nixops-aws icon indicating copy to clipboard operation
nixops-aws copied to clipboard

Published 20 hours ago verified publisher icon NixOS

Only use private IP for machines in the same region

Open mpickering opened this issue 4 years ago • 4 comments

This just puts the check back to how it was when the code was originally written, it is at least more correct than before.

mpickering avatar Feb 19 '21 07:02 mpickering

cc @tewfik-ghariani

adisbladis avatar Feb 19 '21 08:02 adisbladis

To clarify the problem this fixes is if you deploy two AWS machines to different regions then the generated /etc/hosts would mention the private IPs of each machine rather than the public IP.

mpickering avatar Feb 19 '21 08:02 mpickering

It's probably more useful to configure VPC peering.

You can establish peering relationships between VPCs across different AWS Regions (also called Inter-Region VPC Peering). This allows VPC resources including EC2 instances, Amazon RDS databases and Lambda functions that run in different AWS Regions to communicate with each other using private IP addresses

-- https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html

Should be similar price as well, if we can trust this chart.

roberth avatar Feb 19 '21 10:02 roberth

VPC peering wouldn't work as a generic solution, since it doesn't allow for overlapping CIDRs. This is certainly better than the current behavior, which is just straight up broken. I've been using a similar fix in my own repo.

talyz avatar Feb 15 '24 13:02 talyz