Disable deployment of allow-{TCP/UDP}-egress services when NAT Gateway is used

gardener / gardener-extension-provider-azure

Gardener extension controller for the Azure cloud provider (https://azure.microsoft.com).

https://gardener.cloud

Apache License 2.0

10 stars 80 forks source link

Disable deployment of allow-{TCP/UDP}-egress services when NAT Gateway is used #293

Open kon-angelo opened 3 years ago

kon-angelo commented 3 years ago

How to categorize this issue?

/area control-plane /kind enhancement /priority 3 /platform azure

What would you like to be added: Disable the deployment of the `allow-{tcp,udp}-egress services used to configure egress traffic on Azure's Standard LBs when the shoot is using NAT Gateway.

Why is this needed: The services are unnecessary if the NatGateway is used. Furthermore this change allows for cost optimisation since there are less resources needed for a minimal shoot.

kon-angelo commented 1 year ago

/remove lifecycle/rotten

ebensom commented 1 year ago

Hi @kon-angelo,

Our projects use around 200 legacy Azure clusters where the NAT gateway is not enabled. One Public IP costs 0.005 cent / hour, which is 3.6 dollars per 30 days, and there are 2 public IPs created per cluster (allow-tcp-egress and allow-udp-egress). 200 7.2 dollars 12 month is 17280 dollars per year, which is a good room for cost optimization.

Could this enhancement be prioritized?