/nat-box-ha

Primary LanguageShell

Prerequisites

  • AWS credential
  • a kay pair named bosh on AWS
  • a IAM role named nat-ha-controller on AWS, which allows EC2 full access (will lock down latter)

Usage

  1. edit bootstrap_nat_ha.sh to setup AWS credential
  2. . bootstrap_nat_ha.sh
  3. ssh into the controller: ssh -A ec2-user@$eip_c
  4. run controller.sh from screen/tmux
  5. do some damage to the active nat box, like turning off IP forwording by sysctl -w net.ipv4.ip_forward=1, or shut down the instance for a while.
  6. watch failover from controller screen and AWS console
  7. after done playing, destroy everything by nuke

What does the enviroment look like?

  • One VPC (10.8.0.0/16)
  • Two subnets:
    • public (10.8.0.0/24)
    • private (10.8.2.0/24)
  • Four instances:
    • nat box A (10.8.0.5)
    • nat box B (10.8.0.6)
    • controller (10.8.0.8)
    • server A (10.8.2.9)
  • One Elastic Network Inteface (10.8.0.7)
  • Four Elastic IPs
    • 1 for the eni
    • 1 for controller
    • 1 for box A
    • 1 for box B
  • One route table
    • rt A points to the eni for 0.0.0.0/0