Light Dark Auto

EC2

Amazon EC2 service discovery

AWS EC2 Discovery

Deployments into bare metal AWS EC2 instances can take advantage of Instance Tagging to perform service announcement and service discovery. gm-control uses the AWS SDKs to parse out this information and populate the mesh.

Tagging

There are many ways to tag instances, but an example with the AWS CLI is shown below.

aws ec2 create-tags \
  --resources <your instance id> \
  --tags Key=gm:cluster:service-a:8080,Value=

If multiple services are exposed on a single EC2 instance, then multiple tags can be used:

aws ec2 create-tags \
  --resources <your instance id> \
  --tags \
      Key=gm:cluster:service-a:8080,Value=
      Key=gm:cluster:service-b:443,Value=

Configuration and AWS Credentials

gm-control does require access to AWS credentials to run and perform service discovery against the deployed EC2 clusters. The server will need access to:

  • GM_CONTROL_AWS_AWS_ACCESS_KEY_ID
  • GM_CONTROL_AWS_AWS_SECRET_ACCESS_KEY
  • GM_CONTROL_AWS_AWS_REGION

To enable ec2 discovery, the following two environment variables almost must be set:

  • GM_CONTROL_CMD=aws
  • GM_CONTROL_AWS_VPC_ID={instance(s)-vpc-id}

If not provided directly, gm-control will fall back to the keys available on its running instance. See gm-control aws --help.