[ENH] - Deploying within AWS VPC

[pavithraes]

Discussed in https://github.com/orgs/nebari-dev/discussions/1518

^{Originally posted by martinfleis October 27, 2022}
We have a RDS Postgres database running within a VPC and would need to be able to access it from within the QHub/nebari infrastructure. I see the documentation on how to do that within Azure and GC but am not sure if the same is possible within AWS. Is that possible? Any idea how can I achieve that?

As @viniciusdc mentioned, the actions are:

If I understood everything correctly, there are two requests here:

1. deploying nebari on an existing AWS VPC
2. deploying a third-party app into Nebari, allowing access to another VPC

(1) should automatically solve 2., as all apps would then be in the same VPC. The other way around would need more work.

So, for the first item, currently, Nebari accepts overwriting of the VPC/Networking for both Azure, and GCP (see old docs). The network configuration of Nebari VPC on AWS are defined here, so it is possible to implement an overriding mechanism to import an existing VPC resource to terraform. However, this would need to be scoped as an ENH issue/task.

(2) For this particular case of a DB access over VPCs... based on AWS docs, using a VPC peering seems to be the solution. I think Nebari might not be able to offer it as is during deployment due to its specificness, but we could add some toggle switch in the yaml to deploy such a Link. For a general third-party tool, we could deploy a standalone app using the nebari helm-extension mechanism and allow it IP to use the VPC tunnel.

All of the above would be wonderful enchantments to the user customization capabilities in the nebari config, and require each a separate ENH issue to track 😄

[costrouc]

At the moment non of our cloud providers support deploying using an existing VPC. Instead at the moment we do support deploying into an existing kubernetes cluster which you could create within the VPC and then using Nebari to deploy onto that cluster.

I do agree and it is a common request that we do the entire deployment but support using an existing vpc we just do not have this feature at the moment.

[rycrow]

Hey @costrouc how can we deploy onto an existing kubernetes cluster? Is there a way to use the deploy command to deploy a config .yaml file to an existing kubectl context?

[iameskild]

Hi @rycrow, there is indeed a way you can deploy Nebari to an existing kubernetes cluster. Here are the docs on how this is done (note, these docs still need to be migrated to nebari.dev but instructions themselves should still be relevant).