Hi,
We are deploying a set of apps for our client. One of the critical requirement is app based egress IP, which is now achievable. However, these IP addresses are locked by external parties, and hence they cannot change. Everychange would mean few days of delay.
My question is, if I have to change the egress ip allocation to a different APP, or if I delete an app, can I reassign same IP to another app? Is the IP preserved to my organisation which I can move around the apps If required? Once issued, I dont want to lose those IP’s
No, app-scoped egress IPs are bound to apps and cannot be preserved when the app is deleted. This is the same as regular app ingress IPv4 / IPv6 addresses.
You can, however, keep an app alive without a machine in it, if the idea here is to minimize billing when you don’t need machines running. You will still be billed for the egress IPs.
My only concern is if for any reason, the app is being reconfigured, or redeployed due to versioning, when we need old and new version app at once, we might not be able to migrate it.
Easier option probably is to create and maintain a proxy app which has no other purpose but to proxy via egress.
It would have been great though to preserve the IP, at least the egress one’s like how we have on AWS and other cloud providers.
Reconfiguring and redeploying shouldn’t require deleting and recreating the app. The only case where you may want to have two apps for this purpose is when you in fact want two versions of the same app at the same time. In that case though one egress IP is not going to cut it either even if it can be preserved through app deletion / recreation. What you’d need in that case are organization-scoped egress IPs, which we don’t support right now and there’s currently no plan to support that in the near future.
You may also choose to always have two apps ready, and only one deployed. Both hold some egress IP assignments which you give to your providers for allowlisting.
Can I be atleast rest assured, the egress IP’s will not be taken away from us once allocated? We have vendor issues, in case of egress ip change. Its not straightforward.
We won’t move egress IPs around randomly as long as the app stays created and you did not call the release api endpoint / cli command yourself. Although please make sure to also review the list of caveats for app-scoped egress IPs if dealing with your vendor to change them is painful.
Caveats are manageable. We plan to keep 2 egress IP’s per region, just to safeguard future spikes. But 1024 requests are too many, and 64 machines are way too many. We are looking at 3-4 machines per region max, and 2 regions max for now.
You should be fine then by just keeping a couple apps + egress IPs active and don’t delete them. We won’t be touching your egress IPs for no reason unless the app gets deleted or the IP itself gets released.