Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Allow overriding NAT Gateway for fallback #89

Merged
merged 1 commit into from
Apr 23, 2024
Merged

Allow overriding NAT Gateway for fallback #89

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,13 @@ While we'd like for this to be available on the Terraform Registry, it requires
```
- If you see errors like: `error connecting to https://www.google.com/: <urlopen error [Errno 97] Address family not supported by protocol>` in the connectivity tester logs, you can set `lambda_has_ipv6 = false`. This will cause the lambda to request IPv4 addresses only in DNS lookups.

- If you want to use just a single NAT Gateway for fallback, you can create it externally and provide its ID through the `nat_gateway_id` variable. Note that you will incur cross AZ traffic charges of $0.01/GB.

```tf
create_nat_gateways = false
nat_gateway_id = "nat-..."
```



## Future work
Expand Down
5 changes: 5 additions & 0 deletions functions/replace-route/app.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,11 @@ def get_vpc_id(route_table):


def get_nat_gateway_id(vpc_id, subnet_id):
nat_gateway_id = os.getenv("NAT_GATEWAY_ID")
if nat_gateway_id:
logger.info("Using NAT_GATEWAY_ID env. variable (%s)", nat_gateway_id)
return nat_gateway_id

try:
nat_gateways = ec2_client.describe_nat_gateways(
Filters=[
Expand Down
2 changes: 2 additions & 0 deletions modules/terraform-aws-alternat/lambda.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ resource "aws_lambda_function" "alternat_autoscaling_hook" {
environment {
variables = merge(
local.autoscaling_func_env_vars,
{ NAT_GATEWAY_ID = var.nat_gateway_id },
var.lambda_environment_variables,
)
}
Expand Down Expand Up @@ -156,6 +157,7 @@ resource "aws_lambda_function" "alternat_connectivity_tester" {
ROUTE_TABLE_IDS_CSV = join(",", each.value.route_table_ids),
PUBLIC_SUBNET_ID = each.value.public_subnet_id
CHECK_URLS = join(",", var.connectivity_test_check_urls)
NAT_GATEWAY_ID = var.nat_gateway_id,
},
local.has_ipv6_env_var,
var.lambda_environment_variables,
Expand Down
6 changes: 6 additions & 0 deletions modules/terraform-aws-alternat/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,12 @@ variable "vpc_az_maps" {
}))
}

variable "nat_gateway_id" {
description = "NAT Gateway ID to use for fallback. If not provided, the gateway in the same subnet as relevant NAT instance is selected."
type = string
default = ""
}

variable "vpc_id" {
description = "The ID of the VPC."
type = string
Expand Down