1

I have multiple web application servers running on different Amazon EC2 instances. At the moment, I am able to access those servers on client devices by assigning an Elastic IP to the EC2 instances and then calling the APIs using either the Elastic IP directly, or by pointing a purchased domain name to the Elastic IP. However, I am now running into the Elastic IP limit, meaning I would have to unassign the Elastic IP from one instance before assigning it to a new instance, and I don't want to do that since the older applications are still in use.

I have looked around to see if I can find a solution for this, and have come across some promising things, such as:

  • dynamic DNS
  • VPC
  • Elastic Load Balancer

but I don't understand them well, since I'm a beginner when it comes to infrastructure. What I'm looking for here is for somebody to point me in the right direction about which method to use and why, as well as ideally some material that I could go through to better understand these concepts in detail.

TLDR: What's the best way to create multiple unrelated publicly accessible web applications, each on it's own separate EC2 instance, on one account in AWS, without running into the Elastic IP limit?

AamirB
  • 11
  • 2

3 Answers3

2

Limits are to protect you from accidentally spending too much, and to protect AWS infrastructure from the users. If you have a legitimate need for more resources such as Elastic IPs and have an account in good standing you simply request a limit increase.

To do this go into AWS Support, choose "Create Case", "Service Limit Increase", and choose the resource you would like increased.

Service Limit Increase

I'll also call your attention to "AWS Service Quotas" in the dashboard, which shows you the default and your current limits.

Service Limits

Another Way

It's fine to put EIPs and EC2 instances online. A way that can be better in some circumstances is to create an Application Load Balancer, associate it with an https certificate you created in AWS Certificate Manager, and have it proxy traffic to your EC2 instance private IPs. It costs a little more, but gives your server(s) some extra isolation from the internet. It can help mitigate some types of DDOS attacks as well.

Tim
  • 31,888
  • 7
  • 52
  • 78
1

Often used way is to setup a reverse proxy, which sends traffic to different upstream servers.

For example:

https://example.com/api1 -> 10.100.10.1
https://example.com/api2 -> 10.100.10.2

There are different ways to setup such a reverse proxy. One can set up an EC2 instance with nginx configured as a reverse proxy.

AWS also offers different ways to accomplish the same functionality: AWS API Gateway, Application Load Balancer and Cloudfront.

Tero Kilkanen
  • 36,796
  • 3
  • 41
  • 63
  • I was going to suggest Application Load Balancer. Sounds like it might be a good fit for you. Look into it! You can set it up and test it while still not touching your current setup. – Gomibushi Nov 29 '21 at 07:42
0

Implement IPv6. AWS can assign globally unique addresses to instances or load balancers. No need for quotas or for the addresses to change, as its not possible to exhaust your personal /56 prefix.

Unfortunately, this is an incomplete solution if your users do not have IPv6 yet. Request a quota increase of Elastic IP address if you need more.

John Mahowald
  • 32,050
  • 2
  • 19
  • 34