Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question: Multiple Hosts #145

Open
jmortlock opened this issue Aug 12, 2021 · 3 comments
Open

Question: Multiple Hosts #145

jmortlock opened this issue Aug 12, 2021 · 3 comments

Comments

@jmortlock
Copy link

Hi

I might be missing something but is there a way for a single bastion host act as a proxy for multiple backend services?

i.e. We have multiple RDS servers that we would like to be able to connect to via a single bastion host, currently it seems like its a 1-1 relation?

Thanks
@snowiow
Copy link
Member

snowiow commented Aug 12, 2021

Hey,
yes so far we didn't run into this use case. So currently it's a 1:1 relation.

But I think in general this could be possible. Under the hood the construct uses HAProxy to forward the database port. The only thing we would then need to make configurable is this port then, since every DB needs to be forwarded on a different one.

I'm not sure yet if we should break the existing API and always expect an array of instances or if we offer an additional field like additionalDatabases which takes a List of IDatabase and Port or if we offer a completely new construct for multiple databases. Input is more than welcome on this topic 🙂

@jmortlock
Copy link
Author

Hi
Thanks for the response.

I've had a brief look at the code and to me it seems like the right place initially to add the support is in the BastionHostForward construct, by allowing the caller to provide an array of forwardedHosts, i.e. [{ host: '', port: xxx }]

That way it's easy to extend this to other services such as elasticsearch, etc... and also makes the RDS example much simpler if you don't actually need the IAM credential support.

All this being said I've only briefly started exploring this concept of using this forwarding approach and i'll probably start having more of a serious look over the next couple weeks. Seems very promising though.

@snowiow
Copy link
Member

snowiow commented Aug 20, 2021

Hi, thanks for your response and sorry for the late response.

We looked deeper into this and the best solution would be to pass all possible data stores via the props as optional args. So something like this:

export interface BastionHostForwardProps  {
  readonly rdsInstanceProps?: RDSInstanceProps;
  readonly serverlessInstanceProps?: ServerlessInstanceProps;
  readonly redisInstanceProps?: RedisInstanceProps;
  ...
}

Then we could take everything which is set and forward to these from one Bastion Host.

However this requires a major rewrite and I'm not sure when we can tackle this.

What we could do faster and in a minor version is opening up the generic BastionHostForward class (So that it's instantiable from the outside) and let it accept an array of

export interface Address  {
  readonly endpoint: string;
  readonly port: string;
}

So that you just pass the addresses to the services you want to connect to, instead of the actual constructs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@snowiow @jmortlock