[HOWTO] Setup secondary network card (NIC) on Ubuntu in AWS

By Jostein Elvaker Haande 2023-10-23 #aws, #bash, #ec2, #howto, #nic, #script, #setup

This simple how-to enables a secondary network card on an Ubuntu instance running Amazon AWS EC2.

It assumes a setup where the primary network card is in a private subnet, and the secondary network card is in a public subnet.

To use this, follow these steps:

Create a script file setupSecondNIC.sh with the below content
chmod +x setupSecondNIC.sh
Run the script
qcp /tmp/51-<NIC>.yaml /etc/netplan (replace NIC with the name of the network card)
run netplan apply to apply the configuration

You should now have an enabled secondary network card.

#!/bin/bash
#
# One line to give the program's name and a brief description.
# Copyright (C) 2013 Jostein Elvaker Haande - aka tolecnal
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <http://www.gnu.org/licenses/>.
#
#
# @Filename:    test.sh
# @Author:      Jostein Elvaker Haande - aka tolecnal
# @Email:       tolecnal@tolecnal.net
# @Website:     http://tolecnal.net
# @License:     GPL2
# @Created:     Fri 23 Oct 2020 15:10:21 UTC
# @Last Change: Tue 03 Nov 2020 16:29:54 UTC
# @Revision:    7
#
# get MAC (need to retry this command until it gets a non-zero MAC)
TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"`
CFS_ENI_INTERFACE="ens6"
CFS_ENI_HWADDR="$(cat /sys/class/net/$CFS_ENI_INTERFACE/address 2>/dev/null)"
CFS_NODE_IP="$(curl -H "X-aws-ec2-metadata-token: $TOKEN" -s -f http://169.254.169.254/latest/meta-data/network/interfaces/macs/$CFS_ENI_HWADDR/local-ipv4s)"

# query instance metadata for network
CFS_ENI_CIDR="$(curl -H "X-aws-ec2-metadata-token: $TOKEN" -s -f http://169.254.169.254/latest/meta-data/network/interfaces/macs/$CFS_ENI_HWADDR/subnet-ipv4-cidr-block)"
CFS_ENI_CIDR_NETWORK="$(echo $CFS_ENI_CIDR | cut -d/ -f1)"
CFS_ENI_CIDR_PREFIX="$(echo $CFS_ENI_CIDR | cut -d/ -f2)"
CFS_ENI_ROUTER="$(( $(echo $CFS_ENI_CIDR_NETWORK | cut -d. -f4) + 1))"
CFS_ENI_GATEWAY="$(echo $CFS_ENI_CIDR_NETWORK | cut -d. -f1-3).$CFS_ENI_ROUTER"

# write out netplan yaml file
cat << EOF > /tmp/51-$CFS_ENI_INTERFACE.yaml
network:
  version: 2
  renderer: networkd
  ethernets:
    $CFS_ENI_INTERFACE:
      addresses:
        - $CFS_NODE_IP/$CFS_ENI_CIDR_PREFIX
      dhcp4: no
      routes:
        - to: 0.0.0.0/0
          via: $CFS_ENI_GATEWAY
          table: 1000
        - to: $CFS_ENI_CIDR
          via: 0.0.0.0
          scope: link
          table: 1000
      routing-policy:
        - from: $CFS_NODE_IP
          table: 1000
EOF

By Jostein Elvaker Haande

"A free society is a society where it is safe to be unpopular" - Adlai Stevenson

Leave a Reply Cancel reply

[HOWTO] Could not find a login matching the name provided. [CLIENT: <local machine>]

[HOWTO] Upgrade all Python packages after Ubuntu distribution upgrade

[HOWTO] GitLab – Remove Two Factor Authentication (MFA) from an account in the database

[HOWTO] Get the main group name for a username using Ansible