Sometimes you need your EC2 instances to have static private IPs, but this isn’t easy when they’re in an autoscaling group, being terminated & recreated all the time. One way to do this is to attach a secondary network interface to an instance that was just created by autoscaling. The secondary NIC holds its private IP & can move from instance to instance as they’re terminated & recreated.
To implement this technique, create a network interface with the description my-network-interface at https://console.aws.amazon.com/ec2/v2/home#NIC in the subnet where your autoscaling group will launch instances. Then ensure that the IAM role in the EC2 instance profile contains this IAM policy:
{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Action": [
"ec2:DescribeNetworkInterfaces",
"ec2:AttachNetworkInterface"
],
"Resource": "*"
}
}
Finally, include this script in the user data of the autoscaling group’s launch template or configuration:
#!/bin/bash
YOUR_NICS_DESCRIPTION="my-network-interface"
AZ=`ec2-metadata -z | cut -d':' -f2`
echo $AZ
REGION=`echo ${AZ%?}`
echo $REGION
NIC=`aws ec2 describe-network-interfaces \
--region $REGION --output text \
--query 'NetworkInterfaces[?contains(Description, \`'$YOUR_NICS_DESCRIPTION'\`)] | [?contains(Status, \`available\`)].NetworkInterfaceId'`
echo $NIC
if [[ "${NIC}" != "" ]]; then
INSTANCE=`ec2-metadata -i | cut -d':' -f2`
echo $INSTANCE
aws ec2 attach-network-interface \
--network-interface-id $NIC \
--instance-id $INSTANCE \
--device-index 1 \
--region $REGION
fi
This setup will ensure that the secondary network interface is attached to any one of the instances in the autoscaling group at all times. If an instance terminates, the NIC is detached. As soon as autoscaling recreates the instance, the NIC reattaches to it!
Harish KM 