Terraform is an extremely flexible framework that allows for intent-based resource management. Its commonly used to provision various types of infrastructure as well as services and applications. Terraform also has a number of official and unofficial providers that can be used to manage workloads inside Kubernetes clusters. This posts captures…
ENIs come with a number of IPv4 and IPv6 interfaces (current numbers are here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI), but what happens if for some reason we need more than what a single ENI can support? The answer is to use multiple ENIs attached…
Sometimes there's a need to run iptables inside a Docker container. The most common scenario is probably when the container is attached not to a standard Docker bridge (which provides network connectivity using iptables) but to a network configured using macvlan or ipvlan driver. In that scenario the container is…
In two previous posts I showed how to use Ansible to configure an EC2 instance, after it was created. Even though that might be useful at times having a completely automated process that can be invoked directly from Cloudformation when the instance is being built could be even more useful.…
It might be useful to copy files into an EC2 instance whilst it's being built. Those can be configuration files for the application, authentication keys or even the whole pre-built application stack. One way of doing that is to use CloudFormation's Metadata and copy files from an S3 bucket. This…
When creating new EC2 instances that require persistent EBS volumes there's a number of steps that have to be carried out before the disk can be used. This post shows how to automate them. Definitions of the tasks presented below are also in https://github.com/pshemk/ec2-base. Please note…
Sometimes there's a need to automatically setup the hostname of an EC2 instance. This post shows how to do it from 'outside' of the instance itself, using Ansible. Let's assume here that the instance already has a tag Name, that will be used as the hostname and the VPC uses…
This post shows how to set up various VPC-related resources using CloudFormation to enable IPv6 for them. Components Diagram below shows all the components described in this post. VPCIPv6 requires one additional resource - AWS::EC2::VPCCidrBlock to request an /56 block of addresses from AWS. rVPC: Type: "AWS::EC2:…