Elastic IP integration for Conductor and Relay

You can use Elastic IPs (EIPs) in CloudFormation templates to assign static public IP addresses to Conductor or Relay. This ensures consistent connectivity and simplifies infrastructure management.

Prerequisites

  • Ensure the target VPC (VpcId) is defined and accessible.
  • Confirm that EC2 instance resources are properly referenced:
    • ConductorInstance for Conductor
    • AirwallInstance for Relay
  • Verify that the Relay instance includes a primary network interface (eth0).
  • Confirm that your AWS account has available Elastic IPs and that allocation limits are not exceeded.
  • Ensure the IAM role used for deployment has permissions to allocate and associate Elastic IPs.
  • Coordinate with your AWS administrator to validate account-level IP policies and limits.

Deploying the template

Conductor
  1. Open the AWS CloudFormation console or use the AWS CLI.
  2. Upload the template that includes the Elastic IP allocation and association using InstanceId.
  3. Provide required parameters such as VpcId and ConductorInstance.
  4. Launch the stack and monitor the deployment status.
  5. After deployment, go to the EC2 console and verify that the Conductor instance has a public IP assigned.
  6. Confirm that the assigned IP matches the allocated Elastic IP.
  7. Restart the instance and verify that the IP remains unchanged.
Conductor Template
"EIPAddress": {
  "Type": "AWS::EC2::EIP",
  "Properties": {
    "Domain": {
      "Ref": "VpcId"
    }
  }
},
"EIPAssociation": {
  "Type": "AWS::EC2::EIPAssociation",
  "Properties": {
    "InstanceId": {
      "Ref": "ConductorInstance"
    },
    "EIP": {
      "Ref": "EIPAddress"
    }
  }
}

Relay

  1. Open the AWS CloudFormation console or use the AWS CLI.
  2. Upload the template that includes the Elastic IP allocation and association using AllocationId and NetworkInterfaceId.
  3. Provide required parameters
    • VpcId
    • AirwallInstance
    • eth0
  4. Launch the stack and monitor the deployment status.
  5. After deployment, go to the EC2 console and verify that the Relay instance has a public IP assigned.
  6. Confirm that the assigned IP matches the allocated Elastic IP.
  7. Restart the instance and verify that the IP remains unchanged.

Relay template

"EIPAddress": {
  "Type": "AWS::EC2::EIP",
  "Properties": {
    "Domain": {
      "Ref": "VpcId"
    }
  }
},
"EIPAssociation": {
  "Type": "AWS::EC2::EIPAssociation",
  "DependsOn": [
    "AirwallInstance"
  ],
  "Properties": {
    "AllocationId": {
      "Fn::GetAtt": [
        "EIPAddress",
        "AllocationId"
      ]
    },
    "NetworkInterfaceId": {
      "Ref": "eth0"
    }
  }
}

Manually assigning Elastic IP in the AWS console

If needed, you can manually assign an Elastic IP using the AWS Console.
  1. Open the AWS console at https://console.aws.amazon.com/ec2/.
  2. In the navigation pane, choose Elastic IPs.
  3. Select the Elastic IP address and choose Actions > Associate Elastic IP address.
  4. For Resource type, choose Instance.
  5. Select the instance to associate.
  6. (Optional) Specify a private IP address.
  7. Choose Associate.

DNS-based Alternative

Instead of using static IPs, you can use DNS records to point to EC2 instances or load balancers.

Example

Use Route 53 or your domain provider to create a record such as:

demo.jci.com → EC2 instance or Load Balancer

Result
  • Backend resources can be updated without changing client configurations.
  • Supports failover and scaling.
  • Simplifies long-term maintenance.