Project

General

Profile

Actions
Copy link

Idea #20270

closed

Reduce number of public IPs required by salt install

Added by Peter Amstutz about 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Lucas Di Pentima
Category:
Deployment
Target version:
Development 2023-03-29 Sprint
Start date:
03/28/2023
Due date:
Story points:
-
Release:
Arvados 2.6.0
Release relationship:
Auto

Description

During discussion, it came up that a brand new AWS account can't have more than 5 public IP addresses.

We think for a smallish deployment we can shrink it down to the following public nodes:

  • controller/API/keep-balance/crunch-dispatch/websockets
  • workbench/workbench2/prometheus/grafana/webshell/keep-web/keepproxy

The NAT gateway for the private nodes to communicate with the internet also requires a public IP, so this would mean 3 public IPs (currently it is 6).

In addition we have two private nodes:

  • keep0
  • shell

To do:

  • change "hostnames" to "hosts" to make it clearer
  • split host list into public and private
  • drop keep1 entirely
  • make "keep0" and "shell" private hosts
  • add installer option to use controller as a jump host (ssh -J)
  • make sure "initialize" copies terraform/aws/.gitignore
  • update local.params of the installer to reflect change of allocation of services
  • update install documentation to reflect changes to the new recommended configuration

Subtasks 1 (1 open0 closed)

Task #20274: Review 20270-salt-installer-less-instancesIn ProgressPeter Amstutz03/28/2023Actions
Actions
Copy link
 #1

Updated by Peter Amstutz about 1 year ago

  • Status changed from New to In Progress
Actions
Copy link
 #2

Updated by Peter Amstutz about 1 year ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by Peter Amstutz about 1 year ago

  • Description updated (diff)
Actions
Copy link
 #4

Updated by Peter Amstutz about 1 year ago

  • Release set to 57
Actions
Copy link
 #5

Updated by Lucas Di Pentima about 1 year ago

Updates at 7aeaedb - branch 20270-salt-installer-less-instances

  • Terraform changes
    • Removes keepproxy & keep1 nodes.
    • Removes shell & keep0 nodes' public IP addresses.
    • Refactors VPC code so that shell & keep0 are now created on the private subnet (same as compute nodes) and get Internet access.
  • Copies terraform dir's .gitignore file to avoid committing huge binaries to the repository.
  • Updates installer to reflect changes from terraform, assigning keepproxy role to the workbench node.
  • Updates installer script to use the controller node as an SSH jump host for deployment. (configurable)
Actions
Copy link
 #6

Updated by Peter Amstutz about 1 year ago

Lucas Di Pentima wrote in #note-5:

Updates at 7aeaedb - branch 20270-salt-installer-less-instances

  • Terraform changes
    • Removes keepproxy & keep1 nodes.
    • Removes shell & keep0 nodes' public IP addresses.
    • Refactors VPC code so that shell & keep0 are now created on the private subnet (same as compute nodes) and get Internet access.
  • Copies terraform dir's .gitignore file to avoid committing huge binaries to the repository.
  • Updates installer to reflect changes from terraform, assigning keepproxy role to the workbench node.
  • Updates installer script to use the controller node as an SSH jump host for deployment. (configurable)

This LGTM

Actions
Copy link
 #7

Updated by Lucas Di Pentima about 1 year ago

  • % Done changed from 0 to 100
  • Status changed from In Progress to Resolved
Actions
Copy link
 #8

Updated by Brett Smith about 1 year ago

For posterity, I also fielded a question about this in a partner discussion last week. They'll be glad to hear about this change.

Actions
Copy link

Also available in: Atom PDF