solutions to resolve this issue.
- Disable Private DNS names
- Change CNAME record to A record, with Alias
Search by vpc id in Endpoints.
View the details of that VPC endpoint ID.
Disabling private DNS names works fine.
If you still need to use private DNS
Change the record type for your public domain from CNAME to A and turn on Alias option.
Using AWS API GATEWAY as an example, addresses returned as canonical names, domains of the form *.execute-api.ap-northeast-2.amazonaws.com will all resolve to the VPC ENDPOINT INTERFACE IP (PRIVATE IP).
This is because private DNS is enabled on the VPC with the AWS compute instance.
https://docs.aws.amazon.com/ko_kr/vpc/latest/userguide/vpc-dns.html
'Dev > AWS DEVOPS' 카테고리의 다른 글
| AWS에서 할 수 있는 10가지 비용 절감 방법 (1) | 2024.03.03 |
|---|---|
| Amazon VPC IPAM이란? (0) | 2023.09.18 |
| AWS DevOps Professional 취득 후기 (0) | 2023.02.19 |
| AWS DevOps Pro - ChatGPT로 공부하기 (0) | 2023.02.16 |
| AWS DevOps Pro - AWS Config (0) | 2023.02.10 |