I want to implement multiple IP addresses for a virtual IP address failover for my Amazon Elastic Compute Cloud (EC2) instances. However, the virtual IP monitor script fails on my Ubuntu 16.04 system. How do I fix that?

To run the vip_monitor.sh script on an Ubuntu system, you must first install the aws-apitools-common package.

1.    Download and configure the AWS Command Line Interface (CLI).

$ sudo apt-get install ec2-api-tools

2.    Verify that the following scripts exist after the CLI is installed.


3.    Use the scp command to copy the /etc/profile.d/aws-apitools-common.sh file from an Amazon Linux AMI machine to your Ubuntu machine.

$ sudo scp -i UbuntuKey.pem /etc/profile.d/aws-apitools-common.sh ubuntu@Instance_IP:~

Note: The aws-apitools-common package isn't installed by default in Amazon Linux 2.

4.    Copy the aws-apitools-common.sh script to the same directory as the vip_monitor.sh script, and give the script execute permissions.

$ sudo cp ./aws-apitools-common.sh /root
$ sudo chmod a+x aws-apitools-common.sh

5.    Create the /opt/aws/bin directory and the symbolic links.

$ sudo mkdir -p /opt/aws/bin/
$ ln -s /usr/bin/ec2-describe-instances /opt/aws/bin/
$ ln -s /usr/bin/ec2-assign-private-ip-addresses /opt/aws/bin/ 

6.    Modify the first line of the vip_monitor.sh script by changing /bin/sh to be /bin/bash, so that the script uses the Bash shell.

The following is an example of a vip_monitor.sh script.

# This script will monitor another HA node and take over a Virtual IP (VIP)
# if communication with the other node fails

# High Availability IP variables
# Other node's IP to ping and VIP to swap if other node goes down

# Specify the EC2 region that this will be running in

# Run aws-apitools-common.sh to set up default environment variables and to
# leverage AWS security credentials provided by EC2 roles
. ./aws-apitools-common.sh

# Determine the instance and ENI IDs so we can reassign the VIP to the
# correct ENI. Requires EC2 describe-instances and assign-private-ip-address
# permissions. The following example EC2 Roles policy will authorize these
# commands:
# {
#  "Statement": [
#    {
#      "Action": [
#        "ec2:AssignPrivateIpAddresses",
#        "ec2:DescribeInstances"
#      ],
#      "Effect": "Allow",
#      "Resource": "*"
#    }
#  ]
# }

Instance_ID=`/usr/bin/curl --silent`
ENI_ID=`/opt/aws/bin/ec2-describe-instances $Instance_ID --region $REGION | grep eni -m 1 | awk '{print $2;}'`

echo `date` "-- Starting HA monitor"
while [ . ]; do
  pingresult=`ping -c 3 -W 1 $HA_Node_IP | grep time= | wc -l`
  if [ "$pingresult" == "0" ]; then
    echo `date` "-- HA heartbeat failed, taking over VIP"
    /opt/aws/bin/ec2-assign-private-ip-addresses -n $ENI_ID --secondary-private-ip-address $VIP --allow-reassignment --region $REGION
    pingresult=`ping -c 1 -W 1 $VIP | grep time= | wc -l`
    if [ "$pingresult" == "0" ]; then
      echo `date` "-- Restarting network"
      /sbin/service network restart > /dev/null 2>&1
    sleep 60
  sleep 2

Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2019-01-31