Selenium Grid VPC Peering

Your Gridlastic selenium grid is launched in its own Amazon EC2 VPC and can be very easily and without bandwidth concerns be connected to your EC2 VPC's via Amazon VPC Peering. It takes just a few minutes to enable and you can even choose your own CIDR private IP address range for your selenium grid so not to cause any IP conflicts. VPC Peering is available for all non free accounts.

How to enable Amazon VPC Peering with your Gridlastic selenium grid.

1. Send an email to support@gridlastic.com or create a support ticket requesting a VPC Peering setup. We will send you back our AWS account id and your Gridlastic selenium grid VPC id.

2. In your Amazon account VPC Dashboard, go to Peering Connections and create a peering request using:

Our Amazon account id: (provided by us)
Your Gridlastic Selenium Grid VPC id: (provided by us)

3. Let us know your VPC id that you are making the request for so that we can approve the right connection from our end.

4. When connection is approved, setup a route table entry for 10.199.0.0/16 (your selenium grid default CIDR) to use this connection.

Done!



We recommend you create a separate VPC to peer with, see chart below.

Click chart to enlarge.


On our end, we will create a route table specifying your peered VPC CIDR to use the VPC Peering connection. This means that you in your selenium tests scripts can use your own private IP's or AWS Public DNS from your peered VPC.

Once the connection is enabled you can access your selenium grid hub server with its private ip address which defaults to 10.199.0.50. Example, in your selenium test code you could use:

"http://HUB_USERNAME:HUB_ACCESS_KEY@10.199.0.50:80/wd/hub"
If you want all test traffic to use the VPC Peering connection it is important to use the hub's private IP like above and not use

"http://HUB_USERNAME:HUB_ACCESS_KEY@YOUR_SUBDOMAIN.gridlastic.com:80/wd/hub"
which would access the hub via the internet.

You can also configure your selenium grid to only accept access from your peered VPC by whitelisting the peered VPC CIDR in your grid configuration, see field Optional. Restrict source IP access to selenium grid hub (port 80, 4444). This will force all test traffic to come from your peered VPC and use the VPC Peering connection.

If you want to use your own private DNS in your selenium test code you need to have a proxy server in your peered VPC that can resolve your private DNS. You can then route your selenium tests via this proxy by adding the below code (java example) to your selenium scripts

String proxy_server = "your_vpc_proxy_IP:xxxx";
org.openqa.selenium.Proxy proxy = new org.openqa.selenium.Proxy();
proxy.setHttpProxy(proxy_server).setFtpProxy(proxy_server).setSslProxy(proxy_server);
capabilities.setCapability(CapabilityType.PROXY, proxy)


See more selenium proxy language examples here. If you do not have a proxy available we can recommend to use Squid.


Read more about Amazon VPC Peering

Note: a VPC peering connection does not enable access to servers behind your local company firewall, even if your EC2 VPC has access, this is due to Amazon security rules. Use Gridlastic Connect to access local behind firewall web apps with full DNS support.