Question
SSH connection time out after creating droplet
- Posted on March 8, 2018
- ApplicationsDebian
Asked by SimonCek
Hi everyone,
I’m trying to write a provisioning and deployment script for a java application on debian 9.
My provisioning .sh script looks like this :
doctl compute droplet create DocumentationApplicationDroplet --image debian-9-x64 --region sfo2 --size 512mb --ssh-keys 9c:00:ec:04:9a:ed:74:fc:63:da:97:56:36:cb:88:8a --format ID > result.txt
export DROPLET_ID=`tail -1 result.txt`
export DROPLET_IP=`doctl compute droplet get $DROPLET_ID --format PublicIPv4 | tail -1`
ssh root@$DROPLET_IP "apt-get update"
When I run this script it creates a Debian-9 droplet that I can see on the website. But once the droplet is made and the apt-get command gets executed I get ssh: connect to host 159.65.103.157 port 22: Connection timed out The IP you can see is the correct IP that I can also see on the website.
I have also created a new .sh script that looks like this : ssh root@IP_of_my_droplet “apt-get update”
where the IP_of_my_droplet is the same as the one I can see on the website and DROPLET_ID.
When I run this script, it works and apt-get update command gets executed on my droplet.
Any idea what the problem is here?
Kind regards, Simon
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
@kamaln7 described your problem very well — this behavior is expected, as your Droplet takes some time to provision, so it takes some time for OpenSSH server to get started.
I would just add an unrelated thing that could help you — depending on your script, you can use the
user-datafeature to execute the script (in your case theapt-get updatecommand) on Droplet’s provision time. There’s also DigitalOcean Metadata API that you can use from your Droplet and theuser-datascript to obtain basic information about your Droplet.You can take a look at the An Introduction to Droplet Metadata tutorial if you want to learn more about the
user-datafeature.Also, the
doctlhas thesshcommand that you can use to SSH to your Droplet or remotely execute commands. You can learn more about it by executing thedoctl compute ssh --helpcommand or by taking a look at the SSH portion ofdoctltutorial. This will not solve your problems, but if your Droplet has unique name, you don’t need theDROPLET_IDandDROPLET_IPcommands.Hello there,
As mentioned the IP address of the droplet is returned before the droplet has booted and started all services. You can use
doctlas mentioned by Kamal and check for the droplet status, once active you can continue with the rest of your scripts.Regards
The IP address is assigned to your Droplet before it is actually created and is returned through the API response then. It takes a few seconds until the Droplet is created, booted up, and the OpenSSH server is started, so that’s most likely why you are seeing that error.
One option would be looping over
doctl compute droplet get $DROPLET_ID --format Statusuntil it isactive, then checking whether port 22 is open every few seconds, and only then SSHing into it. This would add a delay until the Droplet is created (status set toactive) and the OpenSSH server is started (port 22 is open).