There are many different approaches available in the community for the automatic association of an Elastic IP address, but I want to share our approach to this and in particular, how we perform the allocation from a pool of addresses.
I am not going to go into detail here as to what an Elastic IP address is, but it is, in essence, a static IP address.
So why are they important? And why do we need them to be automatically allocated from a pool?
First off, a bit of background on our setup. We heavily utilise AWS Autoscaling to automatically scale up and down EC2 instances as demand changes. The instances are distributed globally across three AWS regions and each of them requires access to our MongoDB farm and RabbitMQ service.
These are both SaaS with (https://www.mongodb.com/cloud/atlas) and (https://www.cloudamqp.com/) respectively. Both have firewall rules setup with a series of allowed IP address, which is where our static IP addresses come in. When our instances scale up, they will need to have an allowed IP address to gain access to these resources.
The Technical Detail
The address association is performed by a simple script which is executed when the instance is started. The script will look for an available address within the pool and then automatically associate it with the instance.
The address pool is defined by tagging the IP addresses, which all became possible with Amazon’s release of Elastic IP tagging in late 2017 (https://aws.amazon.com/about-aws/whats-new/2017/12/amazon-virtual-private-cloud-vpc-now-allows-customers-to-tag-their-elastic-ip-addresses/).
The addresses are pre-allocated and then a tag with the Key ‘Environment’, where the value is the name of the environment, e.g. Prod.
The instances in the Auto Scaling group are tagged on startup with the same key-value pair. Their AMIs are set to execute the auto-assign-elastic-IP script on startup.
The script will first lookup the value of the Environment tag:
instance_environment=$(aws ec2 describe-tags –region $instance_region –filters “Name=resource-id,Values=$1” “Name=key,Values=Environment” –query “Tags[*].Value” –output text)
Then, if the environment is found it will search for any unassociated addresses in the pool:
local describe_addreses_response=$(aws ec2 describe-addresses –region $instance_region –filters “Name=tag:Environment,Values=$instance_environment” –query “Addresses[?AssociationId==null].AllocationId” –output text)
If an address is found, it will be associated with the instance.
result=$( (aws ec2 associate-address –region $instance_region –instance-id $instance_id –allocation-id $1 –no-allow-reassociation) 2>&1 )
The full script is available to download here (https://github.com/heedsoftware/auto-assign-elastic-ip).
Written by Steven Allen, Technical Director