amazon-vpc

问题 I have a Play 2 web application, which I deploy to Elastic Beanstalk using Docker. In this web app, I start an Akka cluster. The starting procedure involves adding all nodes in the autoscaling group as seed nodes (including itself). On the first deploy to EB I specify to deploy to a VPC (I only select one availability zone). When I run the app and start the cluster, I get the following message: AssociationError [akka.tcp://cluster@localhost:2551] -> [akka.tcp://cluster@172.31.13.25:2551]:

问题 I was in the process of creating a new AWS VPC for my instances. However, I noticed that when I used CIDR Notation to create the VPC & Public Subnet, AWS indicates that I have n^2 - 4 (where n is the # of bits) available IP addresses? Why is this? I understand that when n^2 -2 occurs it is usually to remove the case where bits are all 0s or all 1s. But am not sure why it is - 4 in this case. Here the /28 indicates 11 IP addresses available when I expected 15 or 13, and 251 when I expected 255

问题 I am using serverless framework for creating lambdas. I created a simple Lambda function, which queries from an mongo instance and returns the response. Initially, I created the mongo instance with publicIp and made the Lambda access that instance with publicIP. It worked well. Now, in order to increase the security, I added the VPC configuration to the Lambda. Here is my serverless.yml: functions: graphql: handler: handler.graphql iamRoleStatements: - Effect: Allow Resource: "*" Action: -

问题 Things I have done: $ vi /etc/hosts Added IPAddress Hostname I want to automate this process like every new instance I launch should have an entry in /etc/hosts 回答1: Guess you need add the host itself in /etc/hosts. Put this in user data when you create a new ec2 instance #!/usr/bin/env bash echo `ec2-metadata -o|cut -d: -f2` " " `ec2-metadata -h |cut -d: -f2` >> /etc/hosts 来源： https://stackoverflow.com/questions/27739618/automatically-add-an-entry-in-etc-hosts-file-in-newly-launched-amazon

问题 Does anyone know how to use Openswan to create an IPSec tunnel to a Cisco router on EC2? I keep reading that people can or they cannot set up the IPSec tunnels on Amazon's cloud. Is it possible or not? If so, can someone point me to a tutorial where it was successful? 回答1: Update AWS has just dropped the requirement to establish Border Gateway Protocol (BGP) peerings in order to use the built in VPN connectivity to an Amazon Virtual Private Cloud (VPC), see Amazon VPC - Additional VPN

问题 I have an RDS instance started in a DB Subnet Group in my VPC. This instance has an endpoint of the form someDatabase-db-small.abcd1234.us-east-1.rds.amazonaws.com:3306 . How does one allocate to this instance an IP address in the VPC subnet 10.0.0.0/24 ? 回答1: The instance will already have an IP address in that range allocated. Use something like 'dig' to lookup the IP address of the endpoint from inside of the VPC and you will get back an IP address from your VPC subnet. 来源： https:/

问题 I deployed a web service in my private subnet without ELB in public subnet. Now I want to expose it to public. Can I use API gateway as the http proxy to make it public? Anyone knows how to do that? 回答1: The service has to be public for API Gateway to be able to connect to it. You can use SSL Client certs to restrict access to only API Gateway. Otherwise, API Gateway would not be a good solution to your issue. Update: You can now configure API Gateway to access resources inside a VPC using

问题 I have a lambda function that accesses my Postgres db in RDS via VPC. After it queries the db, I want to post a notification to SNS. Because my lambda function exists in my VPC, it cannot access SNS. I have an internet gateway on my VPC. I read through the VPC endpoint documentation and currently only s3 is supported. Is there anyway to publish to SNS in a lambda function in a VPC? 回答1: You will need a NAT server running in your VPC to route traffic outside of the VPC. AWS now offers a

问题 I have a situation when my product(some Web API) is living inside of VPC, i.e. with no any any external access. I'd like to expose the part of this APIs(just a couple of HTTP methods) to be accessible from the internet. I'm trying to achieve this using AWS API Gateway but it looks like I cannot make internal ELB endpoint the API Gateway resource. Any ideas how can I do this? Thanks, --Vovan 回答1: This was originally not possible, and then was solved with support for client certificates that

问题 I'm using Amazon EC2, and I want to put an internet-facing ELB (load balancer) to 2 instances on a private subnet. I am using VPC with public and private subnets. If I just add the private subnet to the ELB, it will not get any connections. If I attach both subnets to the ELB then it can access the instances, but it often will get time-outs. (Refer Screenshot 1) If I attach to only public subnet then my instance attached to ELB gets OutOfService because I do not have any instance in the