Cloudformation模板中如何将EIP分配给VPC的Autoscaling Group
[英]How to assign EIP to Autoscaling Group of VPC in Cloudformation template
问题描述
I want to assign one of my reserved Elastic IP's(ec2 classic ip) to Autoscaling group in VPC.
我想将我保留的弹性 IP(ec2 经典 IP)之一分配给 VPC 中的自动缩放组。 Using AWS Cli I moved ip to vpc:我使用 AWS Cli 将 ip 移动到 vpc:
$ aws ec2 move-address-to-vpc --public-ip 23.23.23.23
And saw in aws concole, that this IP passed to VPC.并在 aws concole 中看到,该 IP 已传递给 VPC。 And Assigned in tags of AutoscalingGroup in Cloudformation template in Resources:并在 Resources 的 Cloudformation 模板中的 AutoscalingGroup 标签中分配:
"Process": {
"Type" : "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"LaunchConfigurationName": {"Ref": "PreprocessorLC"},
"LoadBalancerNames": [{"Ref": "ProcessELB"}],
"VPCZoneIdentifier" : [{ "Fn::Join" : [",", [ { "Ref" : "PublicSubnet1"}, { "Ref" : "PublicSubnet2"} ]]}],
"AvailabilityZones": {"Ref": "AZs"},
"MinSize" : "1",
"MaxSize" : "1",
"HealthCheckGracePeriod": 300,
"Tags" : [
{"Key": "Name", "Value": {"Fn::Join": ["", [{"Ref": "Env"}, "-Process"]]}, "PropagateAtLaunch": true},
{"Key": "WorkersScalingGroup", "Value": {"Fn::Join": ["", ["Offering-", {"Ref": "Env"}, "-Process-Worker"]]}, "PropagateAtLaunch": true},
{"Key": "EIP", "Value": {"Ref": "ProcessIP"}, "PropagateAtLaunch": true},
{"Key": "Environment", "Value": {"Ref": "Env"}, "PropagateAtLaunch": true}
]
}
}
And added value of "ProcessIP" in Parameters:并在参数中添加“ProcessIP”的值:
"ProcessIP":{
"Description": "DEV: 23.23.23.23",
"Type": "String",
"Default": "23.23.23.23",
"AllowedValues": ["23.23.23.23"]
}
And it doesn't worked.它没有用。 Still get random IP.仍然获得随机IP。 If someone can tell where I'm wrong or what should to add for make it work?如果有人能说出我哪里错了或者应该添加什么才能让它发挥作用?
Thanks!谢谢!
4 个解决方案
解决方案1
16 2018-11-13 16:57:55
In my case, I needed to keep a bank of unassigned EIPs and randomly assign them to the EC2 when they boot.就我而言,我需要保留一组未分配的 EIP,并在它们启动时将它们随机分配给 EC2。 That way I always know my servers will be using a specific list of IPs that I can whitelist in other places.这样我就始终知道我的服务器将使用我可以在其他地方列入白名单的特定 IP 列表。
If you create several EIPs named "prod-pool" you can then use this script.如果你创建了多个名为“prod-pool”的 EIP,你就可以使用这个脚本。
apt install -y jq awscli
ALLOCATION_ID=`aws ec2 describe-addresses --filters="Name=tag:Name,Values=prod-pool" | jq -r '.Addresses[] | "\(.InstanceId) \(.AllocationId)"' | grep null | awk '{print $2}' | xargs shuf -n1 -e`
if [ ! -z $ALLOCATION_ID ]; then
aws ec2 associate-address --instance-id $INSTANCE_ID --allocation-id $ALLOCATION_ID --allow-reassociation
fi
You can attached this policy to your IAM user您可以将此策略附加到您的 IAM 用户
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowEIPAttachment",
"Effect": "Allow",
"Resource": [
"*"
],
"Action": [
"ec2:AssociateAddress",
"ec2:DisassociateAddress"
]
}
]
}
解决方案2
10 已采纳 2016-02-03 08:09:39
Here is simple bash script:这是简单的 bash 脚本:
#!/bin/sh
# Region in Which instance is running
EC2_REGION='us-east-1'
AWS_ACCESS_KEY='xxxxxxxxxxxx'
AWS_SECRET_ACCESS_KEY='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
#Instance ID captured through Instance meta data
InstanceID=`/usr/bin/curl -s http://169.254.169.254/latest/meta-data/instance-id`
#Elastic IP captured through the EIP instance tag
Elastic_IP=`/opt/aws/apitools/ec2/bin/ec2-describe-tags -O $AWS_ACCESS_KEY -W $AWS_SECRET_ACCESS_KEY --filter resource-id=$InstanceID --filter key='EIP' | cut -f5`
Allocate_ID=`/opt/aws/apitools/ec2/bin/ec2-describe-tags -O $AWS_ACCESS_KEY -W $AWS_SECRET_ACCESS_KEY --filter resource-id=$InstanceID --filter key="AllocationID" | cut -f5`
#Assigning Elastic IP to Instance
aws ec2 associate-address --instance-id $InstanceID --allocation-id $Allocate_ID
解决方案3
2 2016-01-18 15:19:30
You need to explicitly associate the Elastic IP address with your desired EC2 instance.您需要将弹性 IP 地址与所需的 EC2 实例明确关联。 You can do this in a userdata script at launch time, or externally through other scripting or Configuration Management.您可以在启动时在用户数据脚本中执行此操作,或者通过其他脚本或配置管理在外部执行此操作。
PropagateAtLaunch simply propagates tags from the Auto Scaling Group to any instances that are launched as a result of Auto Scaling actions. PropagateAtLaunch 只是将标签从 Auto Scaling 组传播到任何因 Auto Scaling 操作而启动的实例。 I'm not aware of any magic that would cause a tagged Elastic IP address to be associated with a launched instance.我不知道有什么魔法会导致标记的弹性 IP 地址与已启动的实例相关联。
See more discussion and examples of launch time scripting with EIPs here . 在此处查看有关使用 EIP 编写启动时间脚本的更多讨论和示例。
解决方案4
0 2019-11-19 19:41:58
I created a AWS Lambda function which will automatically bind an Elastic IP address from a pool to instance of an autoscaling group.我创建了一个 AWS Lambda 函数,它会自动将池中的弹性 IP 地址绑定到自动缩放组的实例。 This alleviates the need to grab an EIP address in the bootscript of the instances.这减少了在实例的引导脚本中获取 EIP 地址的需要。 For a complete description check out https://binx.io/blog/2019/09/02/how-to-dynamically-bind-elastic-ip-addresses-to-an-auto-scaling-group/有关完整说明,请查看https://binx.io/blog/2019/09/02/how-to-dynamically-bind-elastic-ip-addresses-to-an-auto-scaling-group/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.