I have created an AMI image from an existing EC2 instance, where I have configured my .net application. in the applications web.config file where I have used my private/public IP. When I launch new ec2 instance from AMI, new private/public IP is assigned. how can I update the new private/public IP in my web.config files at the start or reboot of my ec2 instance.
You should create a startup script which will change the IP on each instance/AMI boot.
change-ip-on-startup.sh
#!/bin/bash
# Fetch instance IPs from metadata
INSTANCE_PUBLIC_IP=`curl http://169.254.169.254/latest/meta-data/public-ipv4`
INSTANCE_PRIVATE_IP=`curl http://169.254.169.254/latest/meta-data/local-ipv4`
# Use the variables to replace the IP(s)
# sed "s/.../${INSTANCE_PUBLIC_IP}/g" /path/to/web.config
Then use the following reasoning to make the script runned on each instance/AMI :
# Copy the script in the init.d directory and make it executable
cp /home/ec2-user/change-ip-on-startup.sh /etc/init.d/change-ip-on-startup
chmod +x /etc/init.d/change-ip-on-startup
# Load the script on start
ln -s /etc/init.d/change-ip-on-startup /etc/rc3.d/S99change-ip-on-startup
# Emulate a service behaviour
touch /var/lock/subsys/change-ip-on-startup
Related
I'm working on GCP project in which, I have numerous small files on instance-A and I need to transfer them to instance-B. The transfer is working fine over Rsync with external IP. Both not working when I try to use internal Ip.
How can I sync files between my 2 instances with internal IPs?
Help me, please!
Thanks in Advance!
You need to check if you are unable to access via ssh from "instance-A" to instance-B using the internal IP of "instance-B" because of a "Permission denied (publickey)" error.
From instance A, run:
ssh [user]#[internal IP of instance B]
If this is the case, you can generate new keys with ssh-keygen:
ssh-keygen -t rsa -f ~/.ssh/[key file name] -C [user]
And add them to metadata.
Once done, check if you are able to ssh the instance using the internal IP. I was able to login successfully and also synced two directories using the rsync command with the internal IP.
rsync -v -e ssh ~/[source dir]/* [user]#[internal IP of instance B]:~/[destination dir]
I have an m4.4xlarge instance to which I initially assigned an Elastic IP. The security group of this instance allows SSH access and also allows access to the web app on port 8000.
Now I clicked on the EC2 instance, chose: Actions > Networking > Manage IP addresses. And then I assigned a new private IP.
Then I created a new Elastic IP address and mapped it to the newly assigned private IP of the network interface. Now I can see in the EC2 instance description that Elastic IPs is showing both old and new Elastic IP. But the IPv4 Public IP field is still showing the old IP address only.
While I am still able to SSH to the instance using the old Elastic IP, I am not able to do so using the new Elastic IP. Also, I am not able to access the web app on port 8000 using new Elastic IP. How can I accomplish this ?
Here is the script I wrote for making it work with additional network interface and making the change persistent on RHEL/Centos -
#!/bin/bash
# On AWS With multiple network cards with the default route tables the outbound public traffic keeps going out via the default interface
# This can be tested by running tcpdump on default interface and then sending a ping to the 2nd interface
# The second address will try to send return traffic via the 1st interface
# To fix this need to create a rule to direct traffic from second address through the 2nd network interface card
# Also creating a systemd service that will create the rules and routes on boot and also
# adding to the network.service so the script is also called when starting network
# User inputs
INTERFACE1="eth0"
INTERFACE2="eth1"
IP1=10.0.0.70/32
IP2=10.0.5.179/32
ROUTER1=10.0.0.1
ROUTER2=10.0.5.1
# End of user inputs
if [[ $EUID != "0" ]]
then
echo "ERROR. You need root privileges to run this script"
exit 1
fi
# Create the file that will be called by the systemd service
rm -rf /usr/local/src/routes.sh
cat << EOF > /usr/local/src/routes.sh
#!/bin/bash
# Adding the routes for the 2nd network interface to work correctly
ip route flush tab 1 >/dev/null 2>&1
ip route flush tab 2 >/dev/null 2>&1
ip rule del priority 500 >/dev/null 2>&1
ip rule del priority 600 >/dev/null 2>&1
ip route add default via $ROUTER1 dev $INTERFACE1 tab 1
ip route add default via $ROUTER2 dev $INTERFACE2 tab 2
ip rule add from $IP1 tab 1 priority 500
ip rule add from $IP2 tab 2 priority 600
EOF
chmod a+x /usr/local/src/routes.sh
# End of file with new routes and rules
# Create a new systemd service
rm -rf /etc/systemd/system/multiple-nic.service
cat << EOF > /etc/systemd/system/multiple-nic.service
[Unit]
Description=Configure routing for multiple network interface cards
After=network-online.target network.service
[Service]
ExecStart=/usr/local/src/routes.sh
[Install]
WantedBy=network-online.target network.service
EOF
# End of new systemd service
echo "New systemd service - multiple-nic.service created"
systemctl enable multiple-nic.service
systemctl restart network
echo "Network restarted successfully"
You need config second IP addr in your OS, for example CentOS,if the primary network interface is eth0, then you need add eth0:1 as following:
sudo vi /etc/sysconfig/network-scripts/ifcfg-eth0:1
DEVICE=eth0:1
Type=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=none
IPADDR=10.0.0.30
PREFIX=24
Then, reboot your EC2 instance, eg. sudo reboot.
I have a django (1.10) app running in Elastic Beanstalk.
I want to dump some apps data to fixtures and download these fixtures to my local machine (to replicate in my local database).
So far, I've eb ssh'ed into my instance and dumped the data to ~/myapp_current.json.
But I can not find a way to copy the file to my local machine. There is no eb scp command.
When you run eb ssh locally, eb will print out the actual SSH command it's running. For instance:
INFO: Running ssh -i /Users/me/.ssh/aws.pem ec2-user#3.4.5.6
Just copy that ssh command, change ssh to scp, and then add the rest, and run it locally:
scp -i /Users/me/.ssh/aws.pem ec2-user#3.4.5.6:myapp_current.json ./
At your Environment there is the option "Application versions", in there you obtain a list of all the versions of your application that you had been upload. You can select the desired version and download it
When I create a new Elastic Beanstalk environment it asked me if wanted to create a new keypair. I say yes, and it created two file in my .ssh folder locally called app and app.pub. Normally to ssh into an instance I use a app.pem file.
i.e
ssh -i app.pem ubuntu#ip
Why did Elastic Beanstalk not give me pem file and how do I SSH into the instance without one?
It seems that you need to create your key first in the AWS console, this will allow you to download the correct file app.pem which you add to .ssh folder (Mac).
You can then resign the new key by doing eb ssh --setup. WARNING This deletes all instances and recreates!
my chef server is in vpc i want to execute this command without eip
knife ec2 server create -r "role[test1]" -I ami-axxxxx --flavor t1.micro -x ubuntu --ssh-key JP_Key -Z us-east-1c --subnet subnet-c1b6d5a8 -g sg-b1e70bde -p 22 --fqdn mynewclientnode.example.com --tags Name=test_knife
im getting this error
ERROR: Net::SSH::HostKeyMismatch: fingerprint 5f:4b:f6:4d:9b:8a:88:a0:9d:fd:9f:ea:5c:ad:31:ef does not match for "10.220.15.174"
10.220.15.174 is ip of newly launched instance.
when i attach eip chef-client is instanlling.
Is there any way to do it.
This is not a Chef, knife, or AWS error. For security reasons, SSH stores the fingerprints of systems in a local cache the first time you connect. If that fingerprint changes (like if you re-provision a server using the same FQDN), SSH will throw this error. This is primarily to prevent MITM attacks (where you would be logging into a server that isn't what you think).
To fix this error, remove that fingerprint from your ~/.ssh/known_hosts file and run the command again.