I'm attempting to assign a domain name to my Google Cloud VM external IP. I was following some walkthroughs and getting a bit confused. I set up apache with a simple "Hello" message when you visit my external IP. The walkthroughs I'm following are providing steps to reserve a new static external IP and creating a DNS zone.
Could someone provide clarification on why I would need to secure a new static external IP address when it appears I already have one assigned?
As discussed by #Ferregina Pelona in the comment section. The public IP that your VM already has is an ephimeral one which means that if the VM is stopped or restarted, there is a possibility this public IP changes. The problem will be that if it changes, your DNS will continue pointing to the old one which means your site will be not accesible until you update the DNS with the new IP. Reserving the public IP will warranty your VM always has the same IP.
Also, added by #DazWilkin. it should be more explicit in the documentation but I assume (!) it's an ephemeral IP. I submitted doc feedback for this.
I assume you're following a guide like [1]
The tutorial demonstrates the following steps when assigning a domain to a VM which would act as a server:
-Register a domain name using Google Domains or Cloud Domains
-Create a virtual machine (VM) instance
-Run a basic Apache web server
-Set up your domain using Cloud DNS
-Update name servers
-Verify your setup
However, there is a very important note that I believe clarifies completely the scenario you faced and the questions regarding this which states:
Note:By default, the VM instance that you create receives an ephemeral external IP address. Ephemeral external IP addresses are lost whenever the VM instance shuts down or reboots for any reason (for example, maintenance). To avoid shutdowns and reboots, use a static external IP address for web hosting. For instructions about how to reserve a static external IP address, see Reserving a static external IP address.
My suggestion would be that you try always to find an official docummentation according to the configuration/products you're expecting to use so as shown in this section, these are the advices that could avoid you yo fall into errors while moving forward. I hops this info make sense for you...
Cheers,
Related
I have a google cloud platform, with a VM instance and a SQL. Today they got suspended because the free trial ended. I restarted them both and now they are running. But when i try to go to the ip of the VM instance in my browser, it says This site can’t be reached and "refused to connect". Note that i know nothing about Google Cloud and instances, i just need to have my moodle up and running again.
I tried securing that it allowed http and https in the console. (Ref to this)
The external DNS setting is correct.
And i checked if it was on localhost (ref to this question)
Please help.
If you were using an ephemeral external IP address, that address has been release when the instance was stopped.
If you were using a static external IP address, that address was also released the moment your trial expired, hence reserved IPs generate costs.
When your re-started the instance, probably it received a new IP address.
Check for the external IP address that the instance is currently using and try to use it.
You can see the instances running in your project here: https://console.cloud.google.com/compute/instances
The resources you created during the trial are stopped and If you upgrade within 30 days of the end of the trial, you can restore the resources you created during the trial.
https://cloud.google.com/free/docs/gcp-free-tier#end
What happened is that all resources you created during the trial were stopped.
As Neo mentioned, if you didn’t have your external IP address reserved, the IP was released when the instances were stopped and when you started your instances again, GCP provided a new External IP.
You can check what External IP you have on the External IP addresses, and try to access your moodle through this new IP.
To avoid this problem in the future you can promote your ephemeral external IP address, you can use this guide as reference or follow the next steps:
In the Cloud Console, go to the External IP addresses page.
In the Type column, change the address type to Static for the IP address you want to promote.
Provide a name for the new static IP address and click Reserve.
In this way, the next time you stop your instance you will keep your IP.
Nevertheless, you are not charged for static external IP addresses that are assigned to forwarding rules.
Also you can consult the following documentation for External IP address pricing, in which the documentation provides you pricing for static and ephemeral external IP addresses.
What im trying to do is bypass ip detection from websites that i crawl.
Each website limit the amount of times per day you can crawl the site.
They limit your actions by reading your ip.
I use virtual machine (gcloud) to do my crawling so i won't keep my personal pc running.
When this happens, the website puts a block because of my ip.
Im trying to bypass this detection by getting a new ip.
My vm everytime i stop and restart the instance gives me the same 2 external ip addresses.
And in gcloud i thought since the setting was not static and set to ethereal, they would give you a new ip each time you stop the instance, but no.
They only flip flop between the same 2 external ip addresses.
I've learned that in my vm, the external ip is the ip websites look at to see if this address has been here before.
If i can continuously get a new address (like every time i stop the vm) i can keep crawling the websites.
BUT, the vm only gives me the same 2 external ip addresses... I've read that there is a shell command where you can demand a new ip but i do not know how to do this.
I would recommend you to assign a static IP to your VM and change it when you need to do it for your use case. You can change or assign an external IP address, either ephemeral or static, to an existing instance by modifying the instance's access configuration.
I want to set the security groups for the web server running in aws instance.My website should be accessible to through http/https. But file modification access to be set to particular IP address.I am currently connected to a Wifi router, and as I know IP that my PC assigned changes everytime.
Can someone please guide me on how to get a static IP address that I can allow access to my website.Thanks in advance.
You would need to see if you ISP can sell you a static IP - it's not always possible. I can't get one from my ISP when working from home, your ISP may be different for example.
However, if it is just you that needs static IP address (i.e. you as the developer/admin as opposed to users in the public), it is only a few clicks of the mouse to update the security rule thru the aws console each time you need elevated access. I do this for several servers running on EC2 which I keep locked down, and when I need to RDP into them, I open up the security groups to just my (dynamic) IP, and remove the rule when I am done - this will work if you only occasionally need access. You could also automate this process using a little scripting and/or lambda function.
Other option that I also do: I have an service that I need to access continually from a static IP - I use an another EC2 instance (with fixed IP) as the whitelist IP for this, and then I connect to that services by first connecting via RDP to the EC2 instance - and the EC2 instance with the fixed IP then accesses the service using its static IP.
You first have to know if your external IP changes if so you have to ask your ISP to change your IP to a static one
If it's the internal IP the one that changes but the external IP is the same you will have no problem accessing the aws.
Here's what's bothering me. Is there a better way than sending emails to devs that the ip address for their dev server has changed after the instance is stopped and started?
I was thinking of a single small instance that has an elastic ip which the devs can log in using terminal, and ssh again to the internal ip address of the dev server. Is that effective?
Does it mean that the devs need to be informed of the change every time?
It's unclear exactly what you are saying "there's a new public dns for the server"? -thanks for the comment, that's clearer what you mean! It's the aws domain name in the format "ec2-54-222-213-143.eu-west-1.compute.amazonaws.com" you are referring to
You are asking how can these name/address changes be managed?
Generally speaking for fixing these kinds of problems there are a couple of things to be aware of
Firstly, if it is the public ip address that is changing instead of an ephemeral public ip address use an elastic ip. This will stay the same and can be transferred from an old instance to a new instance. Please read http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html about the differences between "Elastic IP" and normal public IP addresses on AWS
Secondly, if you are concerned about maintenance of the dns records that map the ip addresses to the domain names then it is possible to automate the updates to aws route53. I have used the aws cli command "route53 change-resource-record-sets" for this and also CloudFormation
Automating events to occur on instance start up does take a little research of the available APIs and hooks for example see this answer with a simple use of cloud-init Using cloud-init user data
Consider an server ec2-50-1-2-3.compute-1.amazonaws.com, which is not publicly available and which does not have an elastic IP address. I cannot assign it an Elastic IP address as I don't have any more addresses to assign (used all 5 already on publicly-available servers).
The publicly-available servers need to access a service on ec2-50-1-2-3.compute-1.amazonaws.com. However, if I restart that server then it may receive a different address and I'll have to update 20 websites across 5 webservers with the new address. Is there any way to refer to the ec2-50-1-2-3.compute-1.amazonaws.com server which will persist even if I restart that server, considering that I have no more Elastic IP addresses to assign to it?
Is there any way to refer to
Key word "refer to" -- indeed, there is... a DNS CNAME.
Whether your DNS is in Route 53 or elsewhere, a CNAME record refers a system asking for a particular host by name, to a different host -- also by name.
Let's say, for example, that the service this system provides is the generation of reports. In the "example.com" domain...
reports IN CNAME ec2-50-1-2-3.compute-1.amazonaws.com.
Any machine looking up "reports.example.com" from the DNS will be referred to the hostname ec2-50-1-2-3.compute-1.amazonaws.com which will of course resolve to the machine's IP address.
If the machine's IP address (and therefore, in AWS, its hostname) changes because the instance was terminated or failed or replaced, you only have to update the information in one place -- the DNS. The systems that need to access this system would be configured with "reports.example.com" instead of the other hostname, so they wouldn't have to be maintained individually.
If you are using Route 53, it's also possible to configure Route 53 to actually give out a different answer using failover routing with health checks and divert requests elsewhere when the instance isn't working properly.
Amazon will not give you any difficulty at all if you simply request more Elastic IPs. It's right here: Request to Increase Elastic IP Address Limit
It turns out the the best way to refer to other instances in AWS is to use Amazon Virtual Private Cloud (VPC). In VPC each machine gets a static internal IP address, which persists for the lifetime of the instance. In fact in VPC one can configure full networking!