Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pass an EIP to the EC2 instance created #124

Closed
bsuv opened this issue Aug 21, 2019 · 12 comments
Closed

Pass an EIP to the EC2 instance created #124

bsuv opened this issue Aug 21, 2019 · 12 comments
Labels
enhancement 🆕 New feature or request stale Issue/PR is stale and closed automatically

Comments

@bsuv
Copy link
Contributor

bsuv commented Aug 21, 2019

In some cases when using spot, I'd like to be able to provide an EIP and reuse them in case the spot is terminated.

This is useful to prevent changing inbound rules that uses the runner's public IP as a source in their inbound rule.

@npalm
Copy link
Collaborator

npalm commented Aug 21, 2019

@bsuv feel free to propose a PR. I use the runners in a private subnet, so no public ones are attached.

@bsuv
Copy link
Contributor Author

bsuv commented Aug 22, 2019

I will work on a PR. The issue with having them in a private subnet is that the NAT Gateway costs can become prohibitive

@roock
Copy link
Contributor

roock commented Sep 30, 2019

related issue #92

@roock
Copy link
Contributor

roock commented Oct 24, 2019

I've started working on this issue: roock@c204e4b
i t is working when enabling the use of EIP, but for disabling the feature I need a way to reference a non existing object (aws_eip is only create if the flag is set)
seems to work fine, tested with runner on public subnet with and without flag enabled @npalm what do you think?

@kostyrev
Copy link

kostyrev commented Dec 4, 2019

@roock do not hard code region and please do rebase from upstream and open PR

@roock
Copy link
Contributor

roock commented Dec 4, 2019

@kostyrev ups, thx for the hint

@roock
Copy link
Contributor

roock commented Sep 5, 2020

Assignment of EIP to the Runner server itself was added in #161 and #165. Not sure if it is possible to add support for EIPs for the docker-machine servers though.

@npalm
Copy link
Collaborator

npalm commented Sep 6, 2020

@roock seems not supported by the aws docker machine driver https://docs.docker.com/machine/drivers/aws/

@roock
Copy link
Contributor

roock commented Sep 6, 2020

A possibility would be to use the user_data to assign an EIP to the docker-machine instances.

@kayman-mk
Copy link
Collaborator

kayman-mk commented Oct 14, 2021

Is it really necessary to expose the runners? You could also access your machines via AWS Console (SSM access). Seems to be easier to configure and less risky.

If we are talking about the agent: There should be an inbound rule which allows traffic from your Gitlab instance only. And the communicatin agent <-> runner should be safeguarded through the module itself using security groups.

We should be fine without an EIP at all or do I miss something? Any other use case?

@kayman-mk kayman-mk added the enhancement 🆕 New feature or request label Dec 31, 2022
@github-actions
Copy link
Contributor

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 15 days.

@github-actions github-actions bot added the stale Issue/PR is stale and closed automatically label Mar 19, 2023
@github-actions
Copy link
Contributor

github-actions bot commented Apr 4, 2023

This issue was closed because it has been stalled for 15 days with no activity.

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Apr 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement 🆕 New feature or request stale Issue/PR is stale and closed automatically
Projects
None yet
Development

No branches or pull requests

5 participants