Installing in a Customer-Provided Network
To enable a customer to install your app in their own network, you need 2 things:- App inputs to enable the customer to provide information about the network during the installation process.
- A Sandbox that accepts the inputs as Terraform variables, and uses them to create Terraform data sources.
Sandboxes
To give you a head start, we provide managed sandboxes for the most popular platforms. The sandboxes listed here are identical to our turnkey managed sandboxes, except they do not provision network infrastructure of their own and have extra variables for the required network info.AWS EKS BYOVPC
AWS EKS BYOVPC is a sandbox for provisioning an EKS app in a customer-provided VPC. It requires avpc_id
input.
In order for components to work with
aws-eks-byovpc
sandbox, subnets must be tagged in a way Nuon can look them up.The eks-byovpc
sandbox requires adding a "kubernetes.io/role/internal-elb:1"
tag to all private subnets, and a "kubernetes.io/role/elb:1"
tag to all public subnets.inputs.toml
sandbox.toml
AWS ECS BYOVPC
AWS ECS BYOVPC is a sandbox for provisioning an ECS app in a customer-provided VPC. It requires avpc_id
app input.
This sandbox also needs to be given private and public subnets to use. There are 2 way to do this:
- Tag the public subnets in the target VPC with
visibility:public
, and the private subnets withvisibility:private
. This is the default behavior - Define app inputs named
private_subnet_ids
andpublic_subnet_ids
that each accept a comma-separated string of subnet IDs, and pass them to the sandbox using vars. These will override any tagged subnets that are found.
inputs.toml
sandbox.toml
Azure AKS BYOVPN
The Azure AKS BYOVPN sandbox creates an AKS cluster in a customer-provided VPN. It requiresresource_group_name
, network_name
, and subnet_name
.
inputs.toml
sandbox.toml
runner.toml