How to setup a Fixed IP address in AWS
Steps below outline how to create a proxy server using TinyProxy with a fixed IP address on a port of 9898.
Intro
This guide illustrates how to setup TinyProxy on a AWS EC2 Instance, which is useful for having a fixed IP address if needed to proxy though say AWS lambda apps.
Create an EC2 Instance
-
Go to on to the EC2 area within AWS Console.
-
Click on "Launch Instances" button.
-
Choosing a AMI. Select a Ubuntu Image. E.g. "Ubuntu Server 20.04 LTS (HVM), SSD Volume Type". 64-bit (x86)
-
Instance type - t2.micro, then click "Next" and leave all defaults till you reach "Configure Security Group".
-
Security Group
-
In this section, we will setup port access and opening a port for the proxy server which will be 9898.
-
Create a "Create a new security group".
-
In the "Security group name:" enter a name such as "Proxy server security group".
-
Add the following Inbound rules. Notice that the last "Custom TCP" is a custom port of 9898 which will be the port number for TinyProxy.
Type Protocol Port range Source SSH TCP 22 0.0.0.0/0, ::/0 HTTPS TCP 443 0.0.0.0/0, ::/0 HTTP TCP 80 0.0.0.0/0, ::/0 Custom TCP TCP 9898 0.0.0.0/0, ::/0
-
Click on "Launch"
-
On the "Select and existing key pair or create a new key pair" dialog option.
- Select "Create a new key pair".
- Leave "RSA" key pair type.
- Give the key pair a memorable name e.g. "proxy-server-key-pair"
- Click on "Download Key Pair".
- Click on "Launch Instances".
Allocate a Fixed IP address
Now that an EC2 Instance is ready, we need to allocate a fixed IP address.
The AWS articles below outline how to do this.
Connecting to EC2 Instance
Now we need to connect to the EC2 Instance we just created.
-
Click on the EC2 Instance that was created in the AWS Console.
-
Click on "Connect".
-
On the "SSH client" tab.
a) Follow the steps provided by AWS to see if you can connect via SSH.
b) If the step above using the commandssh -i "proxy-server-key-pair.pem" [email protected]
does not work.- Make a note of the username. In this example its
ubuntu
. - Open your
.ssh
config in your choice of editor. This is usually located in~/.ssh/config
. - Add the following host in your
.ssh
config file. Be sure to change the location of the IdentityFile to where you have saved the key pair.# EC2 (eu-west-1) Ubuntu Host ec2-52-152-262-58.eu-west-1.compute.amazonaws.com User ubuntu IdentityFile C:\aws\proxy-server-key-pair.pem IdentitiesOnly yes
- Make a note of the username. In this example its
-
Connect via SSH
Launch a terminal and connect to the EC instance.
ssh ec2-52-152-262-58.eu-west-1.compute.amazonaws.com
Installing TinyProxy
Once connected to EC2, we need to run and update apt-get
before we install TinyProxy.
-
Update and load package information
apt-get
sudo apt-get update
-
Install TinyProxy
sudo apt-get install tinyproxy
Configuring TinyProxy
-
Edit the
tinyproxy.conf
sudo nano /etc/tinyproxy/tinyproxy.conf
-
Ensure the following configs have been set as shown below
User tinyproxy Group tinyproxy Port 9898 Allow 127.0.0.1 # Custom Allow Allow 0.0.0.0/0 ConnectPort 443 ConnectPort 563 ConnectPort 80 ConnectPort 9898
-
Restart the service
sudo /etc/init.d/tinyproxy restart
Verify TinyProxy service is running
service --status-all
Sample output of services running
[email protected]:~$ service --status-all
[ + ] acpid
[ + ] apparmor
[ + ] apport
[ + ] atd
[ - ] console-setup.sh
[ + ] cron
[ - ] cryptdisks
[ - ] cryptdisks-early
[ + ] dbus
[ - ] grub-common
[ - ] hibagent
[ - ] hwclock.sh
[ - ] irqbalance
[ - ] iscsid
[ - ] keyboard-setup.sh
[ + ] kmod
[ - ] lvm2
[ - ] lvm2-lvmpolld
[ + ] multipath-tools
[ - ] open-iscsi
[ - ] open-vm-tools
[ - ] plymouth
[ - ] plymouth-log
[ + ] procps
[ - ] rsync
[ + ] rsyslog
[ - ] screen-cleanup
[ + ] ssh
[ + ] tinyproxy <------------------------- tiny proxy is up and running
[ + ] udev
[ + ] ufw
[ + ] unattended-upgrades
[ - ] uuidd
Diagnosing TinyProxy logs
- Checking logs:
/var/log/tinyproxy/tinyproxy.log
sudo tail -n100 /var/log/tinyproxy/tinyproxy.log
- Starting the service:
sudo /etc/init.d/tinyproxy start
- Restarting the service:
sudo /etc/init.d/tinyproxy restart
Verify things are working
-
Run a curl command within EC2
curl --proxy localhost:9898 https://httpbin.org/ip
You should get the same public ip address of the elastic ip.
-
Run a curl command from your local machine
curl --proxy <elastic-ip>:9898 https://httpbin.org/ip
You should get the same public ip address of the elastic ip.
Setup a Cron job
Finally, it has been advised to setup a cron job to restart TinyProxy to avoid memory leaks.
As the sudo
command is needed in order to restart TinyProxy, we need to update the root Cron tab.
-
Edit crontab with sudo
sudo crontab -e
-
Enter a cron schedule
0 2 * * * /etc/init.d/tinyproxy restart
-
Verify the cron has been added
sudo crontab -l
References:
- https://aws.amazon.com/premiumsupport/knowledge-center/ec2-associate-static-public-ip/
- https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-eips-associating
- https://medium.com/@yurysmykalov/aws-lambda-with-static-outgoing-ip-a-complete-no-vpc-tutorial-8b994229dee4
- https://gist.github.com/webinista/812c20247a6c21e639ce