search

basti-app / basti

✨ Securely connect to RDS, Elasticache, and other AWS resources in VPCs with no idle cost
https://www.basti.app
MIT License
307 stars 18 forks source link

Optionally setting instance family of EC2 instance #51

Closed michael-kutsch closed 11 months ago

michael-kutsch commented 11 months ago

Feature Description

Currently, t2.micro is the default instance family and size that cannot be changed. This is fine for smaller setups that e.g. can benefit from the AWS free tier.

Adding the optional setting to change the instance family and size would be great to match an organizations requirements.

Use Case

For bigger setups at scale, it's a best practice to use either reserved instances or cost savings plans that may be limited to certain EC2 instance families.

If this is the case, basti instances would be charged at on demand pricing and would not benefit from existing cost saving measures.

Proposed Solution

Optionally setting the instance family and instance size as parameter in the CLI or in the config file.

Related Issues/PRs

-

BohdanPetryshyn commented 11 months ago

@DrFunk-n-stein I thought of adding this configuration option before. Just like with #50, it will also be really natural to provide such a configuration in a CDK construct or a Terraform module.

Could you please describe your current Basti usage?

  1. How many sessions do you start a day?
  2. How many people can use Basti simultaneously?
  3. Do you use Basti only for RDS or do you have more data-intensive connection targets?
  4. Have you noticed Basti instance running close to its maximum capacity (CPU, RAM)?
michael-kutsch commented 11 months ago

@BohdanPetryshyn yup, this will make a lot of sense in an IaC context. I was not referring to a performance issue, rather than compliance/cost saving requirements in bigger setups. I'm a SecDevOps consultant and am setting up also landing zones and cost saving measures, therefore I've seen such setups several times: multi-account, several bastion hosts lying around, accumulating costs at scale.

Therefore, it could make sense to use different instance families (e.g. t3, t3a, t4g, or whatever someone is using)

bobveringa commented 11 months ago

Because most CDK constructs that use ec2 under the hood already allow for this functionality. This is already added to the CDK construct. But it is certainly good that people will be using this.

ACronje commented 11 months ago

t2.micro is not available in my region (af-south-1) and so I am not able to use basti

here is the error I get:

Error setting up bastion. Can't create bastion EC2 instance. Unexpected error: The requested configuration is currently not supported. Please check the documentation for supported configurations.. This operation might have already created AWS resources. Please, run `basti cleanup` before retrying

It would be great if the instance type was configurable. I'd like to use t3.micro

BohdanPetryshyn commented 11 months ago

@ACronje, thank you for reporting this! I will introduce this configuration by the end of the next week when I return from my vacation.

BohdanPetryshyn commented 11 months ago

Hey @DrFunk-n-stein and @ACronje 👋

I'm happy to let you know that the ability to select the EC2 instance type was introduced in v1.4.0!