AWS EC2 Auto Scaling Groups, RDS, Route 53 and Constantly changing IP addresses

amazon ec2amazon-rdsamazon-route53amazon-web-servicesautoscaling

I setup an auto scaling group on EC2 along with an RDS Postgres instance. I am not using ELB. Maybe I should be…

The challenge is that every time a new EC2 instance is created it assigns a unique public IP address. This means that a new inbound rule needs to be applied to the security group for RDS that allows this new EC2 instance to connect to RDS via port 5432 (postgresql).

I also run into a Route 53 issue since the new ip address needs to be added to the DNS "A Record" in order to properly resolve the url.

Is there a way to setup AWS to do this for me, or do I need to write some python code using boto?

Best Answer

This means that a new inbound rule needs to be applied to the security group for RDS that allows this new EC2 instance to connect to RDS via port 5432 (postgresql).

Rather than using public IPs for your security group rules, I suggest using private IPs. Run both EC2 and RDS in the same VPC, then allow the entire VPC subnet IP range containing your EC2 instances in your security group rules for RDS.

I also run into a Route 53 issue since the new ip address needs to be added to the DNS "A Record" in order to properly resolve the url.

You basically have 3 options:

Use ELB
Write a setup script that runs on each instance and updates the DNS automatically
Use OpsWorks which allows you to make a HAProxy instance with an EIP, then automatically adds new application server instances to that HAProxy instance when they start

Related Solutions

How to automatically cycle a new image in an AWS Auto Scaling Group

I'd like to suggest "AWS-HA-Release" to do this - the way AWS-HA-Release works:

If the current autoscaling group and ELB report 5 instances that are healthy,
AWS-HA-Release brings a new instance into production and waits for the ELB to identify it as healthy (bring the total number of healthy instances to 6)
Removes an old instance (total down to 5)
Brings another instance into service (total to 6)
Removes an old instance (total down to 5)
and so on until all instances have been replaced

In this case, you can ship new code or new AMI versions without downtime and have the benefit of entirely new instances. The AWS-HA-Release tool is available at https://github.com/colinbjohnson/aws-missing-tools.

AWS auto scaling setup bootstrap script and ssh access

So Centos AMI does not include CloudInit service by default (some of Ubuntu and Debian have it by default). You need to install it on your AMI, start the service on the boot:

chkconfig cloud-init on

Update the configuration file as needed: /etc/cloud/cloud.cfg Then you need to create a new AMI of the one modified. To test the bootstrap script the easiest I've found is to start a micro instance of this AMI specifying the --user-data-file option.

Best Answer

Related Solutions

How to automatically cycle a new image in an AWS Auto Scaling Group

AWS auto scaling setup bootstrap script and ssh access

Related Topic