search

coreos / tectonic-forum

Apache License 2.0
30 stars 9 forks source link

How to configure Tectonic on AWS to not use Elastic IP's? #274

Open magnus-larsson opened 6 years ago

magnus-larsson commented 6 years ago

Issue Report Template

Tectonic Version

tectonic_1.8.4-tectonic.3

Environment

What hardware/cloud provider/hypervisor is being used with Tectonic?

AWS

Expected Behavior

Being able to setup multiple Tectonic clusters in the same region using the same AWS Account.

Actual Behavior

Since each Tectonic cluster consumes 3 Elastic IP addresses and Amazon only allow to 5 Elastic Ip addresses per AWS Account and region (see https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Appendix_Limits.html#vpc-limits-eips), we can't create two Tectonic clusters in the same region using the same AWS Account.

According to https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Appendix_Limits.html#vpc-limits-eips it should be possible to use Tectonic without using Elastic IPs, but we can't find any documentation that describes how to configure Tectonic to not use Elastic IPs.

Reproduction Steps

  1. Use the standard installation procedure for starting a new Tectonic cluster on AWS twice, using the same AWS access key, secret and region.
  2. During provisioning of the second cluster an error message like the following is displayed:
Error applying plan:

1 error(s) occurred:

* module.vpc.aws_eip.nat_eip[1]: 1 error(s) occurred:

* aws_eip.nat_eip.1: Error creating EIP: AddressLimitExceeded: The maximum number of addresses has been reached.
    status code: 400, request id: 36a57d4a-5154-4d19-afbd-bea6001429ce

Other Information

Please supply us with information on how to setup a Tectonic cluster in AWS without using 3 Elastic IP's per cluster!

trinvh commented 6 years ago

+1 How to configure the facing IP linked to an existing IP?

UnderMyBed commented 6 years ago

Since each Tectonic cluster consumes 3 Elastic IP addresses and Amazon only allow to 5 Elastic Ip addresses per AWS Account and region

You can contact AWS and have them increase the Limit on EIPs, The other option is to build out rhe cluster in a Private configuration. You can do this but setting up the VPC a head of time and then installing tectonic into an "Existing VPC(Private)". https://coreos.com/tectonic/docs/latest/install/aws/requirements.html#using-an-existing-vpc

There are some limitations to this approach, The first being you are going to need a path to the internal network to access all the nodes in the cluster(VPN). Another big one is you will not be able to use NodePort for external traffic so an Ingress controller and LoadBalancers are required for public facing deployments.