How to run an ecazon ec2 instance inside a VPC using a chef?

This is primarily a question about the Chef. Studying the control nodes inside Amazon VPC with a chef, I run into some difficulties, mainly that a node that does not have an external IP address is not easy to get a chef.

I looked at the main tutorial for scenario # 2 http://docs.amazonwebservices.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html#Case2_Launch_NAT

However, this time:

knife ec2 server create -N app-server-1 -f m1.small -i rails-quick-start.pem -r "role[base]" -G WebServerSG -S rails-quick-start -x ubuntu -s subnet-580d7e30 -y -I ami-073ae46e -Z us-east-1d 

What am I doing wrong?

+6
source share
3 answers

The solution was to configure the tunnel and ssh tunnel on some port of the public computer to all other computers in the cloud. Thus, my load balancer serves HTTP traffic on socket 80, is accessible through socket 22, and uses sockets 2222, 2223, 2224, ... to tunnel ssh for non-public cloud instances. On the load balancer (or any public authority) do:

 ncat --sh-exec "ncat PRIVATE.SUBNET.IP 22" -l 2222 & 

eg:

 ncat --sh-exec "ncat 10.0.1.1 22" -l 2222 & 
+1
source

So that the knife can talk to the server, you may need to configure a VPN. If your VPC is already connected to your local network via VPN, it should work, but if you do not want to run the OpenVPN server or something like that.

You can also configure servers in two ways:

  • Create an EC2 instance and download it. Then run the knife bootstrap against it.
  • Create an EC2 instance with the appropriate user data and configure cloud init (if you use say ubuntu with cloud-init enabled).
+1
source

There must be a way to associate Elastic IP with the instance in order to obtain a public IP address for easy access, and then complete all boot and SSH operations through EIP.

0
source

Source: https://habr.com/ru/post/913992/


All Articles