Enable one NAT gateway per subnet (!205) · Merge requests · opencraft / dev / Grove

Matjaz Gregoric requested to merge mtyaka/SE-5946-multi-az-nat into main Jul 20, 2023

Description

AWS suggests that each AZ should have its own NAT gateway to take advantage of the redundancy that AZs provide.

The terraform AWS VPC provider supports three different NAT gateway scenarios.

We pick the first (default) option: One NAT gateway per subnet. The provider creates each subnet in diferent AZ, and in this scenario creates a NAT gateway in each AZ where it set up a subnet.

The alternative configuration with one_nat_gateway_per_az = true would require us to create a subnet in every single AZ in the chosen AWS region. For us-east-1 that would be 6 AZs, which is overkill for our use case.

Testing instructions

Steps to test the changes:

Check out this change and run ./tf plan.
Verify that the plan output shows that it will replace the single NAT gateway with three gateways, each in a separate AZ.
Run ./tf apply, verify that it succeeds and that things continue to work correctly after the plan is applied.

Checklist

If any of the items below is not applicable, do not remove them, but put a check in it.

All providers include the new feature/change
All affected providers can provision new clusters
Unit tests are added/updated
Documentation is added/updated
The TOOLS_CONTAINER_IMAGE_VERSION in ci_vars.yml is updated
The grove-template repository is updated

Additional context

Add any other context about the merge request here.

Edited Jul 22, 2023 by Matjaz Gregoric

Enable one NAT gateway per subnet

Description

Testing instructions

Checklist

Additional context

Merge request reports