instances

AWS Register Instances with Load Balancer

February 19, 2020

Here’s the AWS CLI to register instances to a load balancer.

aws elb register-instances-with-load-balancer \
--load-balancer-name my-load-balancer \
--instances i-xxxxxxxxxxx i-xxxxxxxxxxx i-xxxxxxxxxxx

GCP Start Multiple Instances

January 19, 2020

Here’s how to start multiple instances using Bash and Google SDK.

#!/bin/bash
while IFS=', ' read -r a b c; do
  instance="${a//[[:blank:]]/}"
  project="${b//[[:blank:]]/}"
  zone="${c//[[:blank:]]/}"
  echo "Starting $instance ...."
  gcloud compute instances start $instance \
  --zone $zone --project $project --async
done < instance-list.txt

Instances are read from an external file. The file format is displayed below.

server1,project1,us-central1-a
server2,project2,us-central1-b
server3,project3,us-central1-c

To stop multiple instances, replace “start” with “stop.”

GCP Check Instances Running

January 18, 2020

Here’s how to check if instances are running in GCP.

#!/bin/bash
while IFS=', ' read -r a b c; do
  instance="${a//[[:blank:]]/}"
  project="${b//[[:blank:]]/}"
  zone="${c//[[:blank:]]/}"
  gcloud compute instances describe $instance \
  --zone $zone --project $project \
  --format='table[no-heading](name,status,zone)'
done < instance-list.txt

Instances are read from an external file. File is comma delimited with instance name, project id and zone data.

GCP Setup NLB

December 23, 2019

Here’s how to setup a Network Load Balancer in GCP.

Setup your instances.

# Instance 1
gcloud compute instances create www1 \
  --image-family debian-9 \
  --image-project debian-cloud \
  --zone us-central1-b \
  --tags network-lb-tag \
  --metadata startup-script="#! /bin/bash
    sudo apt-get update
    sudo apt-get install apache2 -y
    sudo service apache2 restart
    echo '<!doctype html><html><body><h1>www1</h1></body></html>' | tee /var/www/html/index.html
    EOF"
# Instance 2
gcloud compute instances create www2 \
  --image-family debian-9 \
  --image-project debian-cloud \
  --zone us-central1-b \
  --tags network-lb-tag \
  --metadata startup-script="#! /bin/bash
    sudo apt-get update
    sudo apt-get install apache2 -y
    sudo service apache2 restart
    echo '<!doctype html><html><body><h1>www2</h1></body></html>' | tee /var/www/html/index.html
    EOF"
# Instance 3
gcloud compute instances create www3 \
  --image-family debian-9 \
  --image-project debian-cloud \
  --zone us-central1-b \
  --tags network-lb-tag \
  --metadata startup-script="#! /bin/bash
    sudo apt-get update
    sudo apt-get install apache2 -y
    sudo service apache2 restart
    echo '<!doctype html><html><body><h1>www3</h1></body></html>' | tee /var/www/html/index.html
    EOF"

Create a firewall to allow external traffic to reach port 80.

gcloud compute firewall-rules create www-firewall-network-lb \
    --target-tags network-lb-tag --allow tcp:80

Configure your network load balancer.

# Create an external IP address.
gcloud compute addresses create network-lb-ip-1 \
    --region us-central1
# Add a legacy HTTP health check.
gcloud compute http-health-checks create basic-check
# Add a target pool.
gcloud compute target-pools add-instances www-pool \
    --instances www1,www2,www3 \
    --instances-zone us-central1-b
# Add a forwarding rule.
gcloud compute forwarding-rules create www-rule \
    --region us-central1 \
    --ports 80 \
    --address network-lb-ip-1 \
    --target-pool www-pool
# Lookup external IP address.
gcloud compute forwarding-rules describe www-rule \
    --region us-central1

Finally, use the curl command to send traffic to the NLB external IP address.

while true; do curl -m1 [IP_ADDRESS]; done

GCP Service Accounts

September 25, 2019

Here’s how display the Service Account of a particular instance in Google Cloud.

gcloud compute instances describe server-name \
--zone us-central1-c \
--project project-id \
--format="flattened(serviceAccounts[].email)"

Result is:

serviceAccounts[0].email: service-account-name@project-id.iam.gserviceaccount.com

AWS RDS Start and Stop Policy

August 29, 2019

Here’s a IAM policy that you can add to an IAM user or an IAM role so they are able to start and stop a specific RDS instance.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Condition": {
                "StringEqualsIgnoreCase": {
                    "rds:db-tag/Application": "application-name"
                }
            },
            "Action": [
                "rds:DescribeDBInstances",
                "rds:StartDBInstance",
                "rds:StopDBInstance"
            ],
            "Resource": "arn:aws:rds:us-east-1:xxxxxxxxxxxx:db:db-instance-name",
            "Effect": "Allow"
        }
    ]
}

AWS CLI EC2 Impaired Instances

July 22, 2019

Here’s how to get a list of EC2 instances with a status of impaired.

aws ec2 describe-instance-status \
--filters Name=instance-status.status,Values=impaired