AWS EMR 连接到主节点：连接被拒绝

Question

我在 AWS 上设置了一个新的 EMR 实例。我已经复制了主节点的ssh连接命令。

ssh -i -vvv ~/.ssh/xxxx.pem hadoop@ec2-xx-xxx-xxx-xx.us-east-2.compute.amazonaws.com

我的 pem 文件位于正确的位置。我已经使用

更改了文件的权限

chmod 400 ~/.ssh/xxxx.pem 

我仍然收到以下错误：

debug1: Connecting to ec2-18-219-186-80.us-east-2.compute.amazonaws.com port 22.

非常感谢任何帮助。

Answer 1

我明白了。您必须将 SSH 权限添加到您希望通过 SSH 连接到的计算机上的安全组。转到 EC2，然后向下转到安全组，然后在主节点上，为 SSH 添加规则。

来自亚马逊：

Security groups are restrictive by default. They reject all traffic. You can add a rule to allow traffic on a particular port to your custom or additional security groups. If there is more than one rule for a specific port in two security groups that apply to the same instances, the most permissive rule is applied. For example, if you have a rule that allows SSH access via TCP port 22 from IP address 203.0.113.1 and another rule that allows access to TCP port 22 from any IP address (0.0.0.0/0), the rule allowing access by any IP address takes precedence.

https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-additional-sec-groups.html