No description, website, or topics provided.
Go Makefile Shell
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
bin
pkg
src/github.com
.gitignore
.gitmodules
CONTRIBUTORS.md
Dockerfile
LICENSE
Makefile
README.md
install.sh

README.md

EIPify

This lightweight Go program is designed to run on an EC2 instance inside an autoscaling group. It obtains an Elastic IP address from a pool, which is specified as all EIPs defined by a CloudFormation Stack.

Install

This generates the ./bin/eipify executable.

$ make install

Usage

$ STACK_NAME=foo ./bin/eipify

Or via Docker:

eipify:
  image: flippa/eipify:1.0.0
  environment:
    STACK_NAME: whatever
    AWS_REGION: us-east-1

You'll need the following role on instances using this program:

{
  "Statement": [
    {
      "Action": ["cloudformation:DescribeStackResources"],
      "Effect": "Allow",
      "Resource": ["*"]
    },
    {
      "Action": ["ec2:DescribeAddresses", "ec2:AssociateAddress"],
      "Effect": "Allow",
      "Resource": ["*"]
    }
  ]
}

Rationale

For some applications, we really want static IP addresses to be assigned to instances, even if those instances are part of an ASG.

However, we have had problems in the past where automatic assignment of EIPs has been dangerous, as such logic prevents side-by-side CloudFormation Stack testing. If we utilize the CloudFormation Stack to provide the pool of EIPs, this problem goes away and stacks can live happily side-by-side.

Since EIPify continually attempts to associate an EIP from the given CloudFormation Stack, rolling updates go like this:

  1. New instances come online and try obtain an EIP
  2. All EIPs are in use by the old instances, so we wait
  3. Old instances terminate and EIPs become available
  4. New instances obtain the newly available EIPs