|
|
|
|
|
|
by outworlder
679 days ago
|
|
|
> if you have a significant number of services that are private but need internet access it is still cheaper than NAT gateway but just barely. Also depends on the volume of traffic we are talking about. NAT GW is $0.045/h even if doing nothing, plus $0.045/GB, plus egress. IP is $0.005 without any extra costs other than the standard egress. > For production there is a large list to make it high availability. Yes! Which is why I wouldn't do it in production unless your org and team structure can deal with it. The problem is solvable technically(and that's how we used to do things before the service existed) but the people problem is trickier - this kind of infrastructure runs a high chance of getting neglected and mostly forgotten until it causes an outage. Outages (often due to instance 'maintenance') caused us to migrate away from using our own NAT. If they cause you to lose money, or spend a bunch of engineer hours, there goes your savings. AWS NAT Gateway is pretty reliable in comparison and you mostly forget it exists. The problem is just cost - you pay per hour, and you per for egress on top of the usual egress charges. So AWS is double dipping there. I wish AWS had the same underlying VM tech as Google. GCP can migrate systems to another hypervisor without start/stop and without even dropping network connections. Unless the underlying hypervisor dies with no warning, having the ability to keep your connections up would avoid some people getting paged, even if HA kicks in. |
|
|
That's only 10 servers. I sometimes forget they charge per GB too. That particular charge rarely affects me but if your private services need a lot of data that can certainly add up.
To expand on that, additionally, if you are running your own NAT you need to have one instance per AZ or you end up with cross-subnet transfer costs. So that's at least one cost that you save with NAT gateway (though moot if you run all your services in the public subnets)