I just handed over a project which technical responsible person quit.
My client asked me to fix problem on their service they just know which domain but none of server ip and how to access.
Since they uses aws I looked for ip address which digged from domain but can't find in Ec2, load balancer and elastic ip.
By IP search, this ip address is served by amazon aws.
How can I find this server from ip address.
I can access to my customer's aws account.
I can access dns of customer's service domain.
It seems that your situation is:
You have a domain name that points to an IP address
You wish to find the EC2 instance(s) that the IP address points to
An IP address could be associated with:
An EC2 instance IP address
An Elastic IP address, which is then associated with an EC2 instance
Not a load balancer (it uses a DNS Name, not an IP address -- except for the new Network Load Balancer, but it is unlikely they are using this)
An database instance (eg RDS, Redshift, Elasticache) but this is unlikely as you are saying that the IP address is responding with web traffic
Therefore, the best thing to do would be to use the AWS Command-Line Interface (CLI) to list all IP addresses on EC2 instances and Elastic IPs:
aws ec2 describe-instances --query Reservations[*].Instances[*].[InstanceId,PublicIpAddress] --output text
aws ec2 describe-addresses --query Addresses[*].[NetworkInterfaceId,PrivateIpAddress] --output text
Run the above commands in every Region and you should find where that particular IP address is pointing.
First of all go to the billing section of the AWS Account and verify there are EC2 instances running under the AWS account provided to you.
Username in menu bar (top right corner) -> My Billing Dashboard -> Bills -> Details -> Elastic Compute Cloud -> Region of your EC2 instances
If you find instances in a particular region by switching to it and then you should be able to find the EC2 instance and SSH/RDP to it using the Key.pem file given to you(Or need to request it from your customer)
Related
I am trying to connect to a database hosted on mongo atlas from a service running on elastic beanstalk. I am getting the error:
UnhandledPromiseRejectionWarning: MongoNetworkError: failed to connect to server [youmaylike-shard-00-01-necsu.mongodb.net:27017] on first connect [MongoNetworkError: connection 5 to youmaylike-shard-00-01-necsu.mongodb.net:27017 closed]
I believe this is happening because I don't have the Ip address of my service whitelisted on atlas. I am unsure of how to get the Ip address for my service, I tried running eb ssh but I'm not sure what it gave me is the correct value
There are multiple ways to get it, below two:
Before using the AWS console or the AWS CLI run eb health and get the intance ID or IDs for your deployment
Using the AWS Console go to EC2 and then Instances find the instance ID or IDs click it and on the pane below the IP will be located at "IPv4 Public IP"
Using the AWS CLI aws ec2 describe-instances --instance-ids <YOUR INSTANCE ID or IDS HERE>
The public IP depend upon the configuration of your Elastic beanstalk instances.
Internet Access:
Instances must have access to the Internet through one of the following methods.
Public Subnet
Instances have a public IP address and use an Internet Gateway to access the Internet.
Private Subnet
Instances use a NAT device to access the Internet.
So, if it's behind Gateway then you can check here for whitelisting or might this help too
aws ec2 describe-instances --instance-ids i-0c9c9b44b --query 'Reservations[*].Instances[*].PublicIpAddress' --output text
or
curl http://checkip.amazonaws.com
If it's behind NAT then you need to whitelist the NAT Gateway IP.
Goto VPC -> Select NAT Gateways -> Copy the Elastic IP or public IP adress of NAT Gateway and whitelist this IP in atlas side.
From MongoDB Atlas support:
If you have dynamic IP addresses, you have the following options;
You can use the Atlas Public API to dynamically add and remove IPs from your whitelist. For MongoDB Atlas documentation on configuring Atlas API Access, please click here.
You can use VPC Peering (M10+ instances only) to link your Atlas cluster to your existing VPC. For documentation Setting up a VPC peering connection in MongoDB Atlas, please click here.
Or you can set your whitelist to 0.0.0.0/0 to allow the entire Internet into your IP whitelist. For MongoDB Atlas documentation on adding entries to your IP Whitelist, please click here. Please note that adding 0.0.0.0/0 to the cluster’s whitelist as this can expose the cluster to denial of service attacks. Also, please be aware that Heroku uses dynamic IPs, so you will have to add 0.0.0.0/0 to the whitelist when using Heroku to connect to your Atlas Cluster.
See asked question on their FAQ.
I want to stop and restart my AWS EC2 instance daily. I can stop it through the API command line interface, but to reconnect I need to get the new DNS information so that I can connect through Remote Desktop. Is there a way to reconnect that doesn't involve going through the EC2 Management Console?
Option 1
Assign an Elastic IP address to the instance, and always connect via that IP.
You can also then setup a DNS record with a friendly name (e.g. myinstance.mydomain.com) pointing to that elastic IP address.
Note that while your instance is stopped, having a reserved elastic IP address assigned to it will cost a small hourly charge - see https://aws.amazon.com/ec2/pricing/on-demand/#Elastic_IP_Addresses for more information.
Option 2
If you're using route53 for DNS management (or some other DNS hosting service which has an API you can use), you could write a script that runs at instance startup which detects its current IP address, and uses the route53 api to update a DNS record with the instances new IP address. You'd need to take into account the DNS propagation time if doing this, so I'd definitely recommend the Elastic IP method over this if possible.
Option 3
Use the AWS CLI with the following commands to get the public IP address of your instance. Be sure to change the instance-id parameter to match your own instance.
aws ec2 describe-instances --instance-id i-0a3bd317964ca45543 --query 'Reservations[0].Instances[0].PublicIpAddress'
For example, combining that with an SSH command might look like this:
ssh ec2-user#`aws ec2 describe-instances --instance-id i-0a3bd317964ca45543 --query 'Reservations[0].Instances[0].PublicIpAddress' --output text` -i ~/my-key.pem
I want to retrieve all the public IP addresses that have been allocated to an Amazon Web Services account.
There are two types of public IP addresses:
Elastic IP addresses (static)
Auto-assigned IP addresses (which might change if an instance is Stopped & Started)
Also, many different services are assigned IP addresses:
Amazon EC2 instances
Amazon RDS instances
Amazon Elasticache instances
Amazon Redshift instances
Amazon EMR master node
Elastic Load Balancer (the IP addresses change and should never be cached/stored)
etc
You would need to perform describe commands against each individual service to retrieve IP address information. There is no command that can retrieve this information across all services.
You might be able to use an AWS Config configuration snapshot -- it might have the information you seek for most services.
Example: Fetching Elastic IP Addresses
The easiest way to obtain a listing of Elastic IP Addresses (which are static addresses assigned to EC2 instances) is to use the AWS Command-Line Interface (CLI), which has a describe-addresses command:
aws ec2 describe-addresses --region ap-southeast-2
To obtain a list of Instance IDs and IP addresses:
$ aws ec2 describe-addresses --region ap-southeast-2 --query 'Addresses[*].[InstanceId,PublicIp]' --output text
i-0c9c9394b3583afdc 54.222.207.37
i-0ef605853622f705e 54.79.149.39
The command would need to be issued for each region separately. (You could create a script that loops through them all.)
I have a windows EC2 instance running a production website and DNS is configured to have my domain name point to its public IP. There is currently no Elastic IP (EIP) associated with the instance. I would like to start using a Elastic IP and have my domain name point to it instead of the public IP (which can change if I ever have to change the instance).
Reading the documentation I find this statement troubling:
When you associate an EIP with an instance, the instance's current
public IP address is released to the EC2-Classic public IP address
pool.
My fear is this:
I assign an EIP to the instance and the public IP is released.
Now my website no longer works, because the domain name points to the public IP, which is no longer associated with my EC2 instance.
I must then point DNS records to the EIP. But this could take up to 48 hours for propagation to take place (i.e. my site may be be unreachable for up to 48 hours).
How can I do this without having to live through DNS propagation?
If your EC2 instance is in a VPC, you can add a second network interface onto your EC2 instance. You can associate your Elastic IP address with that second network interface. This way, your EC2 instance could respond to both IP addresses.
Instructions
Create a new Network Interface in the same subnet as your EC2 instance.
Allocate a new Elastic IP for your VPC (if you haven't done so already).
Associate the Elastic IP address with your new Network Interface (eni).
Attach your new Network Interface to your EC2 instance.
Do not change your DNS yet.
You may need to RDP/SSH into your EC2 instance to make some configuration changes to ensure your EC2 instance responds correctly to the new IP address.
Modify the hosts file on your local computer to test connecting to your website via the new IP address.
When that works, do the DNS switch and restore your hosts file.
48 to 72 hours before your pre-determined switch-over time, reduce the time-to-live (TTL) on your DNS entry to 300 seconds (5 minutes).
At your designated switch-over time:
Attach the Elastic IP address
Update your DNS entry to point to your Elastic IP address
Doing this, your effective "downtime" is reduced to 5 minutes.
You can have two identical EC2 instances. One with the old public IP where DNS record is pointing to. One with the EIP assigned. Requests should be able to access anyone of the two instances without noticing it. Your application must be able to scale horizontally. Then you change DNS record to point to EIP. Eventually, when DNS is updated, all requests to your domain will end up going to the EC2 instance with the EIP. At that moment you can stop or terminate the old EC2 instance.
Other possibility if your application cannot scale horizontally and if it is a web application, the web server in the old EC2 instance can redirect requests to the EIP. It would redirect to an IP address but it's a possibility.
If you don't use EC2-Classic instances, you can freely move the Elastic IP to any other EC2 instance without losing the EIP.
aws ec2 associate-address --region us-east-1 --allocation-id eipalloc-xxxxxxxxxxx --allow-reassociation --network-interface-id eni-xxxxxxxxxx
where eipalloc-xxxxxxxxxxx is the id of the Elastic IP and eni-xxxxx is the id of the target EC2 instance.
https://aws.amazon.com/premiumsupport/knowledge-center/ec2-recover-ip-address/
Elastic IP addresses
It's a best practice to use an Elastic IP address. Elastic IP addresses are allocated to your account, instead of to the instance. You can associate your Elastic IP addresses to and from instances as needed.
If you release the Elastic IP address that was allocated to your account, you might be able to recover it. For more information, see Recovering an Elastic IP address.
All instances except EC2-Classic instances retain their associated Elastic IP addresses when stopped. AWS continues to bill for Elastic IP addresses associated with a stopped instance.
Note: Elastic IP addresses associated with EC2-Classic instances aren't recoverable.
I have a root domain like example.com. It's now hosted on Amazon S3. For that I followed this tutorial:
http://docs.aws.amazon.com/AmazonS3/latest/dev/website-hosting-custom-domain-walkthrough.html
What would I have to do to have a subdomain like client.example.com to point to a EC2 instance?
client.example.com => ec2-XXX.us-west-2.compute.amazonaws.com
Is there like a tutorial out there explaining the steps?
Two simple steps:
You would just need to add a new 'A' record to assign the ec2 ip address to that subdomain in your amazon route 53 dns (or whatever dns provider you are using) - very simple to do. Step one will have requests for that sub-domain routed to the ec2 instance.
Step 2 is to tell the web server you are running, when it receives a requests for that sub-domaain, what website should it serve up to the user - you do this by 'binding' the name to the directory/location thast has the website on your ec2 instance.
You may also want to read over the following from AWS
http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-ec2-instance.html
It would also be better practice to assign your EC2 instance an Elastic IP address then forward requests to that IP.
We recommend that you also create an Elastic IP address and associate
it with your Amazon EC2 instance. An Elastic IP address ensures that
the IP address of your Amazon EC2 instance will never change.