We have made some more changes in our installation since our previous article.
First, best option to avoid paying Elastic IPs fees when the instances are stopped ( and they will stay stopped a lot of hours, only a total of 750h a month of computing time shared among all instances ) and assigning a DNS name to the machine is creating a DDNS account in noip.com and setting up a client. AWS provides this howto ( with a couple of missing points )
# Install noip client [ec2-user@ip-10-0-0-130 ~]$ sudo yum install epel-release [ec2-user@ip-10-0-0-130 ~]$ sudo yum-config-manager --enable epel [ec2-user@ip-10-0-0-130 ~]$ sudo yum install -y noip # Configure it [ec2-user@ip-10-0-0-130 ~]$ sudo noip2 -C # Setup noip as an startup service [ec2-user@ip-10-0-0-130 ~]$ sudo chkconfig noip on [ec2-user@ip-10-0-0-130 ~]$ sudo service noip start
As we are going to use an Elastic Load Balancer to balance traffic among our webservers we have configured an additional Security Group, and slightly modified existing configuration (all internal trafic allowed for now):
NAT Instance - INBOUND: ALLOW SSH (22) TRAFFIC FROM 0.0.0.0/0 INBOUND: ALLOW ANY TRAFFIC FROM 10.0.0.0/16 ( our VPC ) OUTBOUND: ALLOW ANY TRAFFIC TO 0.0.0.0/0 Load Balancer - INBOUND: ALLOW HTTP (80) TRAFFIC FROM 0.0.0.0/0 OUTBOUND: ALLOW ANY TRAFFIC TO 0.0.0.0/0 Default SG - INBOUND: ALLOW ANY TRAFFIC FROM 10.0.0.0/16 OUTBOUND: ALLOW ANY TRAFFIC TO 10.0.0.0/16
Next article will delay a while until we sort out with Amazon Customer Services the absurd quota of only 2 simultaneous instances they have applied to our account.
No comments:
New comments are not allowed.