TL;DR
Explicitly define that the aws_instance
associates a public IP address and then create a Route 53 A
record that points to the instance's public IP:
resource "aws_route53_record" "www" {
zone_id = "..." # PlaceHosted zone ID here
name = "foo_subdomain"
type = "A"
ttl = "300"
records = ["${aws_instance.foo.public_ip}"]
}
resource "aws_instance" "foo" {
...
associate_public_ip_address = true
...
}
...
Where's the load balancer?
Ideally, you want to have a scalable setup where every service is containerised, put them in a private VPC, setup load balancer to handle public requests, and then setup routing for the requests to the services. Unfortunately, I had a setup where I was forced to create a pet server instead of cattle in a herd.
I needed to host a network management tool that required old-school ways of setting up and heavily relying on the state of the disk. To make my life harder it only worked for Ubuntu and it even required me to do a few custom configuration to make it work on the latest distro. 🤷 Luckily, the instance is unlikely to have insane traffic so I am not forced to setup a load balancer to handle scaling issues.
Since the software itself made it hard to containerise it, I needed to do some compromises. I made sure to harden the instance such as setting up the security group to restrict access to our office IP, and I only allowed shell access through AWS Session Manager. To improve fault-tolerance we setup Data Lifecycle Manager to take snapshots of the instance's EBS volume in regular intervals.
Why not use Elastic IPs (EIPs)?
To differentiate public IPs from EIPs:
Public IP addresses are dynamic - i.e. if you stop/start your instance you get reassigned a new public IP.
Elastic IPs get allocated to your account, and stay the same - it's up to you to attach them to an instance or not. You could say they are static public IP addresses.
EIPs are great for keeping a consistent public IP address. It works for use cases where you need to change the instances behind the IP.
For my use case, I don't really care if the public IP changed since I don't intend to change the instance every time. If it does change, I'll simply run terraform again to update the Route53 record with the new public IP of the instance.
Fin. 🐟
Top comments (0)