15

I'm creating a tool to deploy Docker images to EC2 via ElasticBeanstalk, so the dev team can quickly demo their work without having to merge. I don't want Elastic IP to be enabled for these apps as they are short lived.

The reason I'm asking this is because if my tool builds more than 5 apps (and it has quite quickly) any new app will fail because no Elastic IP can be assigned to the new app. This is because an AWS account typically has a max of 5 Elastic IPs available. I can go to the aws web console and choose 'Disassociate Elastic IP Address' (see below) on an instance, after which the ec2 instance will get a new ip (after a few minutes). This is what I want, but I want to do it programmatically, and would prefer to boot the app without it instead of doing it once the instance is created.

disassociate menu option

Is there a configuration option I can use to use to disable Elastic IP for the new instance?

I'm using the node aws-sdk, but any tips in any language will do.

I'm creating m1.small single instances.

If this isn't possible when launching, I'll have to disassociate the Elastic IP from the instance using the EC2.disassociateAddress function.

ed.
  • 251
  • 1
  • 2
  • 4
  • If you are launching in a private subnet: http://stackoverflow.com/questions/39086022/setting-up-amazon-elastic-beanstalk-app-without-public-access/39350333 – lonewarrior556 Jan 27 '17 at 21:25

4 Answers4

13

When using the environment type "Single instance", you always get an EIP.

From Beanstalk developer guide, Environment Types:

A single-instance environment contains one Amazon EC2 instance with an Elastic IP address.

Disabling the "Associate Public IP Address" option does not have any effect.

Switch to "Load-balancing, Autoscaling" Environment to get by without an EIP.

Jens Bannmann
  • 553
  • 1
  • 6
  • 11
  • Unlike the other answers here, this actually solved my problem, so thanks :) For future travelers, in the new Environment Creation dialog, you choose the "Load Balancing" option under the "Configure More Options" button at the end of the environment creation form. – Jacob Davis-Hansson Sep 07 '17 at 18:05
1

I don't want Elastic IP to be enabled for these apps as they are short lived.

If you're in a VPC's public subnet (which is likely), one is required for that instance to be able to communicate with the Internet. Per http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Internet_Gateway.html:

To enable an instance in your public subnet to communicate with the Internet, it must have a public IP address or an Elastic IP address that's associated with a private IP address on your instance. Your instance is only aware of the private (internal) IP address space defined within the VPC and subnet. The Internet gateway logically provides the one-to-one NAT on behalf of your instance, so that when traffic leaves your VPC subnet and goes to the Internet, the reply address field is set to the public IP address or Elastic IP address of your instance, and not its private IP address. Conversely, traffic that's destined for public IP address or Elastic IP address of your instance has its destination address translated into the instance's private IP address before the traffic is delivered to the VPC.

The automatically-assigned EIPs that come with a new instance don't cost anything, and they automatically go away when the instance is decommissioned.

ceejayoz
  • 32,469
  • 7
  • 81
  • 105
  • Thanks for your answer, I've added more information to the question explaining the issue I'm seeing and how I can get around it via the web console. I may be misunderstanding how AWS is working - but you could advise further I'd be very grateful. – ed. Jun 10 '15 at 20:38
  • @ed. I'm not enormously familiar with EB but it looks like from the docs you want to set `aws:ec2:vpc:AssociatePublicIpAddress` in your EB config (and that this is peculiar to single-instance EBs). Alternatively, ask AWS for an increase in your EIP limit - in my experience they'll happily grant it in this sort of situation. – ceejayoz Jun 10 '15 at 20:57
  • cheers I'll try that. – ed. Jun 10 '15 at 20:58
  • I've tried the flag above to no avail. I think I'm just going to call disassociateAddress via the sdk. – ed. Jun 12 '15 at 15:08
  • 1
    For the record: `aws:ec2:vpc:AssociatePublicIpAddress` is only for the ec2 instance, if you set it to false then `disassociateAddress` the instance won't have a public IP. – ed. Jun 15 '15 at 20:01
1

There is an elastic beanstalk environment option that might be what you are after.

http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-elbloadbalancer

Namespace: aws:ec2:vpc AssociatePublicIpAddress : false

If you set it then all the nodes created by this environment will not have a public IP. Inbound traffic will have to use a load balancer. The VPC and subnets will need to be accociated with a NAT gateway or an internet gateway to get outbound internet access. If you do not have outbound internet access then the Elastic Beanstalk build will fail (It won't be able to reach AWS services).

Sam
  • 617
  • 1
  • 5
  • 14
  • 1
    I added this to EBS config: `{ "OptionName": "AssociatePublicIpAddress", "ResourceName": "AWSEBAutoScalingLaunchConfiguration", "Namespace": "aws:ec2:vpc", "Value": "false" },` Even so, Elastic IP is associating to that instance. Any clue? – Kostanos May 12 '17 at 00:15
  • 1
    this is not true, it has no affect on eip – YisraelU Oct 29 '17 at 00:04
1

After you Disassociate the Elastic IP Address, you have about 10 seconds to 'release' it. If you release it, it will not come back.

lonewarrior556
  • 157
  • 1
  • 1
  • 7