- Newest
- Most votes
- Most comments
It might be good to take approach making automated IP to static IP by using Elastic IP. Automated IP address and DNS architecture would be able to achieve the aim your described. But, I think using Elastic IP for each EC2, using Elastic IP's DNS record as static destination and if needed, re-assign ing Elastic IP to EC2 is sometimes simpler solutions.
A public IP only changes when an EC2 stops and starts. I would only trigger the lambda on the EC2 start.
Not sure what your trying to achieve but you have other options such as route53 health checks and load balancers which may help you achieve what your trying too.
That doesn't seem quite true in our use case. In my setup, when an Elastic IP is added to a running instance, it loses the public IP. Then if the Elastic IP is reassigned to a different running instance, it regains a public IP, but it's not the same as the original. Load balancers don't appear compatible because we are handling SIP 5060 traffic, and only one instance can be handling traffic at any one time. IE. One instance being the Active instance, and the other instance being in Backup mode, monitoring its partner for any loss of service.
What I'm trying to achieve is for support staff to be able to access either server by using a DNS record such as app-1.example.com or app-2.example.com. Currently, support staff need to log into the AWS console to discover the public IP address that is currently assigned to the instance.
End users access services via app.example.com which points to the Elastic IP that is given to the Active instance.
Side note... although I said that only one instance can handle traffic at any time, we have multiple pairs, as described above, with end-users distributed across those pairs. The reason that only one instance can handle traffic at any time is that each "end-user" has multiple users. In order for those users to be able to communicate with each other, they need to be connected to the same instance.
I am assuming you are accessing the EC2 instances by their private IP addresses: Assigning an EIP to an EC2 instance doesn't actually modify the EC2 instances IP address configuration. When you add or remove a public IP address from an EC2 instance, it updates a private to public IP mapping in the Internet Gateway. So when you move the EIP, it simply updates the mapping table in the Internet Gateway. The private IP address and the private DNS name remain unchanged. So you can access by their private IPs remotely if you are 'on network' with them.
I am assuming you are accessing the EC2 instances by their public IP addresses: In this case, I would just run a DNS updater client on one or both servers like this one . It runs at 5 minute intervals but can be decreased.
Relevant content
- asked 8 months ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
From a technical point of view, our current solution works, without requiring additional Elastic IPs. I was just trying to avoid using multiple Elastic IPs. The only issue is that we can't point DNS to the Automated IPs. Those Automated IPs are only used by IT Support staff if they need to access a server. It seems wasteful to use Elastic IPs for this if there is a technical way to update DNS records automatically whenever an Automated IP changes. Note that although advice is that Automated IPs only change when an instance is stop and started, it also appears to change if you assign and then unassign an Elastic IP to a running instance. So triggering an event "on-start" won't work since the Automated IP can also change when running.
Then, how about setting your lambda as triggered per minute by using Eventbridge, like AWS Config rule check (or using AWS Config custom rule ) ? If the user's work is not critical, maybe 5 minutes interval is enough. This won't cost that much.