I would like to use the ec2 driver to start instances in the amazon cloud if my local hardware has not enough resources anymore. Therefore I created a new VPC in the amazon cloud because I cannot use the default VPC due to an ip address conflict in my network. I had contact with the amazon support and I got the message that they can just create a new default vpn with a fixed ip range and that I have to create a new VPC if I want to use another ip range. And it is not possible to change the default value for a VPC. In other words: I cannot use the default VPC.
Therefore I have to use the (non-default) VPC. To do that I have to specify a subnet in my EC2 context. But if I specify the subnet, my instance creation process fails. I got the following error message:
The parameter groupName cannot be used with the parameter subnet.
Without the subnet parameter I can launch an instance (in the “wrong” default VPC).
I googled this error message and I found a lot of stuff related to that error message. Unfortunately the solution was always to use the securitygroup Id instead of the securitygroup name. But I cannot enter a securitygroup id, only the securitygroup name. The id is just not available.
Has anybody an idea how to solve such a problem? I mean how to launch an instance in a specific subnet?
I just tried an quick and dirty hack and patched the file ec2_driver.rb. I just changed security_group into security_group_ids in line 124 and 200. After that I could launch an instance in the specified subnet (in my preferred VPC). Of course I had to use a security_group id instead of an security_group name in the template.
So, maybe it would be a nice idea to create a patch and use a security_group id if a subnet is specified. Or just get the security_group id related to the name if a subnet was specified. But I am an admin and not a developer. Maybe this could lead into trouble on other parts of the code. Don’t know.
For me it is ok like this because I can patch my templates to use a security group id. But maybe this helps someone else.
Best regards,
Tom
P.S.: I’am using Opennebula 4.10.2. Just forget to mention.
OK, changing these two lines is not enough. This leads into monitoring issues with ec2 vms. Therefore I had to copy the ec2_driver.rb to a new file and include the new file within the file deploy. In the new ec2_driver file I change the two lines I mentioned before. So my hack is getting even more worst than at the beginning.
It is working that way but for sure not an acceptable solution anymore. More or less just a prove of concept that it would work with a group_name_id and a subnet in a real patch.