ec2

Deployments into bare metal AWS EC2 instances can take advantage of Instance Tagging to perform service announcement and service discovery. gm-control uses the AWS SDKs to parse out this information and populate the mesh.

Tagging

Instances must be tagged with both the service name and the port that should be exposed to the mesh. The form of this tag will default to gm:cluster:<service-name>:<port>. There are many ways to tag instances, but an example with the AWS CLI is shown below.

aws ec2 create-tags \
  --resources <your instance id> \
  --tags Key=gm:cluster:service-a:8080,Value=

If multiple services are exposed on a single EC2 instance, then multiple tags can be used:

aws ec2 create-tags \
  --resources <your instance id> \
  --tags \
      Key=gm:cluster:service-a:8080,Value=
      Key=gm:cluster:service-b:443,Value=

NOTE The default tag can be changed by the CLI flag --cluster-tag-namespace or environment variable GM_CONTROL_AWS_CLUSTER_TAG_NAMESPACE when running gm-control. This changes the gm:cluster prefix, but the : section must remain in the same form.

Configuration and AWS Credentials

gm-control does require access to AWS credentials to run and perform service discovery against the deployed EC2 clusters. The server will need access to:

GM_CONTROL_AWS_AWS_ACCESS_KEY_ID
GM_CONTROL_AWS_AWS_SECRET_ACCESS_KEY
GM_CONTROL_AWS_AWS_REGION

To enable ec2 discovery, the following two environment variables almost must be set:

GM_CONTROL_CMD=aws
GM_CONTROL_AWS_VPC_ID={instance(s)-vpc-id}

If not provided directly, gm-control will fall back to the keys available on it's running instance. See gm-control aws --help or the EC2 Usage page for details and more information.

Previousconsul Nextfile

Last updated 5 years ago

Was this helpful?