Setting up Redash Instance in private subnet. EC2 status check failed

Issue Summary

I would like to set up Redash Instance in private subnet, but it didn’t work well. The instance status check is “1/2 failed”.
The question is whether there is some necessary setting in addition to the setting introduced in the website(https://redash.io/help/open-source/setup).

For your information, if I place the redash instance on the public subnet, it works well.

Technical details:

  • AMI: ami-060741a96307668be

  • EC2 size: t2.small

  • the private subnet has NAT Gateway

  • CloudFormation template is below.

    AWSTemplateFormatVersion: ‘2010-09-09’
    Description: This template is used for creating redash analysis foundation
    Resources:
    RedashInstancePrivateSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
    AvailabilityZone: ap-northeast-1a
    CidrBlock: !Ref PrivateSubnetACidrBlock
    VpcId: !Ref VpcId
    PrivateSubnetARoute:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
    RouteTableId: !Ref PrivateSubnetRouteTable
    SubnetId: !Ref RedashInstancePrivateSubnetA
    PrivateSubnetRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
    VpcId: !Ref VpcId
    NATGatewayForPrivateSubnetA:
    Type: AWS::EC2::NatGateway
    Properties:
    AllocationId: !GetAtt NATGatewayAEIP.AllocationId
    SubnetId: !Ref RedashALBPublicSubnetA
    NATGatewayAEIP:
    Type: AWS::EC2::EIP
    Properties:
    Domain: vpc
    PrivateARoute:
    Type: AWS::EC2::Route
    Properties:
    RouteTableId: !Ref PrivateSubnetRouteTable
    DestinationCidrBlock: 0.0.0.0/0
    NatGatewayId: !Ref NATGatewayForPrivateSubnetA
    RedashALBPublicSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
    AvailabilityZone: ap-northeast-1a
    CidrBlock: !Ref PublicSubnetACidrBlock
    VpcId: !Ref VpcId
    PublicRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
    VpcId: !Ref VpcId
    PublicRoute:
    Type: AWS::EC2::Route
    Properties:
    RouteTableId: !Ref PublicRouteTable
    DestinationCidrBlock: 0.0.0.0/0
    GatewayId: !Sub ${InternetGatewayId}
    PublicSubnetARoute:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
    RouteTableId: !Ref PublicRouteTable
    SubnetId: !Ref RedashALBPublicSubnetA
    RedashInstance:
    Type: AWS::EC2::Instance
    Properties:
    LaunchTemplate:
    LaunchTemplateId: !Ref RedashInstanceLaunchTemplate
    Version: !GetAtt RedashInstanceLaunchTemplate.LatestVersionNumber
    SubnetId: !Ref RedashInstancePrivateSubnetA
    RedashInstanceLaunchTemplate:
    Type: AWS::EC2::LaunchTemplate
    Properties:
    LaunchTemplateName: redash-isntance-lt
    LaunchTemplateData:
    SecurityGroupIds:
    - !Ref RedashInstanceSecurityGroup
    ImageId: ami-060741a96307668be
    InstanceType: t2.small
    RedashInstanceSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
    GroupDescription: This Security Group is used for Re:dash Instance
    GroupName: redash-instance-sg
    SecurityGroupIngress:
    - IpProtocol: tcp
    FromPort: 80
    ToPort: 80
    SourceSecurityGroupId: !Ref RedashALBSecurityGroup
    VpcId: !Ref VpcId

This ought to work. Doesn’t seem like a Redash issue though. Something more related to your EC2 config :frowning: I’m not familiar with EC2 to say more.