I launch AWS EC2 instances with a userData field that runs the desired initialization jobs. One of the initialization commands is to run an infinite time background process. My question is that since AWS EC2 instances change IP addresses frequently, will my infinite time background process be killed upon a change in that instance's IP? I am not changing the instance's state after I launch it. When I initialize my instances, the jobs are working fine, I just don't know whether that behavior will continue upon an IP change since I don't have a way for rigorously testing this.
The SSH connection termination might be due to your ISP having changed your own public IP address, or a similar networking issue on your or your provider's side, and not the EC2 instance having changed. An EC2's IP address only changes under certain well-defined circumstances that I'll describe below:
An EC2 instance's private IP address: Once an EC2 instance is launched, it's assigned a private IP address at boot time. An instance's private IP address will never change during the lifetime of that instance.
An EC2 instance's public IP address: When an instance is launched, you control whether it receives a public IP or not. The public IP address never changes automatically, but can change under the circumstances described below.
AWS releases your instance's public IP address when it is stopped, hibernated, or terminated. Your stopped or hibernated instance receives a new public IP address when it is started.
AWS releases your instance's public IP address when you associate an Elastic IP address with it. When you disassociate the Elastic IP address from your instance, it receives a new public IP address.
To answer your original question: You don't need to worry about an EC2 instance regularly changing its IP address because as long as it keeps running and you don't explicitly change the associated IP address yourself, the IP address will remain static.
If you want to retain a public IP address that persists even after hibernating, stopping, or terminating the instance, you can attach an Elastic IP address.
For more information see: What are Elastic IP addresses, and how do I use them?
Related
I have create an AWS EC2 instance and, I have stopped the instance for some reasons. When I start the instance back, I happen to notice that the public IP address have changed but, the private IP address remains unchanged.
I assume that the public IPs address will be released from the instance and move to the public IP pool since it is dynamic IP address unless we attach an Elastic IP address.
May I ask why the private IP address remains unchanged and what is the reason/purpose behind that?
I have tried googling but couldn't find the exact answer. I appreciate your input and help on this.
It's just a function of how AWS VPCs work. From the documentation:
A private IP address remains associated with the network interface when the instance is stopped and restarted, and is released when the instance is terminated.
I am writing a Powershell script to locate all EC2 Instances with a Public IP. I know how to get Elastic IP and Public Pool IP Associations in the NetworkInterfaces. However, when EC2 Instances that have been configured for a Public Pool IP (NOT an EIP) are powered down, the Public IP is released back into the pool and the Association is deleted from the NetworkInterface. I can't seem to find any flag or other configuration anywhere that would indicate that when the EC2 is powered back on it would request a new Public Pool IP. I need to identify powered down EC2 Instances that may come up with Public IP's for a security report without having to power them up to find out.
For example, this EC2 has a Public Pool IP when it is powered up. However, when it is powered down, as it is now, the Association object has been removed along with the IP. Is ther not some configuration somewhere that will indicate it will procure a new Public Pool IP upon powering up?
PS X:\projects\GACM\cloudsecurity> (get-ec2instance -instanceid i-99999999999999999 -region us-east-1).instances.networkinterfaces|select *
Association :
Attachment : Amazon.EC2.Model.InstanceNetworkInterfaceAttachment
Description : Primary network interface
Groups : {launch-wizard-4}
Ipv6Addresses : {}
...
The only way you can determine if an instance will have a pooled public ip address is by analyzing the CloudTrail logs.
On instance creation, a log entry is made. requestParameters in the log has a JSON Object called networkInterfaceSet which has an array of items, these items have the key associatePublicIpAddress which is either true or false.
At this time you can't determine if an EC2 will have a public IP Address when it is in the stopped state. Unless you have linked an Elastic IP to the instance.
When an EC2 instance is launched it can either inherit the allocation of a public IP address from the subnet settings or you can set it as public IP enabled, or disabled. This is recorded in the cloud trail log.
Currently there is no way to change that behavior or view the behavior other than the cloud trail log.
For example, if the subnet has public ip enabled, and when launching an EC2 instance and you explicitly disable it then the only way your instance can get a public IP address is to either recreate the instance from a snapshot, or assign an Elastic IP. If the instance is initially launched with a public IP, there is no way to remove the public IP.
Neither describe-network-interfaces or describe-instances provides any metadata pertaining to enabled or disabled public IP address excluding elastic IPs.
As you mentioned the only way to determine if an instance will have a public IP is to start the instance and view the running instance metadata.
The Amazon EC2 instance IP addressing documentation states:
You can control whether your instance receives a public IP address as follows:
Modifying the public IP addressing attribute of your subnet. For more information, see Modifying the public IPv4 addressing attribute for your subnet in the Amazon VPC User Guide.
Enabling or disabling the public IP addressing feature during launch, which overrides the subnet's public IP addressing attribute. For more information, see Assigning a public IPv4 address during instance launch.
A public IP address is assigned to your instance from Amazon's pool of public IPv4 addresses, and is not associated with your AWS account. When a public IP address is disassociated from your instance, it is released back into the public IPv4 address pool, and you cannot reuse it.
You cannot manually associate or disassociate a public IP address from your instance. Instead, in certain cases, we release the public IP address from your instance, or assign it a new one:
We release your instance's public IP address when it is stopped, hibernated, or terminated. Your stopped or hibernated instance receives a new public IP address when it is started.
We release your instance's public IP address when you associate an Elastic IP address with it. When you disassociate the Elastic IP address from your instance, it receives a new public IP address.
If the public IP address of your instance in a VPC has been released, it will not receive a new one if there is more than one network interface attached to your instance.
If your instance's public IP address is released while it has a secondary private IP address that is associated with an Elastic IP address, the instance does not receive a new public IP address.
If you require a persistent public IP address that can be associated to and from instances as you require, use an Elastic IP address instead.
Experiment
I created an EC2 instance in a subnet where the assignment of a public IP address was enabled. I set the EC2 instance to assign a public IP address on launch. Changing the subnet auto-assign value had no affect. I repeated the process this time allowing the EC2 instance to be created with the setting of the subnet. I disabled auto assign within the subnet. The instance was created without a public IP as expected. I then enabled auto assign on the subnet, and stopped and started the instance. No public IP address was assigned.
Thus based on the documentation above and my experiment. Allocation of a pooled public IP address is decided at EC2 instance launch. This cannot be changed. I ran [describe-network-interfaces, describe-instances] CLI commands to get details on the ENI, and no metadata provides a flag to indicate that a Public IP address will be assigned when the instance is started. The only place I could find any information was in the CloudTrail log.
If you are using AWS best practice, EC2 instances should be started using CloudFormation. Here you will know if the EC2 instance will have a public IP.
Alternatively you do not allow the assigning of pooled public IP addresses by using service control policies or policies assigned to users. Then use alternative means to expose the machines either using elastic IP addresses or Load Balancers.
I think it is important to revisit your use case, to understand what you are trying to achieve.
I have 2 instances running and a web application in one of them (Say instance1) uses private IP of another instance (Say instance2) to call a service.
I restarted instance2(IP changes after restart) and restarted the web application on instance1 after adjusting the configurations accordingly, and application was up and running successfully.
But then suddenly it stopped responding after 2 hours and when I looked for the problem, I found that the private IP of the instance2 was again changed while it was running.
Has it happened with anyone else? If yes what's the solution for this?
The private IP address of an Amazon EC2 instance will never change.
It will not change while an instance is running.
It will not change while an instance is stopped.
You cannot change a private IP address. (However, I think that if you assign multiple private IP addresses, you can add/remove the secondary addresses, but not the primary IP address.)
You cannot launch another instance with the same private IP address of another instance (in the same VPC), even if the other instance is stopped.
The above only applies to the private IP address, not the public IP address.
In you case you need to keep your public address from changing after instance shutdown. Take a look on using ElasticIP Using ElasiticIP with EC2 instances
I have a server that is up and running with an auto-assigned public IP address. This IP address was not created with Elastic IP. Is there anyway to transfer this IP address onto a new instance in my account?
I'm afraid you can't.
The auto assigned public IPs are not yours to deassociate and reassociate.
You can't tell them "I changed my mind, I want to use this IP as if it was an Elastic IP". It doesn't work like that. You can't really pick your elastic IP. You just ask for one, and then operate with whatever IP they gave you.
You cannot manually associate or disassociate a non-elastic IP address from your instance. Instead, in certain cases, aws release the public IP address from your instance, or assign it a new one for below cases:
1. They release the public IP address for your instance when it's stopped or terminated. Your stopped instance receives a new public IP address when it's restarted.
They release the public IP address for your instance when you associate an Elastic IP address (EIP) with your instance, or when you associate an EIP with the primary network interface (eth0) of your instance in a VPC. When you disassociate the EIP from your instance, it receives a new public IP address.
If the public IP address of your instance in a VPC has been released, it will not receive a new one if there is more than one network interface attached to your instance.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#concepts-public-addresses
If you require a persistent public IP address that can be associated to and from instances as you require, use an Elastic IP address (EIP) instead. You can allocate your own EIP, and associate it to your instance. For more information, please see Elastic IP Addresses (EIP).
Easy, setup a HTTP or TCP transparant proxy, with HAProxy or Nginx.
I have an EC2 Instance with a Public IP associated.
For no reason, after a restart, this association is lost and I have to reassociate.
It doesn't happen for every restart.
Any tips?
There are two types of public IP addresses available for Amazon EC2 instances:
A Public IP address that is randomly assigned to an instance from a pool of available addresses. If an instance is stopped and later started, it might receive a different public IP address. (Restarting an instance will not cause this to happen, so I suspect that you stopped your instance rather than merely restarted it.)
An Elastic IP address that can be allocated to your account. The address can then be allocated to an EC2 instance. The IP address is static, so it will not change. However, it can be reassigned to a different EC2 instance if desired. It remains associated with the account until it is released.
If you are saying that you were using an Elastic IP address, then it should remain associated with the instance until specifically dissociated. It will not dissociate without a specific request. If it is being dissociated, then you could use AWS CloudTrail to look for the API call that would have caused this to happen.
In AWS EC2, By default the EC2 instances are not assigned with static public IP address.
For that, you will have to generate a Static IP address first and then assign it to your EC2 instance. In this way, even after the restart, it will retain the allocated static IP address.
To do this, Navigate to EC2 service, select 'Elastic IPs' from the left menu. Click on Allocate Elastic IP address. This will generate the static IP address. Now to allocate this to your instance, select the checkbox against the newly generated IP address, and click on Actions and 'Associate Elastic IP address'
Hope this helps :)