Contents

# Configure the instance to run as a Port Address Translator (NAT) to provide 
# Internet connectivity to private instances. 

echo "Determining the MAC address on eth0..."
ETH0_MAC=$(cat /sys/class/net/eth0/address) ||
    die "Unable to determine MAC address on eth0."
echo "Found MAC ${ETH0_MAC} for eth0."

VPC_CIDR_URI="http://169.254.169.254/latest/meta-data/network/interfaces/macs/${ETH0_MAC}/vpc-ipv4-cidr-block"
echo "Metadata location for vpc ipv4 range: ${VPC_CIDR_URI}"

VPC_CIDR_RANGE=$(curl --retry 3 --silent --fail ${VPC_CIDR_URI})
echo "Retrieved VPC CIDR range ${VPC_CIDR_RANGE} from meta-data."

echo "Enabling NAT..."
sysctl -q -w net.ipv4.ip_forward=1 net.ipv4.conf.eth0.send_redirects=0 && (
   iptables -t nat -C POSTROUTING -o eth0 -s ${VPC_CIDR_RANGE} -j MASQUERADE 2> /dev/null ||
   iptables -t nat -A POSTROUTING -o eth0 -s ${VPC_CIDR_RANGE} -j MASQUERADE ) ||
       die "Could not execute iptables commands to enable address translation"

sysctl net.ipv4.ip_forward net.ipv4.conf.eth0.send_redirects
iptables -n -t nat -L POSTROUTING

# reset PrivateRouteThroughBastionBox to point to this instance
AWS_INSTANCE_ID=$(curl -sL http://169.254.169.254/latest/meta-data/instance-id)
aws --region="${AWS_REGION}" ec2 replace-route --route-table-id "${NAT_PRIVATE_ROUTE_TABLE}" --destination-cidr-block "0.0.0.0/0" --instance-id "${AWS_INSTANCE_ID}"

echo "Configuration of NAT complete."

Version data entries

11 entries across 11 versions & 1 rubygems

Version	Path
stacco-0.1.36	./priv/roles/NAT.sh
stacco-0.1.35	./priv/roles/NAT.sh
stacco-0.1.33	./priv/roles/NAT.sh
stacco-0.1.32	./priv/roles/NAT.sh
stacco-0.1.30	./priv/roles/NAT.sh
stacco-0.1.29	./priv/roles/NAT.sh
stacco-0.1.28	./priv/roles/NAT.sh
stacco-0.1.27	./priv/roles/NAT.sh
stacco-0.1.26	./priv/roles/NAT.sh
stacco-0.1.24	./priv/roles/NAT.sh
stacco-0.1.23	./priv/roles/NAT.sh