My website is running behind an AWS Classic Load Balancer. It has some scaling policies and it launches some new EC2 instances when it has to.
Is it possible to have the range of public IP addresses that will be used for the EC2 instances when they will be launched by the load balancer ?
Is it possible to have the range of public IP addresses that will be used for the EC2 instances when they will be launched by the load balancer
Not to my knowledge. Public IP addresses are assigned automatically by AWS from a pool of addresses and I do not believe it is possible to know in advance what address will be assigned to your EC2.
See here for more details
Why do you need the ip address of the new instances, out of interest? Are you trying to dynamically provision access to resources on them as part of your ec2 startup process?
This is technically possible if you use Elastic IPs. While you can't create a pool for your scaling policies to pull from, you can create several EIPs and configure Lambda scripts that trigger during scaling events, and assign available EIPs to the new instances using the associateAddress API.
Alternatively, this seems like a similar problem, and maybe a useful solution for you.
Related
We have a 3rd party integration which needs the EC2 instance IP to be whitelisted. The 3rd party whitelists the IP on their server and then only the EC2 instance can communicate with them.
In the case of single instance this works.
However when auto scaling kicks in, we would end up in more than 1 instance. These new instances automatically get new IPs for every autoscale action.
Is it possible for us to ask AWS to assign IPs from a say a set of 4 predefined Elastic IPs? ( Assumption is that autoscaling is restricted to say 4 and we have 4 floating EIPs )
I'm trying to avoid gateway NAT since there is a big cost associated with it.
Any ideas?
With autoscaling this is not directly possible to assign an Elastic IP to autoscaled instances. However there are couple of options you can consider.
After instance autoscales, having a boot up script(e.g UserData in Linux) with AWS EC2 CLI commands to associate an Elastic IP address you have allocated to your account writing a command line script. Note that you need to handle the health checks accordingly for the transition to happen smoothly.
Having a CloudWatch alarm trigger to execute an Lambda function which will associate an Elastic IP address to the instance newly started. For this you can use AWS SDK and code to check the instance without EIP and Associate an available EIP to it.
Auto Scaling will not automatically assign an Elastic IP address to an instance.
You could write some code to do this and include it as part of the User Data that is executed when an instance starts. It would:
Retrieve a list of Elastic IP addresses
Find one that is not currently associated with an EC2 instance
Associate it with itself (that is, with the EC2 instance that is running the User Data script)
Use a NAT instance. There's only a small cost associated with a t2.nano and you should find that more than adequate for the purpose.
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_NAT_Instance.html
While not as reliable as a NAT Gateway (you're paying for hands-off reliability and virtually infinite scalability), it's unlikely you'll have trouble with a NAT instance unless the underlying hardware fails, and you can help mitigate this by configuring Instance Recovery:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-recover.html
I am trying to setup couchbase cluster on AWS. I want my nodes to be distributed across multiple availability zones.
Ec2 instances with in an availability zone are able to access each other using the ip (Private DNS) which is assigned to them during creation and which does not change even if we restart the machine.
I am not able to access an Ec2 instance from other AZ using this (Private DNS). One way this can be done is by using Elastic Ip which has a limit per region.
Question here is How to access one Ec2 instance from other EC2 instance in another AZ without elastic ip?
You do not want to use Elastic IP for this. Your statement that Elastic IP is a solution to your issue is not correct. You want to use the Private IP assigned to the instance when you created it.
The private IP will not change as long as the instances are deployed inside a VPC.
You have to use the private IP in order to keep all network traffic inside the VPC. Then you just need to make sure your Security Groups are configured correctly to allow traffic between the instances.
Amazon Web Services Operates Split-horizon DNS (AKA Split-Brain DNS). The best practice when deploying couchbase onto EC2 is to use hostnames not IP addresses, see http://developer.couchbase.com/documentation/server/current/install/cloud-deployment.html . Amazon will automatically give a different IP when resolving the hostname depending if the source of the request is internal or external.
I am rather lost how to implement AWS auto scaling in my usage scenarion?
I have an EC2 instance with elastic IP, in VPC as my webserver . This elastic IP is mapped to my website address in R53. Now if I create auto scaling group with the same AMI, which I used to create my first ec2 instance, with say two instances, then two new instances are created with new IP addresses. How these new instances can share the traffic?
If I delete the original instance, and use IP address of one of these instances in R53, how can I ensure that this perticular instance whose IP address I am using in R53, will survive after scale down?
Look into creating an Elastic Load Balancer (ELB):
http://aws.amazon.com/elasticloadbalancing/
The DNS record for your site will point to the ELB, and the ELB will spread the traffic between all the instances. When an instance is created or destroyed in an ASG, it will automatically register or de-register from the ELB.
You don't need their ELB to use autoscale, but you do need some sort of load balancer to perform that distribution. It can be an instance that you create in the VPC on an EC2 instance(s). It seems to be a little tough to identify the "must haves" and prescriptive architecture elements (or reference architectures) vs the wide range of alternative solutions.
So, I don't understand what is going on here... I have (3) Micro EC2 Instances which are launched (without elastic ip)
I then go to Network Security->Elastic IPs and click associate IP address. I chose a running EC2 instance, that instance then uses the elastic ip.
If I stop, then start this SAME ec2 instance, it doesnt have the same previous elastic IP address and is instead some completely new IP address. This is messing up scripts that then depend on the previously associated elastic ip to that EC2 instance.
Why is this happening and why cant i get any of the (3) instances to adopt and keep this assigned elastic ip?
If you create a VPC and then re-provision the 3 micro instances under the VPC, EIPs you associate will remain associated during stop/start cycles. You won't be able to reuse your existing EC2 instances or EIPs; you'll have to recreate them under the new VPC.
Elastic IPs become disassociated with EC2 instances (in EC2-Classic) when you stop them. You will need to re-associate them again on startup, which can be done through the API (via AssociateAddress), CLI (via ec2-associate-address), or via the AWS Console.
Here's what the Elastic IP documentation has to say on the matter:
When you associate an EIP with an instance, the instance's current
public IP address is released to the EC2-Classic public IP address
pool. If you disassociate an EIP from the instance, the instance is
automatically assigned a new public IP address within a few minutes.
In addition, stopping the instance also disassociates the EIP from it.
We solve this at work by tagging our dev instances (which are turned off overnight) with the desired elastic IP and run a script in the morning to first turn them on, and then re-associate the elastic IP.
If you are willing to pay for NAT gateway (per hour charge + per GB traffic processed) , you can create a NAT gateway to make Elastic IP attach to your VPC private Subnet(you need to create route for subnet , point to nat-gateway, and modify your default route point to igw-id).
Any EC2 instance restart will have effect on the Elastic IP afterwards.
I am working on using a elastic load balancer along with AWS Auto scaling. I do have a setup in which instances will be scaled up/down automatically based on NetworkIn and it is working fine. I have a couple of questions regarding ELB.
How a fresh auto-scaling launched instance is registered with the ELB automatically? I know we will give the load balancer name while creating the auto-scaling group; I need to know the real 'how'.
Can we have multiple private IPs of instances run different applications and all of them visible to ELB?
Explanation for the 2). Lets say I configure the instances so that they will have multiple private IPs at the time of launch. Could they be exposed to ELB rather than the Public IP of the machine? Can ELB read the private IPs of the instances that are launched under it?
How a fresh auto-scaling launched instance is registered with the ELB automatically? I know we will give the load balancer name while creating the auto-scaling group; I need to know the real 'how'.
My guess is it makes an API call RegisterInstancesWithLoadBalancer. You can do that too in your own code. It does not have to be through Auto Scaling
Can we have multiple private IPs of instances run different applications and all of them visible to ELB?
Well, ELB does not care about the ip address at all. It goes by the Instance Id. Unless it is on a VPC and uses ENI. However, ELB routes traffic only to ip address attached to eth0
Update:
Note:
When you register a multi-homed instance (an instance that has an elastic network interface (ENI) attached) with your load balancer, the load balancer will route traffic to the primary IP address of the instance (eth0).
Source: ELB Developer Guide