I created two subnets without any preference of the availability zone(AZ). So, now I have two subnets in one AZ. I know that I can extend the VPC and create new subnets but I simply want to move a subnet into a different zone. Is there any way I can move a subnet to a different AZ on AWS?
This is not possible.
An Availability Zone is nominated when the Subnet is created. It is not possible to change the AZ on a Subnet.
You should either create another subnet, or delete the subnet and recreate it in a different AZ.
Related
We have a custom VPC with public and private subnets, in several Availbility Zone (AZ). Via, AWS CLI, we would like to launch/run ec2 instances in that VPC, private subnets, spread out to different AZ, thus spread out among the private subnet (as a subnet can only be in a single AZ)
From thhis doc, when launching without subnet: the cli will choose the default VPC and a subnet for you. But I cannot see how to specify a VPC rather than using the default one.
Is there a convenient solution that is not manually specifying subnet (and managing ourself the spread out) ?
This is actually a bit similar to this question: Boto3 run_instances: How to specify more than one Subnet?
"Convenient Solution"? No.
Since your goal is to "spread out" instances among the private subnets, you could write a script that:
Retrieves a list of subnets
Retrieves a list of currently-running Amazon EC2 instances
Determines which subnet has the least number of running instances
Launches an instance in that subnet
Alternatively, you could launch the instances in an EC2 Auto Scaling group because Auto Scaling always tries to balance instances across Availability Zones. If you have one subnet per AZ, then Auto Scaling will always keep the instances balanced across AZs.
However, if you use an Auto Scaling group, then each instance would need to be identical (as defined in the EC2 Launch Template) and you would add/remove instances by asking Auto Scaling to change the Desired Capacity rather than directly launching an instance.
See: What is Amazon EC2 Auto Scaling?
OK I'm trying to create an internal Network Load Balancer.
On the console, it says:
Mappings
Select at least two Availability Zones and one subnet per zone.
And at the same time it also says:
Your internal load balancer must have a private subnet.
I have created a new subnet (NLB-subnet, or subnet subnet-084f41a2d64bd25ad, as shown in the picture above) in my VPC, just for the NLB.
When you create a new subnet, you must choose the zone in which your subnet will reside. And you can only choose one in the AWS console. So I did, and I chose ap-northeast-1a.
However, when it asks me to Select at least two Availability Zones and one subnet per zone., I am confused like a 2 year old:
I have selected the AZ ap-northeast-1a for the NLB mapping, and that's where my new subnet resides, no problem.
But then I have to select a second AZ???
The seconds AZ has no subnet just for the NLB, because you can only choose one AZ for the subnet!
What does it want me to do?
Do I have to create a new private subnet in every one of the 3 Availability Zones, just for the NLB?
what? why?
You don't need to place your NLB in two AZs, if you don't want. NLB works fine in a single AZ as well. Only for ALB it is required to have two AZs. From docs:
You enable one or more Availability Zones for your load balancer when you create it. If you enable multiple Availability Zones for your load balancer, this increases the fault tolerance of your applications.
I have two GKE clusters with the same CIDR subnet addresses (the clusters are in different gcloud project). I need to connect the VPC with VPC peering but I get an error because the CIDR subnet and I need to change one. I have a lot of pods, secrets, deployemts...etc. Are any way to change the subnet without creating a new cluster and migrating the pods?
Thanks!
I am afraid you cannot, A subnet CIDR range in one peered VPC network cannot overlap with a static route in another peered network. This rule covers both subnet routes and static routes.
If ec2 instance is spinned up in an subnet,subnet's NACl rules imply to the instances of that subnet,But where in case of rds, "subnet group" is attached to the rds instance. if I have 2 subnet's in subnet's group. In this scenario, which subnet's NACL rules are applied to the rds ?
When you launch an RDS instance each instance will only be launched in a single subnet, the cluster on the overhand will spread instances across the subnets i.e. read replicas and Multi-AZ.
Each instance if you look at its properties will have availability zone, by using this you can limit down to the availability zone of the host. Assuming you only have a single subnet per AZ in your subnet group you can then identify the subnet.
If you have multiple subnets per AZ you would need to DIG (or ping) the RDS instances hostname to get the IP address. Then you would need to filter to determine which range it is in.
For Subnets in the same VPC, is Region independent?
I would like to set up more than two fully independent Availability Zones for Elastic Load Balancer(ELB).
Is it possible?
Yes:
Within a Region you create a VPC
The VPC is a logical concept and spans AZs
You then create subnets within the VPC for each AZ
Each AZ is a physically separate datacentre from another, normally 3 AZs or more per region
When you set up an ELB, you select the subnets that you want to use, select a subnet in each AZ
ELB will add instances across all 3 (or more) subnets/AZs