AWS provides one powerful feature called auto-scaling. If you configure it on your infrastructure, you will be able to automatically adjust capacity to maintain optimal performances at the lowest possible cost.
But the downside is that it will be more difficult to open an SSH connection on your EC2 instances because the IP addresses associated will change regularly.
Before going further into details, here is a reminder for those who are not familiar with the concept.
There are two main advantages of using the auto-scaling. Here is another extract from the official presentation.
In addition to that, it’s a security best practice to protect your application servers by using a bastion architecture. In other terms, only one EC2 instance will be exposed in a public subnet when all others EC2 instances will be configured in a private subnet. And to access those servers, you’ll need to open an SSH connection through the bastion host.
Even if it’s the preferable approach with cloud infrastructure, it’s less user friendly when you need to reach one of your applications servers by SSH. Hopefully, it’s not something you do very often on “production ready” platforms since AWS provides enough services (CloudWatch especially) to let you monitor all your instances.
But when you are working on the building of a new infrastructure, it’s definitely useful to be able to quickly SSH into a specific EC2 instance. By default, you need to retrieve IP addresses from the AWS console first and then, paste them in your terminal. That’s a huge waste of time when EC2 instances are renewed several times a day.
At some time, I decided to create a small script to improve that. The principle is pretty simple: instead of using IP addresses, I will use instead instances tags that we previously defined to facilitate the billing monitoring. If you want to use my script, you will need three things:
- a tag
Environmenton your EC2 instances, basically the name of the associated platform.
- a tag
Nameon your EC2 instances, prefixed by the
- a command-line JSON processor called
jqon the computer where the script is executed.
Long story short, everything is described below!
The only thing you will probably need to change is the SSH account since I let
ec2-user in my snippet.
Thanks for reading!