PDF (US Ltr)
- 1.0Mb
6.2.3 Troubleshooting an Egress PrivateLink
Table 6-1 lists some common issues and their resolutions when setting up an Egress PrivateLink, and Troubleshooting Connectivity in your AWS Account Using the AWS Reachability Analyzer for an Egress PrivateLink gives further help for troubleshooting.
Note:
The error messages might read differently, as HeatWave on AWS gets updated.Table 6-2 Egress PrivateLink: Common Issues and Resolutions
| Deployment Step | Error Summary | Steps to Resolve |
|---|---|---|
| Create Egress PrivateLink | Could not Create PrivateLink. Unable to connect to Endpoint Service. | Ensure your Endpoint Service is in the correct Availability Zone, and you have added the HeatWave on AWS account ARN to the list of Allowed Principals. See Configuring the Network Infrastructure for an Egress PrivateLink for details. |
| Could not Create PrivateLink. DB Systems do not share a single physical Availability Zone with the endpoint service. | Your service (for example, your replication source), Network Load
Balancer, and DB System in HeatWave on AWS must share the same AWS Availability
Zone ID. Create a new DB System in the Availability Zone of your service, or add more
Availability Zones to your Network Load Balancer and enable Cross-Zone Load Balancing.
See Configuring the Network Infrastructure for an Egress PrivateLink.
Note: Opting for Cross-Zone Load Balancing will incur surcharges for your AWS account. |
|
| Create Replication Channel, when using Egress PrivateLink for Inbound Replication | Could not create MySQL Channel. PrivateLink does not have an Egress Endpoint to provide connectivity to the channel. |
Ensure the values for Hostname and Port match exactly one of the Egress PrivateLink’s Egress Endpoints. If you have left the Egress Endpoint hostname blank, use the Default hostname of the Egress PrivateLink. |
|
Channel enters Needs Attention state. Click on the (i) tooltip near the Channel State on the Channel Details page. |
Ensure you have accepted the endpoint connection in your AWS account. See Creating an Egress PrivateLink. Validate that your account allows connectivity between your Network Load Balancer and replication source. See Configuring the Network Infrastructure for an Egress PrivateLink. |
|
| Other messages that indicate a problem with the replication process (for example, The Channel is not receiving transactions due to error(s): Cannot connect to MySQL server…. ) | See Trouble Shooting Replication |
Troubleshooting Connectivity in your AWS Account Using the AWS Reachability Analyzer for an Egress PrivateLink
To identify any components in your account that may be preventing your Egress PrivateLink from working, we recommend using the AWS Reachability Analyzer:
- Navigate to AWS Console > Network Manager > Reachability Analyzer and click Create analyze path.
- Under Path Source, put in an optional
Name tag if you want, and set:
- Source type as Network Interfaces or IP Addresses
- Source as the Network Interface ID or IP address of your Network Load Balancer. See this article on how to find the Network Load Balancer's network interface IDs or IPs.
- Under Path Destination, put in an optional
Name tag, set:
- Destination type as Network Interfaces or IP Addresses
- Destination as the Network Interface ID or IP address of your service (for example, the source database for replication).
- For Protocol choose TCP
- Add optional Tags if you want.
- Click Create analyze path, and wait for the analysis to complete. The network components that forward traffic between the Network Load Balancer and your service are displayed. If traffic is blocked, the problematic component(s) are identified.
Parent topic: Deploying an Egress PrivateLink