From 0d6160d5a542032529b9dbb8539b4ffdabfd128a Mon Sep 17 00:00:00 2001 From: Eric Hole Date: Fri, 27 Jan 2017 15:40:13 -0500 Subject: [PATCH] Update cluster spec to explain why public ngw is in private subnet spec. --- docs/cluster_spec.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/cluster_spec.md b/docs/cluster_spec.md index 370d25a43e..11f5f7e51d 100644 --- a/docs/cluster_spec.md +++ b/docs/cluster_spec.md @@ -61,9 +61,9 @@ spec: ID of a subnet to share in an existing VPC. #### egress -The resource identifier (ID) of something in your existing VPC that you would like to use as "egress" to the outside world. This feature was originally envisioned to allow re-use of NAT Gateways. In this case, the correct usageis as follows. - +The resource identifier (ID) of something in your existing VPC that you would like to use as "egress" to the outside world. +This feature was originally envisioned to allow re-use of NAT Gateways. In this case, the usage is as follows. Although NAT gateways are "public"-facing resources, in the Cluster spec, you must specify them in the private subnet section. One way to think about this is that you are specifying "egress", which is the default route out from this private subnet. ``` spec: