Private test instance, on demand, with same IP every time

I have a private setup, with master slave, as per the setup instructions. it works nicely for our public facing sites.

Our test environment sites are restricted by firewall. We can get around this by IP whitelisting the AWS EC2 test agent instance. However, I want the test agent to be on demand, but to get the AWS ElasticIP every time.

Does anybody have any ideas about how i might achieve this? Much obliged in advance

Fair warning, I haven’t actually deployed this on AWS before but I’m pretty sure the answer is:

  • Create a new network
  • Deploy a persistent server to use as a NAT gateway
  • Configure the autoscaling agents to deploy to the private network with the NAT gateway as the network gateway

That way all traffic will come from the IP address of the NAT instance (which can be a pretty small instance since it isn’t doing much work).

It’s a bit of a pain but the only way I know of to do it.

Hi Patrick , thanks for your response. That makes sense to me. Can I check then that the agents poll the Master for Work? As if they are behind a NAT Gateway, the Server will not be able to initiate a connection to the agent.

for info - AWS now has the capability to setup a native NAT Gateway, as part of the VPC networking, so you don’t even need a server anymore :slight_smile:

Yes, the agents poll the server. The server never needs to reach out to the agents. The server will also track the agents by a combination of hostname/IP so you will still see how many agents are connecting.

Awesome news on the NAT gateway. That makes things MUCH easier.

I’ve setup as discussed (and updated my settings.ini so we are using latest AMI, and a c5.large) but unfortunately the agents are just not doing the test required. I’ll have a proper look tomorrow when I get a bit more time, I may have simply over-looked something straight forwards.