CloudFlare & Dynamic Origin IP - amazon-ec2

How can I specify a dynamic IP address for the origin server when configuring Cloudflare?
For instance, when using EC2, the IP address may change whenever the instance is restarted?
How do you update CloudFlare to automatically forward traffic to the new IP address when the origin server IP address has changed?

You have a few options:
Assign an Elastic IP to the EC2 instance so that the IP address will never change.
Place an Elastic Load Balancer in front of the instance and create a CNAME record in CloudFlare that points to the ELB's dns name.
Add a script to your EC2 instance that runs on bootup, that makes a call to the CloudFlare API to update the DNS entry with its new IP address.

Related

Prevent EC2 IP address redirecting for testing purposes

I'm trying to move my website over to AWS. I set up EC2 but I can't find a way to access the dev site I've set up to allow me to test it works before I switch over. The stack is Laravel/Forge and Nginx.
I have assigned an Elastic IP address, and I've enabled HTTP access via port 80. But when I go to the IP address it redirects to the live domain itself.
Same thing when I use the Public IPv4 DNS (ec2-<IP address>.compute-1.amazonaws.com).
I've been battling with it for some time. Can anyone advise what I'm doing wrong.

Amazon aws route53, redirect subdomain to ec2 app running under specific port

I have a domain name mydomain.com registered on amazon route 53.
I have an EC2 instance in which I installed a docker portainer image under 9000 port.
My docker image run perfectly under ec2 public ip address:
http://xxx.xxx.xxx.xxx:9000
What I want now is to create a subdomain: portainer.mydomain.com and pointed it to my EC2 portainer instance.
When I try to create a new record set portainer.mydomaon.com and point it to my docker image instance I can't specify the port value.
I know I miss something, I'm on my beginning on DNS domains.
Route 53 is a DNS resolver. Its job is to resolve domain to ip address. It has nothing to do with port.
But there are some alternatives:
Add a secondary ip to the instance to host multiple websites and bind them to port 80. You add an additional ip by attaching elastic network interface (ENI).
Add Application Load Balancer with host based routing (you will get much more control, you can even do path based routing as well). See: Listeners for Your Application Load Balancers - Elastic Load Balancing
S3 redirection (Route 53 Record Set on Different Port)

AWS: How to Create a DNS that point to private IP?

i am new to using EC2, I have an EC2 instance that can reboot daily for maintenance and after the reboot, i get new public IP(i can't use elastic IPS there are all allocated).
so my problem is the instance contains an application that I need to be accessible via a domain (exemple.com), but I can figure out how to set custom DNS on NameCheap and in AWS this DNS automatically resolve the new public IP of that instance after reboot.
If you feel your architecture warrants additional Elastic IP addresses, you can request a limit increase. To request an increase, complete the Amazon VPC limit request form (choose VPC Elastic IP Address Limit). Describe your use case so that AWS can understand your needs.
You can put your instance behind ElasticLoadBalancer. Each Classic Load Balancer receives a default Domain Name System (DNS) name. This DNS name includes the name of the AWS region in which the load balancer is created. For example, if you create a load balancer named my-loadbalancer in the US West (Oregon) region, your load balancer receives a DNS name such as my-loadbalancer-1234567890.us-west-2.elb.amazonaws.com. You can then use your DNS service to create a CNAME record to route queries to your load balancer. Then, your EC2 instance does not need to have stable public IP address.
You can delegate example.com resolution to AWS DNS service, Route53, and then you can run a script on server boot to update Route53 records with the latest IP address.

Pointing multiple IP address from different hosts to a same domain name with different port

I tried creating an Amazon EC2 instance with an elastic IP address. In there I deployed a MEAN app by Bitnami.
On the other hand we have a CPanel (not deployed in amazon, I think it's Apache, not sure, I'm not the one who deployed it)
Cpanel is already pointing to www.example.com so we can access cpanel via www.example.com:2082 but the default www.example.com:80 is blank/empty. We are using Cpanel for our mailing server.
What I need to do is to point Amazon EC2 public IP and DNS to www.example.com:80. Can I set it up in Cpanel DNS Zone Editor? or do I need to set up Amazon Route 53? what do I need?
If I create a new A record in Cpanel DNS Zone editor for Amazon I lose access to Cpanel www.example.com:2082. I'm really confuse right now. Please Help.
You need to introduce a Proxy server in between to do this, As in DNS you can't set the ports, for each type of requests ports are already defined.
You can add nginx or haproxy or any other reverse proxy server, which will accept all the requests and passes on the request to appropriate hosts on appropriate ports.
I know it's a bit late but just in case you still need it or someone comes across this:
No need for a proxy.
You point the A record for example.com to EC2 IP.
CNAME for WWW to example.com
Then you should have an A record for mail.example.com for your cPanel IP
Your MX records should point to mail.example.com and not to example.com.
And you can access cPanel at mail.example.com:2082 or whatever the server's IP or main hostname is. The main hostname has the advantage that you can use port 2083 for SSL cPanel connections
Just make sure the e-mail clients use mail.example.com and not example.com as the connecting mail server.

Amazon EC2 public ipv6 address

As Apple starts rejecting applications which are not able to communicate in ipv6 only network, it is required to also have a public ipv6 address for my web service which uses TCP and UDP.
The web service is hosted in Amazon EC2 VPC, I have followed instructions on Amazon docs to enable ipv6 routing in VPC. But I don't have any public domain or static-ipv6 to connect to EC2 instance.
After searching I came to know about route53 service which can register a domain and point it to some ipv6 / ipv4.
Is the correct solution? Can a single domain map to both ipv4 & ipv6?
for example, mywebservice.amazon-ec2.com points to same ec2 instance having ipv4 and ipv6.
Will requesting the mywebservice.amazon-ec2.com from ipv6 only network work?
If I misunderstood something please help.
You are correct.
You can create a two Record Sets in Amazon Route 53:
One A record pointing to the IPv4 address
One AAAA record pointing to the IPv6 address
For the IPv4 address, first allocate an Elastic IP Address to the instance because it is a static address that will not change when the instance is stopped/started. Then, point the A record to the Elastic IP Address.
There is no Elastic IP Address available for IPv6. Instead, just point to the instance's normal IPv6 address, which will always stay the same for that instance.
You don't actually need to use Amazon Route 53 -- any DNS service will provide the same functionality.
See Amazon Route 53 documentation: Values for Basic Resource Record Sets

Resources