使用Elastic Beanstalk的静态IP

Question

我需要静态IP才能访问不在AWS网络上的防火墙网络。

是否可以使用Elastic Beanstalk获取负载均衡应用的静态IP？我正在关注使用Route 53来使用域名来托管我的应用程序AWS docs，但是从我读过的内容来看，这并不能确保静态IP，因为它实际上是使用CNAME允许后面的IP要改变的场景。这是正确的理解吗？有可能吗？

Answer 1

在VPC中部署beanstalk环境，使用正确的配置，可以轻松获得出站流量的静态IP。

在此设置中，您的实例都通过一台计算机中继其出站流量，您可以为其分配弹性IP地址。来自其后面的所有实例的所有内部发起的，互联网绑定的流量将从另一个网络出现，使用该单个弹性IP来显示。

以下RDS部分可能与您的需求无关，但原则完全相同。

http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/AWSHowTo-vpc-rds.html

Answer 2

This post helped me get a static IP for outgoing requests by using a NAT Gateway, and routing specific requests through it.

I needed this static IP in order to be whitelisted from an external API provider.

I found this way much easier than the provided by AWS, without the need of creating a new VPC and a private and public subnets.

Basically, what I did was:

• Create a new subnet to host the NAT Gateway.
• Create the NAT Gateway in the above subnet, and assign a new Elastic IP. This one will be our outgoing IP for hitting external APIs.
• Create a route table for the NAT subnet. All outbound traffic (0.0.0.0/0) should be routed through the NAT Gateway. Assign the created subnet to use the new route table.
• Modify the main route table (the one that handles all our EC2 instances requests), and add the IP(s) of the external API, setting its target to the NAT Gateway.

This way we can route any request to the external API IPs through the NAT Gateway. All other requests are routed through the default Internet Gateway.

As the posts says, this is not a Multi AZ solution, so if the AZ that holds our NAT Gateway fails, we may lose connection to the external API.

Update:

See @TimObezuk comment to make this a Multi-AZ solution.