Merge pull request #4585 from EnterpriseDB/release/2023-08-07

Release: 2023-08-07
EnterpriseDB · Aug 7, 2023 · 507c865 · 507c865 · github-actions · Aug 7, 2023
2 parents 0777280 + ec7a26b
commit 507c865
Show file tree

Hide file tree

Showing 6 changed files with 132 additions and 4 deletions.
diff --git a/advocacy_docs/pg_extensions/pg_tuner/using.mdx b/advocacy_docs/pg_extensions/pg_tuner/using.mdx
@@ -9,6 +9,9 @@ You can use EDB Postgres Tuner in two ways: to automatically apply all tuning re
 
 To automatically apply all tuning recommendations, set the `edb_pg_tuner.autotune` parameter to `true`. Restart Postgres to apply the change. EDB Postgres Tuner then begins applying tuning recommendations.  
 
+!!! Note
+    Automatic tuning isn't currently supported for BigAnimal.
+
 ## Manual tuning
 
 To manually apply selected tuning recommendations, make sure the `edb_pg_tuner.autotune` parameter is set to `false`, which is the default. Then, use the `edb_pg_tuner_recommendations` function to inspect the tuning recommendations from the output. 

diff --git a/gatsby-config.js b/gatsby-config.js
@@ -196,7 +196,7 @@ module.exports = {
         mergeCachingHeaders: false,
         allPageHeaders: isProduction ? [] : ["X-Robots-Tag: noindex"],
         headers: {
-          "/pdf/*": [
+          "/docs/pdfs/*": [
             "X-Robots-Tag: noindex",
             "X-Printshop-Directive: spiralbound",
           ],

diff --git a/...ase/using_cluster/02_connecting_your_cluster/01_connecting_from_azure/index.mdx b/...ase/using_cluster/02_connecting_your_cluster/01_connecting_from_azure/index.mdx
@@ -1,5 +1,6 @@
 ---
 title: Connecting from Azure
+navTitle: From Azure
 redirects:
  - /biganimal/release/using_cluster/connecting_your_cluster/01_connecting_from_azure
  - /biganimal/release/using_cluster/02_connecting_your_cluster/01_connecting_from_azure/01_private_endpoint

diff --git a/...lease/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/index.mdx b/...lease/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/index.mdx
@@ -1,5 +1,6 @@
 ---
 title: Connecting from AWS 
+navTitle: From AWS
 redirects:
 - /biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/01_vpc_endpoint/
 ---

diff --git a/...l/release/using_cluster/02_connecting_your_cluster/connecting_from_a_client.mdx b/...l/release/using_cluster/02_connecting_your_cluster/connecting_from_a_client.mdx
@@ -1,5 +1,6 @@
 ---
 title: Connecting from a client app
+navTitle: From a client app
 ---
 
 You can connect to your cluster using the client of your choice including:

diff --git a/.../release/using_cluster/02_connecting_your_cluster/connecting_from_gcp/index.mdx b/.../release/using_cluster/02_connecting_your_cluster/connecting_from_gcp/index.mdx
@@ -1,10 +1,132 @@
 ---
 title: Connecting from Google Cloud
+navTitle: From Google Cloud
 ---
 
-If you are using your Google Cloud account, you can use Google Cloud's [Private Service Connect](https://cloud.google.com/vpc/docs/configure-private-service-connect-producer) to publish services using internal IP addresses in your VPC network. Private Service Connect is a network interface that securely connects a private IP address from your Google Cloud VPC to an external service. You grant access only to a single cluster instead of the entire BigAnimal resource VPC, thus ensuring maximum network isolation. 
+The way you create a private Google Cloud endpoint differs when you're using your Google Cloud account versus using BigAnimal's cloud account.
 
-Private Service Connect provides two methods to connect to published services: using endpoints or load balancers (also referred to as Private Service Connect backends). We provide step-by-step directions in the knowledge base for the method using load balancers (see [Connect to BigAnimal private cluster using GCP Private Service Connect](https://support.biganimal.com/hc/en-us/articles/20383247227801-GCP-Connect-to-BigAnimal-private-cluster-using-GCP-Private-Service-Connect)). Private Service Connect backends use a load balancer configured with Private Service Connect network endpoint group (NEG) backends. For more information, see [About Private Service Connect backends](https://cloud.google.com/vpc/docs/private-service-connect-backends) and [Create a Private Service Connect backend](https://cloud.google.com/vpc/docs/access-apis-managed-services-private-service-connect-backends).
+## Using BigAnimal's cloud account
+When using BigAnimal's cloud account, you provide BigAnimal with your Google Cloud project ID when creating a cluster (see [Networking](/biganimal/latest/getting_started/creating_a_cluster/#network-logs--telemetry-section)). BigAnimal, in turn, provides you with a Google Cloud service attachment, which you can use to connect to your cluster privately.
 
-While we recommend using Private Service Connect when using your Google Cloud account, another option is VPC peering. See [VPC peering](vpc_peering) for more information.
+1. When creating your cluster, on the **Cluster Settings** tab, in the **Network** section:
+   1. Select **Private**.
+
+   1. Enter your application's Google Cloud project ID.
+
+1. After the cluster is created, go to the cluster details to see the corresponding service attachment. You need the service attachment while creating a PSC-connected endpoint.
+
+1. Create a connected endpoint in the client's VPC. The steps for creating a connected endpoint in the client's VPC are the same whether you're using BigAnimal's cloud or your cloud. See [Step 2: Create a connected endpoint for the VM client/application](#step-2-create-a-connected-endpoint-for-the-vm-clientapplication).
+
+1. In your application's Google Cloud, select **Private Service Connect**, and then select **Connected Endpoints**. Select the endpoint you created previously, and use the service attachment provided in the details section in BigAnimal to access your cluster.
+
+## Using your Google Cloud account
+
+Two different methods enable you to connect to your private cluster from your application's VPC in Google Cloud. Each method offers different levels of accessibility and security. 
+
+- You can use Google Cloud [Private Service Connect (PSC)](https://cloud.google.com/vpc/docs/configure-private-service-connect-producer) to publish services using internal IP addresses in your VPC network. PSC is a network interface that securely connects a private IP address from your Google Cloud VPC to an external service. You grant access only to a single cluster instead of the entire BigAnimal resource VPC, thus ensuring maximum network isolation. We refer to this process of connecting as using PSC-connected endpoints. 
+
+- We recommend the PSC-connected endpoint method and it is most commonly used. It's the method we describe in this topic. However, you can also use the [VPC peering](vpc_peering) connection method, if required by your organization.
+
+### PSC-connected endpoint example
+This example shows how to connect your cluster using PSC-connected endpoints. 
+
+Assume that your cluster is in a project called `development` and is being accessed from a client in another project called `test`. It has the following properties:
+
+-  BigAnimal cluster:
+   - Google Cloud Project Project: `development`
+   - Google Cloud Project ID: `development-001`
+   - BigAnimal Cluster ID: `p-mckwlbakq5`
+   - Region where BigAnimal cluster is deployed: `us-central1`
+   - BigAnimal Organization ID: `brcxzr08qr7rbei1`
+   - Organization's domain name: `biganimal.io`
+   - Host Name: `p-mckwlbakq5.private.brcxzr08qr7rbei1.biganimal.io`
+- VM Client:
+   - Google Cloud Project Name: `test`
+   - Google Cloud Project ID: `test-001`
+   - VM Client/App: `test-app-1`
+   - VM Client’s VPC: `client-app-vpc`
+   - VM Client’s Subnet: `client-app-subnet`
+
+
+### Prerequisites
+
+To walk through an example in your own environment, you need a:
+
+- BigAnimal Postgres cluster deployed with private connectivity.
+- VM with a client/application installed in your Google Cloud project.
+- Subnet in the VM’s VPC in the same region as the BigAnimal cluster.
+
+
+### Step 1: Publish a service from BigAnimal
+
+!!! Note
+    Perform this procedure in the Google Cloud project connected to your BigAnimal subscription.
+
+In the Google Cloud project connected to BigAnimal, create a PSC Published Service to provide access to your cluster from other VPCs in other Google Cloud projects. Perform this procedure for each Postgres cluster to which you want to provide access.
+
+1. Get the hostname of your Postgres cluster from the Connect tab of the Cluster page on the BigAnimal portal (`P-mckwlbakq5.private.brcxzr08qr7rbei1.biganimal.io`).
+
+1. Using Cloudshell, the command prompt, or other terminal, get the internal IP address of the host by performing a ping, nslookup, or dig +short &lt;host> against the hostname (`10.247.200.9`).
+
+1. In the Google Cloud portal, go to **Network Services > Load balancing**.
+
+1. In the Filter area, choose Addresses under **LOAD BALANCERS**, and filter for the host IP (`10.247.200.9`). Note the load balancer name (`a58262cd80b234a3aa917b719e69843f`).
+
+1. Navigate to **Private Service Connect > PUBLISHED SERVICES > + PUBLISH SERVICE**.
+
+1. Select **+ PUBLISH SERVICE**. 
+   1. Under **Load Balancer Type**:
+
+      1. Select **Internal passthrough Network Load Balancer**
+
+      1. Paste the load balancer name (`a58262cd80b234a3aa917b719e69843f`) in the **Internal load balancer** field.
+   1. For **Service Name**, enter the published service a name (`p-mckwlbakq5`).
+   1. For **Subnets**, choose RESERVE NEW SUBNET.
+
+1. In the Reserve subnet for Private Service Connect window, enter the following details, then select **ADD**.
+   1. For **Name**, use the name of the Postgres cluster (`p-mckwlbakq5`).
+
+   1. For **IPv4 range**, assign the CIDR for the field IPv4 range. For example, `10.247.214.0/29`.
+   !!! Note Recommendations for IP Range:
+       - Allocate at least 8 IP addresses to the CIDR.  The subnet mask should not be greater than 29.
+       - Avoid overlap with other reserved IP ranges by not allocating too many IP addresses at one time.
+       - If you encounter the error "This IPv4 address range overlaps with a subnet you already added. Enter an address range that doesn't overlap.", you’ll need to use another CIDR block (until no error returns).
+
+1. (Optional) Add the consumer (where the client app resides) Google Cloud project ID (`test-001`) to accept connections automatically.
+
+1. Select **ADD SERVICE** and get the name of the service attachment.  You may need to select the newly created Published service to find the name of the service attachment. (`projects/development-001/regions/us-central1/serviceAttachments/p-mckwlbakq5`).
+
+1. Proceed to Step 2: Create a connected endpoint for the VM client/application.
+
+### Step 2: Create a connected endpoint for the VM client/application
+
+!!! Note
+    You perform this procedure in the Google Cloud project where your VM client/application resides.
+
+1. From the Google Cloud console, switch over to the project where your VM client/application resides (`test`).
+
+1.  Go to **Compute Engine > VM Instances > Network Interface > Network** to get the VPC of your VM (`client-app-vpc`).
+
+1. Go to **Network Services > Private Service Connect - CONNECTED ENDPOINTS > +CONNECT ENDPOINT** to create an endpoint with the VPC. 
+   1. For the Target, select Published service, and use the service attachment captured earlier (`projects/development-001/regions/us-central1/serviceAttachments/p-mckwlbakq5`).
+
+   1. For the Endpoint name, use the name of your VM client/application (`test-app-1`).
+   1. For the Network (VPC), use the name of your VM Client’s VPC (`client-app-vpc`).
+   1. For the Subnetwork, use your VM Client’s Subnet (`client-app-subnet`).
+      !!! Note
+          If no subnet is available, create a subnet in the VPC for the region where your Postgres cluster was created. Refer to the steps in [this knowledge base article](https://support.biganimal.com/hc/en-us/articles/20383247227801-GCP-Connect-to-BigAnimal-private-cluster-using-GCP-Private-Service-Connect#h_01H4NMNNSFQXNTX78W08Q3G39K).
+    1. For the IP address, create an IP address, or choose an existing IP that is not used by the other endpoints.
+    1. Enable Global Access.
+       !!! Note
+           If your VM is running in a different region from BigAnimal, then Global Access should always be enabled.
+1. Select ** ADD ENDPOINT**.
+
+1. Check to see if the endpoint status is Accepted, and obtain the IP address. 
+   !!! Note
+       If the endpoint status is Pending, refer to the steps in [this knowledge base article](https://support.biganimal.com/hc/en-us/articles/20383247227801-GCP-Connect-to-BigAnimal-private-cluster-using-GCP-Private-Service-Connect#h_01H4NMPGXCSC9V30WNESV52FAV). 
+
+1. Connect to your BigAnimal cluster from your client application using the endpoint IP address (for example, `psql "postgres://edb_admin@<endpoint IP>:5432/edb_admin?sslmode=require"`).
+
+### Step 3: Set up a Private DNS Zone (optional)
+Setting up a Private DNS Zone in your Google Cloud project allows you to connect BigAnimal with the host.  For instructions on setting up a Private DNS Zone, refer to [this knowledge base article](https://support.biganimal.com/hc/en-us/articles/20383247227801-GCP-Connect-to-BigAnimal-private-cluster-using-GCP-Private-Service-Connect#h_01H4QMHF1DJGKW5ED2BQ6YCT29).