ECS to EC2 connect for GITHUB actions runner - amazon-ec2

I have github actions self hosted runner in ECS which needs to access a file from a folder in an EC2 instance. Both are in the same AWS VPC.
How can i do this. I am unable to figure out the connection from ECS to EC2.
Any suggestion would be highly appreciated.
Thanks

Related

Launch EMR cluster via Lambda inside a VPC using boto3

I am trying to launch an EMR cluster using AWS Lambda code written with boto3 and python. The Lambda is able to launch the cluster when there is no VPC configuration associated it. However, as soon as I add the VPC config it fails to launch the cluster and errors out and does not provide any error message.
I am trying to launch the lambda inside a default VPC and it has 3 public subnets and a default security group. I have checked the route table in the VPC is associated with an internet gateway and it is attached to the VPC.
The execution role provides full access to the cloudwatch elasticmapreduce and ec2 actions.
Any help in resolving this school boy error will be much appreciated.

How can I connect to AWS Documentdb with Robo 3T?

Using the latest Robo 3T and the command line provided by AWS
mongodb://<dbname>:<insertYourPassword>#example-db.cluster-c2e1234stuff0e.eu-west-2.docdb.amazonaws.com:27017
I get this Error:
Reason:
SSL tunnel failure: Network is unreachable or SSL connection rejected by server.
Reason: Connect failed
I have also tried following THIS walkthrough but had no joy.
I have read that it is possible to SSH to a EC2 instance on the same VPC and access documentdb this way but ideally I would like to access it directly and not pay for an extra EC2 instance. If I have that right?
I have tried via Mongo shell too and get the following response:
Error: couldn't connect to server example-db.cluster-c2eblahblaho0e.eu-west-2.docdb.amazonaws.com:27017, connection attempt failed: NetworkTimeout: Error connecting to example-db.cluster-c2eblahblaho0e.eu-west-2.docdb.amazonaws.com:27017 (<IP address>) :: caused by :: Socket operation timed out :
connect#src/mongo/shell/mongo.js:344:17
#(connect):2:6
exception: connect failed
What I suspect is happening is that either you do not have an EC2 instance in the same VPC as your DocumentDB cluster or that EC2 instance is not reachable from your laptop. I'd first connect to the EC2 instance with SSH to establish connectivity and then use that EC2 instance to SSH proxy from Robo3T.
For context, Amazon DocumentDB clusters deployed within a VPC can be accessed directly by EC2 instances or other AWS services that are deployed in the same VPC. Additionally, Amazon DocumentDB can be accessed by EC2 instances or other AWS services in different VPCs in the same region or other regions via VPC peering.
The advantage of deploying clusters within a VPC is that VPCs provide a strong network boundary to the Internet. A common way to connect to DocumentDB from your laptop is to create an EC2 instance within the same VPC as your DocumentDB cluster and SSH tunnel through that EC2 instance to your cluster: https://docs.aws.amazon.com/documentdb/latest/developerguide/connect-from-outside-a-vpc.html
To minimize costs for local development, start with the smallest EC2 instance size and utilize the start/stop functionality when not using the cluster.
The same can be done with DocumentDB. When you are developing, you can save on instance costs by stopping the cluster when it is no longer needed: https://docs.aws.amazon.com/documentdb/latest/developerguide/db-cluster-stop-start.html
An alternative is to utilize AWS Cloud9: https://docs.aws.amazon.com/documentdb/latest/developerguide/connect-with-cloud9.html. This solution still requires an EC2 instance in the same VPC as your Amazon Document. What is useful about this solution is that Cloud9 provides a mechanisms to automatically shutdown the EC2 instance if it has been idle for 30-minutes, for example, to help save costs.

How to connect ec2 Instance on aws to my company VPN

I have couple of ec2 Instances on amazon. I want to connect these ec2 instances to my company VPN. I want to do this, so that I can connect to Oracle which is on-premise from an application which is running on ec2
you can ssh to the ec2 instance from your company vpn
If you have correctly configured your VPN between your office and your AWS VPC (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html), then you should check your VPC NACLs, Security Groups and Route Tables to be able to ssh between the different servers and the EC2 Instances.

Launching ECS service from our own AMI

I am trying to deploy my sample Spring Cloud Microservice into AWS ECS service. I found that Fargate method and EC2 launch method. Here actually I am looking for to launch ECS service from my own EC2 instance. Now I have only Ubuntu 16.04 AMI. I am planning to use AWS ECS optimized AMI as my EC2. So I need to launch ECS using my own EC2. So I am confused about the launching by optimized my own EC2.
I am seeking useful links or documentation for launching using above method. Since I am beginning stage on AWS Cloud.
The AMI you've configured for your instance doesn't matter (generally). Once your EC2 instance is created, go over to the ECS section of AWS and create a cluster containing your host.
In ECS you need to define a task containing your container, the repo to pull it from, and all the other necessary details. From here you can go to your cluster and launch your task on your host, either manually, or by defining a service to automate the launching for you.

How to deploy a Docker container on EC2 ECS from Docker Hub private repo?

I have an image in a private Docker Hub repository, which I'm trying to deploy on Amazon's Elastic Container Service. There seems to be nice web console to run a container from a public repository, but nothing for private. I've read and tried to understand the documentation for this, but I don't understand what that has to do with deploying my container, as it states "The Amazon ECS container agent allows container instances to connect to your cluster".
As an alternative to using the web console, I see mentions of setting up a task definition. It sounds like that's the manual version of what the web console does. I suspect my best bet is with this method, possibly with the help of the script here.
What is the simplest way for me to run an existing image on ECS that's hosted in a private repository?
Right, so a container instance is just the EC2 machine that happens to run the services defined in the cluster. The cluster can then connect to the EC2 machine as a container instance, but unless the EC2 machine is appropriately configured, it can't run your private repository.

Resources