3

I would like to turn on/off some of my Amazon EC2 instance, but this causes the IP and all DNS names to change. Therefore when I boot my machine again, all my SSH configurations are lost since I was connecting using the previous DNS name.

Is there a simple way to resolve the dns of the target machine (with no or as low as possible cost) using only its instance-id (or any other parameter that do not change over shutdowns-restarts) ? Do I have to use the AWS-CLI ? What if I want to provide an access to an EC2 machine to someone who doesn't have AWS credentials ?

Not sure if tags like "service-discovery", "broker", or "proxy" would really make sense here, but for the sake of references I'm adding them in my post.

I do not want to pay for elastic IPs.

Cyril Duchon-Doris
  • 12,964
  • 9
  • 77
  • 164
  • 1
    Maybe you could query the IP and DNS name of the given instance ID dynamically using the awscli or equivalent. You'd need a very basic set of credentials allowing DescribeInstances. – jarmod Dec 08 '16 at 19:26

4 Answers4

4

There are already Utils that do this, no need to roll your own: ec2ssh is a python script to do it but a google for ec2ssh will turn up numerous similar tools in multiple languages that will do the job.

Personally, I setup a bastion with an EIP, and jump from there to all the other hosts. This way you don't need to give your Instances public IPs just for admin access. If your not transferring large files you can get away with a t2.nano as the bastion instance, which with a reservation costs you peanuts a month.

Ec2ssh has bastion support so the config overhead is minimal.

Nath
  • 748
  • 4
  • 16
2

Building off of @jarmod 's comment, if you know the instance ID then you can use the awscli to get the IP like this:

aws ec2 describe-addresses --filters Name=instance-id,Values=i-xxxxxxxxxxxxxxxxx | grep PublicIp | awk -F\" '{print $4}'

That being said, I'm not sure why you think that Elastic IPs are expensive. Per the Pricing page, Elastic IPs are free when associated with running instances, and $0.005/hour when not associated with an instance.

Brian
  • 5,300
  • 2
  • 26
  • 32
  • 1
    Yes, I'm fully capable of doing math. I guess it comes down to whether you consider $43.80/year to be "expensive", and why the IP would be associated for any significant period of time. If you really need to have transient Elastic IPs, I suppose you could script the allocation, association, de-association, and release process - but why not just allocate a free Elastic IP per instance and call it a day? – Brian Dec 09 '16 at 18:01
0

EC2 elastic IP is exactly what you want. Instance will retain it's elastic IP (and associated DNS-name) during reboots and start/stop cycles. https://aws.amazon.com/ec2/pricing/on-demand/#Elastic_IP_Addresses

Keep in mind: it only works with VPC EC2 instances. Old "classic" instances will lose their elastic IP and you will have to associate it manually again.

Sergey Kovalev
  • 9,110
  • 2
  • 28
  • 32
  • But elastic IPs are expensive and you pay for them while they are not in use (cf my last line) – Cyril Duchon-Doris Dec 08 '16 at 18:06
  • 3
    Then the best solution would be creating Route53 zone, creating a role that can manage that zone and assigning this role to your instance. That way you can run a startup script that would use Route53 API to update DNS name with current EC2 instance ID. – Sergey Kovalev Dec 08 '16 at 18:29
0

This tool should do what you're asking for: https://github.com/wagoodman/bridgy

bridgy ssh <some-instance-id>

If you have the ~/.aws creds/config defined as you would with the aws-cli as well as the following in ~/.bridgy/config.yml:

inventory:
    source: aws
    update_at_start: true
ssh:
    user: <your ssh user>
...

then it should work!

Disclosure: I'm the author.

wagoodman
  • 143
  • 2
  • 7