Skip to content
RunsOn
Blog

VPC peering

At installation time, RunsOn created a new VPC and subnets in the region you selected. Sometimes, you have existing (private) resources in another VPC, and you want to be able to reach them from the runners launched by RunsOn (e.g. Kubernetes cluster, internal services, etc.).

This is where VPC peering comes into play.

AWS provides a (free) service called VPC peering โ†— that allows you to connect two VPCs together. Until v2.5.0 you had to do this manually or with something like Terraform, but RunsOn now provides a CloudFormation template that you can use to set up VPC peering between RunsOnโ€™s VPC and your existing VPC.

Select the region

To get started, simply select the region where your existing RunsOn stack resides.

This will redirect you to the CloudFormation interface:

๐Ÿ‡บ๐Ÿ‡ธ North Virginia (us-east-1)
๐Ÿ‡บ๐Ÿ‡ธ Ohio (us-east-2)
๐Ÿ‡บ๐Ÿ‡ธ Oregon (us-west-2)
๐Ÿ‡ฎ๐Ÿ‡ช Ireland (eu-west-1)
๐Ÿ‡ซ๐Ÿ‡ท Paris (eu-west-3)
๐Ÿ‡ฉ๐Ÿ‡ช Frankfurt (eu-central-1)
๐Ÿ‡ฌ๐Ÿ‡ง London (eu-west-2)
๐Ÿ‡ฏ๐Ÿ‡ต Tokyo (ap-northeast-1)
๐Ÿ‡ธ๐Ÿ‡ฌ Singapore (ap-southeast-1)
๐Ÿ‡ฆ๐Ÿ‡บ Sydney (ap-southeast-2)

Fill in the CloudFormation stack parameters

The CloudFormation stack accepts 3 parameters:

VPC peering parameters

  • RunsOnStackName:

    • Type: String
    • Description: โ€œName of the existing CloudFormation stack for RunsOn.โ€
    • Default: โ€œruns-onโ€

  • DestinationVpcId:

    • Type: AWS::EC2::VPC::Id
    • Description: โ€œID of the destination VPC to peer with.โ€

  • DestinationVpcCidr:

    • Type: String
    • Description: โ€œCIDR block of the destination VPC.โ€
    • Default: โ€œ10.0.0.0/16โ€

Once you have filled in the parameters, you can click on the โ€œCreate stackโ€ button to create the stack. It will add the necessary routes to your existing RunsOn VPC to allow the runners to reach your private resources.

Create a route back to RunsOn VPC in your existing VPC

The only manual step left is to create a route in the route tables of your existing VPC so that traffic can flow back from your private resources to the runners in RunsOn VPC:

New route for VPC peering

If you wanted to automate the route creation (e.g. with Terraform or a script), you can use the following output parameters exposed by the CloudFormation stacks:

  • RunsOnVpcPeeringConnectionId, exposed by the VPC peering stack.
  • RunsOnVpcCidrBlock, exposed by the RunsOn stack.

As an example, you can then use the following AWS CLI command to create the route:

Terminal window
aws ec2 create-route --route-table-id <your-route-table-id> --destination-cidr-block <runs-on-vpc-cidr-block> --vpc-peering-connection-id <vpc-peering-connection-id>