When I launch an EC2 instance,I will get a private ip and public ip.The public ip can be
visited by a dns domain like 'ec2-184-73-237-10.compute-1.amazonaws.com'.When I ping it,I got ip address 184.73.237.10.
My question is: does 184.73.237.10 only belongs to me or it's shared by different instances?
If it's shared by different instances,how does it work? As far as I know, each instances(linux) can be accessed by ssh.
Thanks in advance :-)
It only belongs to you (there is a 1:1 mapping between public and private IP addresses), but it can change at any time. For this reason, if you need an instance to be permanently accessible by IP they recommend using an Elastic IP Address. EIP is free as long as it's actually associated with an instance.
It is recommended to create and associate an Elastic IP (AWS's static IP) to your instance. And this IP will be only yours.
The benefit of Elastic IP, is that, even you can associate it to other instance, restored server from the AMI image of parent instance, thus bring back your site in case of any issues/attacks.
Related
As far as I know, if you create an image from a running instance, it would by default reboot the instance. Do correct me if I am wrong on this.
For my situation, my free elastic ip are all used up and I need to do some heavy modification on the instance operating system. Before proceeding with those modifications, I would like to at least do a complete backup on everything. Which means I need to create an AMI and do snapshot on the EBS before proceeding. Problem is, I can't afford to lose the public and private IP address of that instance because it would take me more work to update all other softwares in different servers that would connect to it (unless of course if I mess it up and had to use the backup created AMI image after all).
So my questions are:
If I just simply create an image from that instance that is still running without stopping it. It will reboot by default, but would it change it's public and private IP addresses? I noticed that a normal "reboot" when you right click the instance does not change those IP address. Is it the same kind of "reboot" when you create image without stopping the instance?
Is it safer that I stop the instance first before creating an image or creating the image while it's running is safe enough? Consider data integrity.
Thank you
The default reboot during AMI creation will just do a normal reboot. It will not change IP addresses.
The Private IP address will never change.
The Public IP address might change if the instance is stopped.
Best practice is to either use an Elastic IP address (free if attached to a running instance, and you can request more if you need them) or use a DNS Name that resolves to an IP address. That way, if the IP address changes, simple update the DNS entry without needing to change any references.
Why doesn't AWS allocate elastic IP's to all the servers being spawned? They allocate public IP by default to all the servers, which gets lost after a reboot of EC2 instances.
What's the logic behind not allowing elastic IPs automatically?
TL;DR Because Elastic IP (EIP) addresses are not needed for all/most use cases.
There is a limited supply of routable IP addresses. If every server on a public subnet received one, those IP addresses would remain allocated even when the servers were off. If the server was terminated it would be unclear if the use of that IP was concluded or is still necessary for other use. Which brings up the real reason for Elastic IP's.
An Elastic IP address is a static IPv4 address designed for dynamic cloud computing. An Elastic IP address is associated with your AWS account. With an Elastic IP address, you can mask the failure of an instance or software by rapidly remapping the address to another instance in your account. [1]
The take away from this is if you're not using EIP's for dynamic cloud computing you're probably using them incorrectly. This is a good example of a correct use case.
If you require a persistent public IP address that can be associated to and from instances as you require, use an Elastic IP address instead. For example, if you use dynamic DNS to map an existing DNS name to a new instance's public IP address, it might take up to 24 hours for the IP address to propagate through the Internet. As a result, new instances might not receive traffic while terminated instances continue to receive requests.[2]
Is it possible to assign Elastic IP Address to my instance without changing the public IP address?, i need to Transforms my public IP address to be Elastic IP Address
Yes. It is possible. You can access your instance with Both Elastic IP as well as Public IP Address. But remember when your EC2 instance restart at that time its public IP may get change so people preferring to use Elastic IP Address.
Hope this Helps !
Using Elastic Network Interfaces it is possible if you started the instance in a VPC. You can assign the Elastic IP to an Elastic Network Interface which you can then attach to the EC2 instance. EC2 instances in VPC can have multiple ENI. If you assign an EIP directly to the EC2 instance (classic or VPC) then the public IP changes to the EIP.
When you associate an EIP with an instance, the instance's current
public IP address is released to the EC2-Classic public IP address
pool. If you disassociate an EIP from the instance, the instance is
automatically assigned a new public IP address within a few minutes.
In addition, stopping the instance also disassociates the EIP from it.
from: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html
We have created a new EC2 VPC instance on Amazon.
When we created instance at Amazon, it was created with IP address generally know as a Public IP.
For ex: Public IP: xx.xxx.xxx.xx
And we can access our site using above public IP Address (xx.xxx.xxx.xx).
Now we need to create one another public IP address for our site.
For ex: Public IP: yy.yyy.yyy.yy
Is it possible to create multiple IP addresses? If yes, then how to do that? Let us inform with an appropriate answer.
Note that after assigning multiple addresses, our site should be accessed on any of the IP addresses assigned.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html
Multiple IP
EC2-Classic:
Instances support only a single private IP address and a corresponding EIP.
EC2-VPC:
Instances support multiple IP addresses, and each one can have a corresponding EIP. For more information, see Multiple Private IP Addresses http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/MultipleIP.html
You can not assign multiple (free of charge) public IP addresses to a single instance.
But you could assign an additional network interface at your instance and configure your system to work with two interfaces. After that you can assign an Elastic IP to your new interface (extra costs).
I have two separate instances in my test scenario
Web Server Instance
Database Server Instance
So far the only way I can get from 1st to 2nd Instance is by having Elastic IP's configured and using the Public DNS (or IP) reference. I can limit unwanted access by configuring the Security Group for 2nd to only take Port 1433 traffic only from 1st.
It seems like Instances within the same Amazon AWS zone should be able to talk to each other more efficiently than first going out and then coming back in.
Is there a way to go directly from 1st to 2nd instance using just the Private DNS (or IP)?
If you are using the Amazon Public DNS name, Amazon makes sure that all internal traffic gets routed internally only. So there is no problem in using the public DNS names. Have a look at this question and this article for more details.