Setting up Eureka in a VPC

[muhamma...@answers.com]

Hi,

I am running into a unique problem with setting up a eureka server in AWS. We have a VPC defined in AWS with a tunnel that extends our internal network to AWS.

I am following Netflix's documentation on setting up Eureka in AWS with Elastic IPs. The problem, or maybe my lack of understanding, is that the Elastic IPs are public facing whereas I want all my Eureka servers to be private (non-public). How can I achieve this? How is Eureka setup at Netflix with this premise that all Eureka servers are internal (non-public).

Any help would be appreciated.

Thanks.

[dl...@netflix.com]

Hi,

VPC deployments for eureka is on our roadmap, however it is not something we natively support as of this point in time. The likely strategy needed for vpc deployment will involve providing a parallel mechanism to EIP binding, but using ENIs instead.

Thanks.

[syst...@gmail.com]

Hey there

Hope you are well. We are about to deploy Eureka onto our AWS account. Are you telling me that we need to expose all of our service endpoints to the public internet?

[dl...@netflix.com]

Hi,

Eureka now support other forms of fixed addresses. such as ENI and Route53 DNS (which in EC2 vpc can be private). In all cases (EIP or otherwise) you can secure your service with Security Groups.

See https://github.com/Netflix/eureka/blob/master/eureka-core/src/main/java/com/netflix/eureka/DefaultEurekaServerConfig.java#L664 where you can supply the binding strategy via eureka.awsBindingStrategy=...

Thanks

[bsus...@athenahealth.com]

hey Rommel Tinoco ,

Is is possible for you to share the repo where you have implemented the ENI/Route53 based approach for eureka peer awareness ?

Thanks,
Sushant