amazon-ec2amazon-vpcrubber

rubber - SecurityGroupLimitExceeded exceeded the number of VPC


I was following railscasts to use rubber to deploy my rails app to ec2. I got the following problem:

$ cap rubber:create_staging

..... (omit successful part)

/Users/brian/.rvm/gems/ruby-1.9.3-p327/gems/excon-0.25.3/lib/excon/middlewares/expects.rb:10:in `response_call': SecurityGroupLimitExceeded => You have exceeded the number of VPC security groups allowed per instance. (Fog::Compute::AWS::Error)

how can I avoid this problem?


Solution

  • The issue is that by default Rubber is creating different security groups for each role. You will notice the console printing numerous "Creating Security Group #{x}" lines. The max allowed without petitioning is 5 (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Appendix_Limits.html) without petitioning.

    First run cap rubber:destroy_all.

    To force Rubber to use only one security group go into rubber.yml and set... auto_security_groups: false isolate_security_groups: false

    After that it may work, or you may get error saying security groups exists... Go here to read how to access security groups. Once in the panel delete all security groups but "default". http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html#DeleteSecurityGroup

    If you are getting errors about rules, then select the "default" user group in the AWS panel . This will bring up the rules. Delete all custom TCP rules. After this everything should work. You may need to repeat deleting groups and rules, since Rubber seems to do a terrible job of managing those.