Ability to launch ec2 instances from launch templates

[arnvid]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Currently we have a configuration which requires us to have instances launched with multiple network interfaces in different subnets. In the press release of 23rd of November 2020 there is a clear statement that ASGs and LTs now supportttach multiple network interfaces when launching EC2 instances in an Auto Scaling group. https://aws.amazon.com/about-aws/whats-new/2020/11/amazon-ec2-auto-scaling-supports-attaching-multiple-network-interfaces-at-launch/ - but AWS support clarifed that this is not the case and that they would be updating the press release.

When we create the ASGs we only define the availabilty zones:
availability_zones = [var.azs[count.index]]

And leave the vpc_zone_identifier empty. This makes either the terraform-aws-provider or the API backend to take every subnet that is defined in the launch template from the network_interfaces blocks - where we currently have up to 3 - and propogate them into the vpc_zone_identifier parameter.

When the EC2 instance launch - all 3 eni's get's then placed into 1 of these subnets randomly..

What we would like to do - until such point as AWS allows ASGs to have interfaces in different subnets - is to use the LaunchTemplates and launch them via aws_instance resource.

The AWS GO SDK clearly allows - RunInstancesInput to specify the LaunchTemplate to launch instance from.

type RunInstancesInput struct {
 // The launch template to use to launch the instances. Any parameters that you
// specify in RunInstances override the same parameters in the launch template.
// You can specify either the name or ID of a launch template, but not both.
LaunchTemplate *LaunchTemplateSpecification `type:"structure"`

New or Affected Resource(s)

• aws_instance

Potential Terraform Configuration

resource "aws_launch_template" "ec2_lt" {
  name_prefix            = "${var.name}-${var.azs[0]}-${random_id.deployment_id.hex}-lt-"
  description            = "Launch configuration for ${var.name} - ${var.azs[0]}"
  image_id               = var.ami
  instance_type          = var.instance_type
  key_name               = var.ssh_key
  vpc_security_group_ids = []
  iam_instance_profile {
    name = aws_iam_instance_profile.iam-instance-profile.name
  }
  tag_specifications {
    resource_type = "instance"
    tags = {
      Name        = "Instance-${random_id.deployment_id.hex}"
      Environment = var.environment
      Terraform   = "true"
    }
  }

  block_device_mappings {
    device_name = "/dev/sda1"
    ebs {
      volume_size           = var.volsize
      volume_type           = "gp3"
      delete_on_termination = true
    }
  }

  network_interfaces {
    security_groups       = [aws_security_group.gwlb-sg.id]
    subnet_id             = var.vpc_inside_subnet_ids[count.index]
    device_index          = 0
    delete_on_termination = true
  }

  network_interfaces {
    security_groups       = [aws_security_group.mgmt-sg.id]
    subnet_id             = var.vpc_mgmt_subnet_ids[count.index]
    device_index          = 1
    delete_on_termination = true
  }

  dynamic "network_interfaces" {
    for_each = var.public ? [1] : []
    content {
      security_groups       = [aws_security_group.public-sg[0].id]
      subnet_id             = var.vpc_public_subnet_ids[count.index]
      device_index          = 2
      delete_on_termination = true
    }
  }

  lifecycle {
    create_before_destroy = true
  }
}

resource "aws_instance" "main" {
  launch_template {
    id      = aws_launch_template.ec2_lt.id
    version = "$Latest"
  }
}

References

• #0000

[hostmit]

It would be nice to have this implemented!

[ewbankkit]

@arnvid Thanks for raising this issue.
Will the solution to #4264, on this quarter's roadmap, be a solution?

[arnvid]

@ewbankkit - I was looking for any reference to this in the issues - but I did not got as far back as 2018 :) I believe that these two are the same. Is there already work in progress on this? If so, is there anything we can do to contribute to speed this up?

[VRDNetworkers]

It would be nice to have this feature

[ewbankkit]

As #4264 is on this quarter's roadmap, it SHOULD be addressed by the end of July.
A maintainer is already scheduled to review the resolving PR #10807.

[ewbankkit]

I'm going to close this issue as a duplicate of #4264.
Thanks.

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.