I have 4 different services, and I'am running 2 services per EC2 instance, is there a way in which I can connect these containers on different machines
All the EC2 instances run on the same VPC and security configuration
Related
I want to know the possibility of having a application server (linux machine) spinned up using ecs ?
I.e An Ec2 instance running an application which serves user requests .
To be more clear.. can we spin up a ec2 via a container ?
I want to allow a kubernetes cluster, all the pods running in it, to access my ec2 machine.
This means I have to allow a particular IP or a range of IPs in the security group of my ec2 machine.
But what is that one IP or a range of IPs that I'd have to enter in the security group of EC2 machine?
The pods in kubernetes run in worker nodes which are nothing but ec2 instances and have their own security group. If you want your ec2 instance which is outside the cluster to accept connection from pods in kubernetes cluster, you can add an inbound rule in the ec2 instance with source security group value that of the worker nodes security group.
Why is that the pods in the kubernetes cluster wants to access an ec2 instance outside the cluster. You can also bring the ec2 instance within your kubernetes cluster and if need be, you can expose the ec2 instance's process via kubernetes service.
I have couple of ec2 Instances on amazon. I want to connect these ec2 instances to my company VPN. I want to do this, so that I can connect to Oracle which is on-premise from an application which is running on ec2
you can ssh to the ec2 instance from your company vpn
If you have correctly configured your VPN between your office and your AWS VPC (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html), then you should check your VPC NACLs, Security Groups and Route Tables to be able to ssh between the different servers and the EC2 Instances.
I am using the official Docker image for RethinkDB. I am trying to use AWS EC2 Container Services to create a RethinkDB cluster. I can easily get stand alone instances to run, but have had no luck creating a RethinkDB cluster.
I have tried various security group settings. I even made everything wide open, but no luck. When I launch the Docker image, I pass in --bind all and --join [ip]:29015, but nothing.
Has anyone got this to work?
The default networking for docker on amazon ECS is the docker0 bridge. This means multiple containers on the same EC2 instance can talk to each other through the bridge but not to other EC2 instances and containers across the ECS cluster.
You could set the networkMode in your task definition to 'host' which should then let you use the network on your EC2 instances directly and use the security groups you have defined See http://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#network_mode.
The alternative is to setup an overlay network using something like flannel, weave, openvswitch etc. See https://aws.amazon.com/blogs/apn/architecting-microservices-using-weave-net-and-amazon-ec2-container-service/ for an example using weave.
I am planning to have a multi server architecture in amazon EC2 where the servers need to talk to each other. These servers need to be located in different amazon regions (different datacenters). Can I just use the internal network of the amazon ec2? What are the security issues? Should I mandatorily use Amazon VPC in this setup.
Jam ,
If you are planning to create instances on different regions then go for VPC ,because VPC gives you more security .You can restrict these machines for limited external access also .
As security part , VPC is better than classic EC2 instances ,as you can even only allow VPC to VPC connections also .