ip address

GCP Manually Move Instance

January 10, 2021

Here’s how to move a VM instance from one zone to another. Moving an instance will involve destroying the instance from the source zone, and then recreating a replacement instance in the destination zone. To make the move easier, we will use a machine image to recreate the instance. We will also take advantage of the compute and IP address reservations to guarantee that we use the same IP address machine type. Some large machine types are hard to come by.

Get a list of compute and IP reservations.

gcloud compute addresses list
gcloud compute reservations list

Make reservations.

gcloud compute addresses create centos-ip-reservation --addresses 10.128.15.216 --region us-central1 --subnet default
gcloud compute reservations create centos-us-central1-b --machine-type=n1-standard-1 --vm-count=1 --zone us-central1-b

Create a machine image.

gcloud compute instances stop centos
gcloud beta compute machine-images create centos-image-00 --source-instance centos

Delete original instance.

gcloud compute instances delete centos

Create an instance from image in the new zone. Use the compute and ip reservations previously made.

gcloud beta compute instances create centos \
--no-address \
--private-network-ip 10.128.15.216 \
--source-machine-image=centos-image-00 \
--subnet=https://www.googleapis.com/compute/v1/projects/airy-totality-151318/regions/us-central1/subnetworks/default \
--machine-type=n1-standard-1 \
--reservation-affinity=any \
--reservation=centos-us-central1-b \
--zone=us-central1-b

Finally, clean it up once you are done.

gcloud compute instances delete centos --zone us-central1-b
gcloud compute addresses delete centos-ip-reservation 
gcloud compute reservations delete centos-us-central1-b --zone us-central1-b
gcloud beta compute machine-images delete centos-image-00

GCP Create Internal IP Reservation

September 29, 2020

Here’s how to create an internal IP reservation in GCP.

gcloud compute addresses create my-private-ip-reservation \
--addresses 10.128.0.15 \
--region us-central1 \
--subnet default \
--project project-id

To list your reserved IPs.

gcloud compute addresses list \
--project project-id

AWS LightSail Restrict IP Address

July 27, 2020

AWS LightSail now has the ability to restrict IP addresses in their firewall rules. LightSail instances can now be secured by limiting firewall rules from an IP CIDR block or a single IP address. For example, you can restrict who can SSH into your instance by limiting it to just your IP address, so only you can SSH into your machine. Another feature AWS added in their LightSail firewall is support for ping, which could be helpful for monitoring and checks.

GCP Static IP

December 25, 2019

Create a static IP.

gcloud compute addresses create your-app-static-ip \
--region us-central1

List static IP.

gcloud compute addresses list your-static-ip-name --region us-central1
# or
gcloud compute addresses list --filter="name=('live-tfc-static-ip-address')"

Release static IP.

gcloud compute addresses delete your-app-static-ip \
--region us-central1

AWS EC2 Enable Secondary IPs

July 25, 2019

Here’s how to enable secondary private IPs for AWS EC2 instances.

Add secondary private IPs to the instance.
- Editing the instance Networking > Manage IP Addresses.
- Add new private IP addresses.
- Save.
Set the route configuration for each secondary IP address.
- Config files are ifcfg-eth0:0, ifcfg-eth:0.1 and so on.
- Test each interface or IP to see if they respond to ping.
- /etc/sysconfig/network-scripts/

ifcfg-eth0:0

NM_CONTROLLED="no"
DEVICE="eth0:0"
ONBOOT="yes"
BOOTPROTO="static"
IPADDR="10.0.0.14"
NETMASK="255.255.255.255"

ifcfg-eth0:1

NM_CONTROLLED="no"
DEVICE="eth0:1"
ONBOOT="yes"
BOOTPROTO="static"
IPADDR="10.0.0.15"
NETMASK="255.255.255.255"

Display Instance ID & IP Address

July 7, 2019

How to display IP address and Instance ID on web page behind a AWS load balancer.

Add these 2 commands in crontab. The job runs every 5 mins.

*/5 * * * * /usr/bin/curl http://169.254.169.254/latest/meta-data/instance-id &gt; /var/www/html/id.txt
*/5 * * * * /usr/bin/curl http://169.254.169.254/latest/meta-data/public-ipv4 &gt; /var/www/html/ip.txt

You can view on the site.

# your domain
http://yourdomain.com/ip.txt
http://yourdomain.com/id.txt
# your server ip address
http://1.1.1.1/ip.txt
http://1.1.1.1/id.txt

S3 Restrict IP Addresses

June 5, 2019

Here’s the policy to restrict access to S3 bucket to certain IP addresses.

{
    "Version": "2012-10-17",
    "Id": "S3PolicyIPRestrict",
    "Statement": [
        {
            "Sid": "IPAllow",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*" 
            },
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::bucket/*",
            "Condition" : {
                "IpAddress" : {
                    "aws:SourceIp": "10.10.10.0/24" 
                },
                "NotIpAddress" : {
                    "aws:SourceIp": "10.10.10.100/32" 
                } 
            } 
        } 
    ]
}

Allow anyone in the 10.10.10.0/24 network except for 10.10.10.100/32.

Validating IP Addresses

January 31, 2014

If you have a form that accepts IP addresses, you might want to validate it to make sure it really is a valid IP address. I’m talking about IPv4 since IPv6 is not yet universally implemented. A valid IPv4 IP addresses should fall between the numbers 0.0.0.0 and 255.255.255.255. In this example, we will use a regular expression and a pattern matching function in PHP to see if it’s a real IP address.

First things first, we need to sanitize the input. We can use the following PHP functions. We will assign the sanitized input to a variable.

// sanitize input from form
$ip_address = addslashes(htmlspecialchars(strip_tags(trim($_POST['ip_address']))));

This is the regular expression that we will use that accepts valid IP addresses.

// the regular expression for valid ip addresses
$reg_ex = '/^((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))*$/';

We will now compare the two variables: $reg_ex and $ip_address to see if IP address passes the test.

// test input against the regular expression
if (preg_match($reg_ex, $ip_address)) { 
   return TRUE; // it's a valid ip address
}

We will now place everything in a tidy function so we can use it anytime we want.

function validate_ip_address($ip_address) {
 
  // sanitized ip address
  $clean_ip_address = addslashes(htmlspecialchars(strip_tags(trim($ip_address))));
 
  // the regular expression for valid ip addresses
  $reg_ex = '/^((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))*$/';
 
  // test input against the regular expression
  if (preg_match($reg_ex, $clean_ip_address)) { 
    return TRUE; // it's a valid ip address
  }
 
}

Finally, it’s time to call our function.

$ip_address = $_POST['ip_address'];
 
if (validate_ip_address($ip_address)) {
  echo "It's a valid IP address!";
}