Support provisioning instances without public IPs on AWS #1201

r4victor · 2024-05-07T09:17:41Z

Currently, dstack-provisioned instances always have public IP addresses assigned. Users may want to provision instances without public IPs and connect to instances via internal VPC addresses for security reasons.

The proposal is to introduce public_ips: true/false field to the backend config:

type: aws
  creds:
    type: default
  public_ips: false

When public_ips: true, dstack provisions a new instance with a public IP (the current behavior). When public_ips: false, dstack assigns no public IP and uses a private IP to connect to the instance.

Users need to make sure that the dstack server, gateways, and dev machines can access the instances via internal IPs. For example:

To access instance from dev machines, users set up VPN to the VPC, e.g. AWS Client VPN.
To connect different VPCs in different regions, VPC-peering can be used.

We'll start by supporting instances without public IPs on AWS. We can then support Azure, GCP, etc.

The text was updated successfully, but these errors were encountered:

r4victor added the feature label May 7, 2024

r4victor self-assigned this May 7, 2024

r4victor mentioned this issue May 8, 2024

Support provisioning instances without public IPs on AWS #1203

Merged

r4victor closed this as completed in #1203 May 8, 2024

r4victor mentioned this issue May 14, 2024

[Roadmap] Q2 2024 #1116

Closed

41 tasks

peterschmidt85 mentioned this issue Jun 24, 2024

[Roadmap] Q3 2024 #1350

Open

42 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support provisioning instances without public IPs on AWS #1201

Support provisioning instances without public IPs on AWS #1201

r4victor commented May 7, 2024

Support provisioning instances without public IPs on AWS #1201

Support provisioning instances without public IPs on AWS #1201

Comments

r4victor commented May 7, 2024