I have a VPC with several Droplets. They communicate with each other via private IPs. One of them needs to be replaced. I'd like to bring up a new Droplet using the same private IP of the one that will be replaced and then remove the old one.
Is this possible to do or will I need to go into all the other Droplets and re-wire them to communicate to the new one using a different private IP from the old one?
Related
I am trying to understand the difference between a private IP and a private DNS. From what I can tell either can be used to SSH into the instance, then what is the use case/advantage of having both assigned when an EC2 is spun up. Having either one of them wasn't sufficient? Am I missing something?
private IP and a private DNS
Private means not public, so it cannot be used publicly.
either can be used to SSH into the instance
None of them can be used for that. Because you cannot connect to private instance via SSH.
IP can be changed, DNS name can be preserved. i.e. One DNS name can correspond to many IPs in different moments. Users of this service don't need to be updated every time IP is changed, because they use its DNS name that is static.
I'm setting up virtual servers on an F5 VE in AWS using Ansible. I see how to allocate or release EIPs using the Ansible ec2_eip module; how do I do the same with my private IP subnets? All the examples I see involving either a) specifying a private IP, which presumably has already been allocated somehow, or b) querying for the private IP of something that already exists. I'm trying to create something new, and don't know what free IP is available. There is no new ENI; I presume it would be considered another secondary IP on the existing external interface, and each new private IP would then be assigned a public EIP to correspond to it.
The only two modules that seem remotely related are ec2_eip and ec2_eni, but they don't appear to address the problem.
A secondary question, just to make sure I understand what is going on, is that the Ansible ec2_eip official documentation shows some examples using the argument 'ip' and a public address, but the argument list only includes 'public_ip' and 'private_ip_address'. Is this a mistake, or am I totally missing something here?
I'd like to be able to allocate 1 EIP, 1 private IP from my external subnet in AZ1 to assign to the BigIP ENI in AZ1, and 1 private IP from my external subnet in AZ2 to assign to the BigIP ENI in AZ2. From that, I would then create a pair of virtual servers. The F5 failover API will dynamically reassociate the EIP with either the AZ1 or AZ2 BigIP depending upon which is considered 'Active' at the moment. This works, but assumes that the IPs are all entered manually, and I want to automate this process using Ansible.
How to access instance in a different project without using external IP
I have two projects, say A and B, and I want to ssh from a instance in project-A to a instance in project-B.
What I found is that I was able to ping the instance in B using its eternal IP from the instance in A, not its internal IP. After I add my public key to the instance in B, I was able to ssh to it using its eternal IP from the instance in A(I have my private key here).
I wonder if I can access project B instance from, project A instance without going through external IP as it will go out of the GCP and comes back. Is there a way that I could do this internally?
Both project A and B are under the same gcp account.
Google VPC's use RFC 1918 IP addresses. These addresses are not routable across the Internet. VPC's can use the same address range in more than one VPC.
If your VPCs are not using overlapping IP addresses, you can enable VPC Network Peering to connect the two VPCs together. You can then use private IP addresses to access resources in each VPC subnet.
Google VPC Network Peering
As I understand it, your could create a shared VPC and have your Compute Engines in your distinct projects have network interfaces to this shared VPC. They would then be able to access each other directly. For full details on shared VPC, see GCP Shared VPC.
Another solution would be to use GCP VPC Peering which allows two distinct but NOT overlapping networks to connect to each other using the GCP VPC Peering capabilities.
There is so much to say about these concepts it doesn't seem to make sense repeating that here. I encourage you to read the docs in the links above and post new specific questions as needed.
I'm trying to create a single outbound IP to multiple compute engines in different Google projects.
The reason I want to do this is a third party service that needs whitelist in order to work and every addition of IP to its whitelist cause restart.
Tried first to think of a Google NAT, but the solution is unclear in a case of multiple projects.
Can you help me solve this issue
Google NAT will provide you with a single public IP address for instances with only a private IP address in the same subnet of the same project.
This means that you cannot use NAT to provide a single public IP address to represent instances in more than one project.
The only method that I know of is to setup multiple VPNs with your data center and route all traffic for these instances to your data center via the VPN and then out to the public Internet. Your data center router's public interface will be the IP address that is whitelisted.
I have a simple AWS EC2 server (Created before Dec 2013). I want to have two domains hosted on it, each with a different public (elastic) IP.
How do I do that?
From what I read, the 'VPC' word keeps appearing, but I don't need any sophisticated VPC - just a simple server listening to two public IPs.
Thanks.
Have you created your account after December 4th, 2013?
If so, every EC2 instance you have is already on a VPC - the default VPC.
Each private IP can be mapped to a single public elastic IP. So what you need are more private IPs - and you can do that to either an existing instance or a new instance without touching VPC configuration!
Take a look at this tutorial by AWS.
If you are looking to do this to an instance during setup, ctrl+f for: 'To assign a secondary private IP address when launching an instance in EC2-VPC'
If you are looking to do this to an existing instance, ctrl+f for: 'To assign a secondary private IP to an existing instance'
Then, on the same tutorial ctrl+f for Associating an Elastic IP Address with the Secondary Private IP Address to see how to add a public IP to your second private IP.
In this tutorial you will see references to EC2-VPC - this means EC2 instances that are on a VPC, and, as I mentioned earlier, if you created your account after December 4th, 2013, it is.
If not, you will need to take a look at how to create a simple VPC and add your instances there.