https://pulumi.com logo
Join Slack
Powered by
Hi, I am trying to configure my setup to have `thr...
# general
d
Hi, I am trying to configure my setup to have 
three
private IP addresses and 
one
public IP address. It appears that the number of public and private IP addresses needs to be specified based on the 
availability_zone_names
setting. However, when I set the 
availability_zone_names
to just one zone, I encounter the following error message:
Copy code
error: 1 error occurred:
    	* creating EKS Cluster (cluster-st-eksCluster-191a4b9): 
InvalidParameterException: Subnets specified must be in at least two different AZs
    {
      RespMetadata: {
        StatusCode: 400,
        RequestID: "0c701568-8ef4-4783-ace8-8c3577673cf4"
      },
      ClusterName: "cluster-st-eksCluster-191a4b9",
      Message_: "Subnets specified must be in at least two different AZs"
    }
How to configure 
VPC
to have 
three
private IP addresses and 
one
public IP address ?
Copy code
from pulumi import log
import pulumi_awsx

AVAILABILITY_ZONE_NAMES = [
    'us-west-2a',
    # 'us-west-2b',
    # 'us-west-2c'
]

# VPC
def create_vpc():
    <http://log.info|log.info>('[base.vpc.create_vpc]')
    vpc = pulumi_awsx.ec2.Vpc(
        'vpc',
        subnet_specs=[
            pulumi_awsx.ec2.SubnetSpecArgs(
                type=pulumi_awsx.ec2.SubnetType.PRIVATE,
                tags={
                    "<http://kubernetes.io/cluster/example|kubernetes.io/cluster/example>": "owned",
                    '<http://kubernetes.io/role/internal-elb|kubernetes.io/role/internal-elb>': '1',
                },
            ),
            pulumi_awsx.ec2.SubnetSpecArgs(
                type=pulumi_awsx.ec2.SubnetType.PUBLIC,
                tags={
                    "<http://kubernetes.io/cluster/example|kubernetes.io/cluster/example>": "owned",
                    '<http://kubernetes.io/role/elb|kubernetes.io/role/elb>': '1',
                },
            ),
        ],
        availability_zone_names=AVAILABILITY_ZONE_NAMES,
        tags={"name": f"{VPC_NAME}-tag"}
    )
    return vpc
s
Do you mean 3 private subnets and one public subnet? If so, that’s not possible with AWSX and isn’t in line with best practices anyway. Your subnets should be uniform in all AZs, and you should have at least 3 AZs for any production workload.
You can have a single NAT Gateway to service all 3 subnets if you want tho. There’s an option for that in the AWSX vpc component.
d
Yes, I mean 3 private subnets and one public subnet. I tried it by using 
nat_gateways
option:
Copy code
def create_vpc():
    <http://log.info|log.info>('[base.vpc.create_vpc]')
    eip = pulumi_aws.ec2.Eip(
        f"eip{DEPLOY_NAME_PREFIX}"
    )
    vpc = pulumi_awsx.ec2.Vpc(
        VPC_NAME,
        cidr_block="12.0.0.0/16",
        subnet_specs=[
            pulumi_awsx.ec2.SubnetSpecArgs(
                type=pulumi_awsx.ec2.SubnetType.PRIVATE,
                tags={
                    CLUSTER_TAG: "owned",
                    '<http://kubernetes.io/role/internal-elb|kubernetes.io/role/internal-elb>': '1',
                },
            ),
            pulumi_awsx.ec2.SubnetSpecArgs(
                type=pulumi_awsx.ec2.SubnetType.PUBLIC,
                tags={
                    CLUSTER_TAG: "owned",
                    '<http://kubernetes.io/role/elb|kubernetes.io/role/elb>': '1',
                },
            ),
        ],
        availability_zone_names=AVAILABILITY_ZONE_NAMES,
        nat_gateways=pulumi_awsx.ec2.NatGatewayConfigurationArgs(
            strategy=pulumi_awsx.ec2.NatGatewayStrategy.SINGLE,
            elastic_ip_allocation_ids=[eip.id],
        ),
        tags={"name": f"{VPC_NAME}-tag"}
    )
    return vpc
s
Did this end up working for you?
3 Views
Open in Slack
PreviousNext
Powered by