terraform-aws-ec2-bastion-server
terraform-aws-ec2-bastion-server copied to clipboard
cloudposse
Support multiple EBS volume types & set default to less-expensive gp3
This is a minor change that could offer a very small cost-savings for bastion hosts. We would like to see it reflected upstream if possible.
If the change to a gp3 default is concerning due to a large volume of TF updates, could the support for specifying volume_type still be added so we can manually specify gp3?
NOTE: This change overlaps partly with #72.
- That PR absorbed some other work that wasn't ready for upstream b/c we based it on
master - This change responds to the PR comment: https://github.com/cloudposse/terraform-aws-ec2-bastion-server/pull/72#discussion_r640105565
what
- Changes the root volume of the bastion instances from
gp2to the newergp3type - Still allows support for
gp2,standardor any other volume types - Adds validation to volume-type var. All TF 0.13+ types are included: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#volume_type
why
- The
gp3type now being set as default is both less expensive per-GB and more-performant for small volumes- Since bastion servers have small boot volumes they should never need the larger-sizes where
gp2is needed - This is mainly a cost-savings for bastion disk-patterns
- Since bastion servers have small boot volumes they should never need the larger-sizes where
- Allowing volume-type to be specified allows
gp2orstandardvolume-types if required
references
- https://aws.amazon.com/about-aws/whats-new/2020/12/introducing-new-amazon-ebs-general-purpose-volumes-gp3/
I think the "Auto Format" workflow failure is due to a configuration error or traffic-issue for your "cloudpossebot" @Gowiem. The repo it's getting a 403 from is publicly accessible: https://github.com/WorkingGroupLink/terraform-aws-ec2-bastion-server/
remote: Permission to WorkingGroupLink/terraform-aws-ec2-bastion-server.git denied to cloudpossebot.
fatal: unable to access 'https://github.com/WorkingGroupLink/terraform-aws-ec2-bastion-server/': The requested URL returned error: 403
Error: Process completed with exit code 128.
@mbijon happens sometimes. Mind pushing an empty commit? It will sometimes resolve itself --
git commit --allow-empty -m "Trigger CI"
git push
Thanks!
Done @Gowiem. Unfortunately it also triggered a merge-commit on my end & failed again anyway...
@mbijon happens sometimes. Mind pushing an empty commit? It will sometimes resolve itself --
git commit --allow-empty -m "Trigger CI" git pushThanks!
Ah @mbijon I think with you opening from another org ("WorkingGroupLink"), it's not getting the proper permissions... I'm not sure what the deal is there. @Nuru can I bug you to shed some knowledge on how this works when you have a minute? I know I've seen you poke people for this before.
@Gowiem wouldn't it work better, faster if you cherry-picked my code into a local branch?
If so, I pushed a cleaner branch without the merge commits to here. Just grab the 2 most-recent commit for the work that matters: https://github.com/WorkingGroupLink/terraform-aws-ec2-bastion-server/commits/mbijon/volume-type
👋 I'm interested in this as well. Can this be merged any time soon please? Thanks for all the great work 🙇
Thanks @mbijon for creating this pull request!
A maintainer will review your changes shortly. Please don't be discouraged if it takes a while.
While you wait, make sure to review our contributor guidelines.
[!TIP]
Need help or want to ask for a PR review to be expedited?
Join us on Slack in the
#pr-reviewschannel.
![mergify[bot] avatar](https://avatars.githubusercontent.com/in/10562?v=4 "Published by a pub.dev verified publisher"){kind=small}