Closed Bug 1000901 Opened 8 years ago Closed 8 years ago

Access S3 endpoints via the internet gateway from EC2 instances

Categories

(Release Engineering :: General, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: dustin, Assigned: dustin)

Details

Attachments

(1 file)

Attached patch bug1000901.patchSplinter Review
It'd probably be good to make these a macro of some sort, but for the moment this will do.

You can verify netblocks with e.g.,

dustin@euclid ~/code/moz/t/bug1000901/cloud-tools $ whois 72.21.192.0

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=72.21.192.0?showDetails=true&showARIN=false&ext=netref2
#

NetRange:       72.21.192.0 - 72.21.223.255
CIDR:           72.21.192.0/19
OriginAS:       
NetName:        AMAZON-02
NetHandle:      NET-72-21-192-0-1
Parent:         NET-72-0-0-0-0
NetType:        Direct Assignment
RegDate:        2004-12-30
Updated:        2012-03-02
Ref:            http://whois.arin.net/rest/net/NET-72-21-192-0-1

..
Attachment #8411831 - Flags: review?(catlee)
Attachment #8411831 - Flags: review?(catlee) → review+
Attachment #8411831 - Flags: checked-in+
No longer blocks: 999661
Hmm, that didn't work:

dmitchell@ubuntu64packager1 ~ $ debpartial-mirror -c dpm.conf all
Updating backend trusty
Failed: http://us-east-1.ec2.archive.ubuntu.com/ubuntu//dists/trusty/main/binary-i386/Packages.gz Connection timed out after 30195 milliseconds

where that's evaluating to 176.32.101.8 or 207.171.163.216.  Both of those are in the list of changed IPs.  Was "IGW" the wrong choice?  Is this causing problems for builders?
Ah, from catlee in irc, this only affects hosts with public IPs, which ubuntu64packager1 does not have.  We could add one, but that requires re-creating the instance, which is a lot of work for nothing now that the mirroring is complete (and, it turns out, unnecessary).

So given that this didn't break anything, I'll call it done.
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.