By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS best practices: How to make EC2 instances communicate with each other?

0

Imagine that we have two services, called "Alice" and "Bob". Those services are running on AWS EC2 instances and want to communicate with each other. But their IP addresses are volatile. What are the best practices for such services to discover each other and communicate without compromising security? Alice and Bob are just plain apps running on EC2, no ECS, no EKS, no load balancer, no autoscaling. Alice and Bob want to communicate directly using protocols like HTTP and not via any intermediary service like SQS. Alice and Bob want to avoid using Public IPv4 and Elastic IP, if that means any extra AWS charges. Alice and Bob are currently in the same AWS account, but wonder if they still can communicate if they move to different accounts.

Topics
ComputeNetworking & Content Delivery
Tags
Amazon EC2Networking & Content Delivery
Language
English
Alex
asked a month ago146 views
2 Answers
2

In a nutshell, if Alice and Bob are in the same subnet within the VPC, they can communicate with each other using the private IP address. You just need to make sure you have a DNS solution using either VPC DNS server or a custom DNS server in place so that communication doesn't rely on IP address. If Alice and Bob are in different VPC or different account, you can use VPC peering or AWS PrivateLink.

profile pictureAWS
EXPERT
AWS-User-alantam
answered a month ago
profile pictureAWS
EXPERT
SriniV
reviewed a month ago
0

Imagine that we have two services, called "Alice" and "Bob" .... running on AWS EC2 instances and .... their IP addresses are volatile.

Can you expand on this, how are the IPs volatile? When the Alice EC2 is provisioned it gets a private IP which never changes, no matter how many times it is stopped and started, until it is terminated. Same for the Bob EC2. So each will just need security group rules allowing (say) 80/tcp inbound & outbound from & to the other's private IP.

Public IP addresses will change after a stopping and starting, but that's not relevant here as you've said you don't want to use public IPs for reasons of cost.

If you mean that multiple EC2s are going to be spun up and down constantly (how is this achieved if you're not using auto scaling?) then just keep all the Alice EC2s in the same subnet, and the same for all the Bob EC2s (doesn't have to be the same subnet). And for Alice to talk to Bob using HTTP, Alice EC2s need a security group with an outbound rule of 80/tcp to the Bob subnet, and Bob EC2s need a rule allowing inbound 80/tcp from the Alice subnet.

If Alice and Bob are in different VPCs, which could be owned by different accounts, this can still be made to work as long as the VPCs are peered.

profile picture
EXPERT
Steve_M
answered a month ago
  • Alex
    a month ago

    Thank you for your answer, EC2's private addresses indeed have considerable durability. However, the objective here is to have Alice and Bob (the services) communicate to each other, not just their hosting machines. Alice and Bob may want to move, they may want to upsize or downsize, they may be using short term residence in a spot instance. In that sense, my title "...EC2 instances..." may be misleading.

    I wonder if there are reasonably simple AWS solutions for this situation, without dialing up the complexity with ECS, autoscaling, service discovery etc.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content