I’m curious how I can ask to launch EC2 instance in any AZ, using AWS CLI? Currently, I’m using aws ec2 run-instances .... --subnet-id subnet-xxxx, where subnet-xxxx is one of the subnets for my custom VPC, located in a specific AZ.
But I want to be able to request EC2 in any AZ (due to InsufficientInstanceCapacity errors for certain EC2 types).
2
Answers
Create a VPC:
If you don’t already have a VPC, you’ll need to create one. This is the network environment where your EC2 instances and ELB will reside.
Create Private Subnets:
Create one or more private subnets within your VPC. These subnets should not have a direct route to the internet, which means they should not have a route table with an internet gateway attached.
Launch EC2 Instances:
Launch your EC2 instances in the private subnets. Make sure they are properly configured with your application and any necessary software.
Create a Security Group:
Create a security group for your EC2 instances to control inbound traffic. Ensure that the security group allows traffic from the ELB on the required ports.
Create an Application Load Balancer (ALB):
In the AWS Management Console, go to the EC2 service, and under "Load Balancers," create an Application Load Balancer (ALB). During the setup process, configure it to use the private subnets and create a listener for the application’s protocol and port.
Configure Target Groups:
Create one or more target groups to group your EC2 instances. Associate the target groups with your ALB. The target group defines the health check settings and which instances should receive traffic from the ALB.
Register EC2 Instances:
Register your EC2 instances with the target groups. The ALB will route traffic to these instances based on the rules you define.
Configure Health Checks:
Set up health checks within your target group to ensure that the ALB only directs traffic to healthy instances.
Create Security Groups for the ALB:
Create a security group for the ALB and configure it to allow incoming traffic on the required ports (e.g., 80 for HTTP or 443 for HTTPS) from clients. You can limit the allowed source IP ranges.
Update Route Tables:
Ensure that the route tables for your private subnets include a route to the ALB via the VPC’s local route. This allows the private instances to route their response traffic to the ALB.
Update DNS Records:
Update your DNS records to point to the DNS name of your ALB.
Testing and Monitoring:
Test the setup to ensure that traffic is properly balanced and that instances are healthy. Use CloudWatch and ALB logs to monitor the performance and health of your application.
The run-instances — AWS CLI Command Reference says:
Since your goal is to avoid receiving
InsufficientInstanceCapacityerrors, you might have to make your code ‘more intelligent’ by trying a subnet, waiting to see if there was an error and then trying a different subnet until an instance is successfully launched.