From 43b40c9ad335e73e718c968080d7ca42b20ef661 Mon Sep 17 00:00:00 2001 From: drothery-edb Date: Sat, 2 Sep 2023 06:31:17 -0400 Subject: [PATCH 1/3] BigAnimal: AWS private cluster connections --- .../docs/biganimal/release/knowledge_base.mdx | 6 + .../02_connecting_from_aws/02_vpc_peering.mdx | 144 +----------------- .../02_connecting_from_aws/index.mdx | 1 + 3 files changed, 8 insertions(+), 143 deletions(-) diff --git a/product_docs/docs/biganimal/release/knowledge_base.mdx b/product_docs/docs/biganimal/release/knowledge_base.mdx index 2e764a8b062..d327bbb1306 100644 --- a/product_docs/docs/biganimal/release/knowledge_base.mdx +++ b/product_docs/docs/biganimal/release/knowledge_base.mdx @@ -32,3 +32,9 @@ See the following articles for step-by-step instructions for creating links to r See the following article for step-by-step instructions for setting up deploying PgBouncer outside of BigAnimal: - [How to configure PgBouncer with a BigAnimal cluster](https://support.biganimal.com/hc/en-us/articles/4848726654745-How-to-configure-PgBouncer-with-BigAnimal-Cluster) + +## Connecting to a private BigAnimal cluster using AWS VPC peering + +See the following article for step-by-step instructions for setting up the connection to a private BigAnimal cluster using AWS VPC peering: + +- [Connect to BigAnimal private cluster using AWS VPC peering](https://support.biganimal.com/hc/en-us/articles/6935474150425-AWS-Connect-to-BigAnimal-private-cluster-using-AWS-VPC-peering) \ No newline at end of file diff --git a/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/02_vpc_peering.mdx b/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/02_vpc_peering.mdx index 34682bdda81..35e9b48f0be 100644 --- a/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/02_vpc_peering.mdx +++ b/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/02_vpc_peering.mdx @@ -6,147 +6,5 @@ title: VPC peering VPC peering allows traffic to be freely routed between two VPCs. Once peered, the two VPCs act as one with respect to connectivity. However, network security group rules are still observed. VPC peering is simple and easy to set up, but the limitation is that IP ranges of two peered VPCs can't overlap. -## Example -This example shows how to connect using VPC peering. +For step-by-step instructions, see the [Connect to BigAnimal private cluster using AWS VPC peering](https://support.biganimal.com/hc/en-us/articles/6935474150425-AWS-Connect-to-BigAnimal-private-cluster-using-AWS-VPC-peering) knowledge base article. -!!! Note - BigAnimal uses the 10.0.0.0/16 address space and can't be peered with VPCs using this same space. If they are, the status of the VPC peering connection immediately goes to failed. - -Assume that your cluster is on an account called `development` and is being accessed from a Linux client on another account called `test`. It has the following properties: - -- Cluster: - - AWS account name: `development` - - Cluster ID: `p-mckwlbakq5` - - Account ID: `brcxzr08qr7rbei1` - - Organization's domain name: `biganimal.io` - - VPC: `vpc-cluster` - - -- Linux client: - - Subscription: `test` - - VPC: `vpc-client` - - VPC subnet: `snet-client` - - -### Prerequisites - -To walk through an example in your own environment, you need: - -- Your cluster URL. You can find the URL in the **Connect** tab of your cluster instance in the BigAnimal portal. -- A Postgresql client, such as [psql](https://www.postgresql.org/download/), installed on your client VM. - -You need to add two peering links: one from the client VPC `vpc-client` and the other from your cluster's VPC `vnet-japaneast`. - -### VPC peering connection with a VPC in another AWS account - -You can create a VPC peering connection with a VPC in the same region or a different region. - -#### Request a VPC peering connection with a VPC in another account - -1. Log in to the AWS account associated with your BigAnimal account. - -1. Open the [Amazon VPC console](https://console.aws.amazon.com/vpc/). - -1. In the navigation pane, select **Peering Connections**, and then select **Create Peering Connection**. - -1. Enter a suitable name for the peering connection. - -1. For **VPC (Requester)**, select the cluster's VPC in your account. - -1. Select **Another account**. - -1. Enter the AWS account ID of the owner of the accepter VPC. - -1. (Optional) Select **Another region**, and then select the region in which the accepter VPC resides. - -1. For **VPC (Accepter)**, enter the ID of the client VPC. - -1. Select **Create Peering Connection**. - -1. In the confirmation, select **OK**. - -1. The VPC peering connection that you created isn't active. To activate it, the owner of the accepter VPC must accept the VPC peering connection request. To enable traffic to be directed to the peer VPC, update your VPC route table. Three route tables are created at BigAnimal VPC. You need to update all of them. - - For more information, see [Update your route tables for a VPC peering connection](https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-routing.html) and [this FAQ article](https://support.biganimal.com/hc/en-us/articles/6935474150425-How-to-connect-BigAnimal-cluster-with-private-connectivity-at-AWS). - -### VPC peering connection with another VPC in your account - -You can create a VPC peering connection with a VPC in the same region or a different region. - -#### Create a VPC peering connection with a VPC in the same region - -1. Open the [Amazon VPC console](https://console.aws.amazon.com/vpc/). - -1. In the navigation pane, select **Peering Connections**, and then select **Create Peering Connection**. - -1. For **VPC (Requester)**, select the cluster VPC in your account. - -1. Ensure **My account** is selected. - -1. Select **Another VPC to peer with**. Then select **Add tag** and enter the key-value pair of the VPC you want to connect with. - -1. Select **Create Peering Connection**. - -1. In the confirmation, select **OK**. - -1. Select the VPC peering connection that you created, select **Actions**, and then select **Accept Request**. - -1. In the confirmation, select **Yes, Accept**. A second confirmation appears. Select **Modify my route tables now** to go directly to the route tables page, or select **Close** to do this later. - -1. Now that your VPC peering connection is active, you must add an entry to your VPC route tables to enable traffic to be directed between the peered VPCs. For more information, see [Update your route tables for a VPC peering connection](https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-routing.html). Three route tables are created at BigAnimal VPC. You need to update all of them. For more information, see [this FAQ article](https://support.biganimal.com/hc/en-us/articles/6935474150425-How-to-connect-BigAnimal-cluster-with-private-connectivity-at-AWS). - -1. Access the cluster with its domain name from your cluster's connection string. It's accessible from `vpc-client` after peering. - - ```shell - psql -h vpce-XXXXXXXXXXXXXXXXXXXX.eu-west-1.vpce.amazonaws.com -U edb_admin - __OUTPUT__ - Password for user edb_admin: - - psql (13.4 (Ubuntu 13.4-1.pgdg28.84+1), server 13.4.8 (Debian 13.4.8-1+deb10)) - WARNING : psql major version 13, server major version 13. Some psql features might not work. - SSL connection (protocol : TLSV1.3cipherTLS_AES_256_GCM_SHA384, bits : 256, compression : off) Type "help" for help. - - edb_admin=> - ``` - -#### Create a VPC peering connection with a VPC in a different region - -1. Open the [Amazon VPC console](https://console.aws.amazon.com/vpc/). - -1. In the navigation pane, select **Peering Connections > Create Peering Connection**. - -1. You can optionally name your VPC peering connection. Doing so creates a tag with a key of the name and a value that you specify. - -1. Select the requester VPC in your account with which to request the VPC peering connection. - -1. Ensure **My account** is selected. - -1. Select **Another region**, and then select the region in which the accepter VPC resides. - -1. Enter the ID of the client VPC. - -1. Select **Create Peering Connection**. - -1. In the confirmation, select **OK**. - -1. Select the region of the accepter VPC in the upper-right corner of the AWS console. - -1. In the navigation pane, select **Peering Connections**. Select the VPC peering connection that you created, select **Actions**, and then select **Accept Request**. - -1. In the confirmation, select **Yes, Accept**. A second confirmation appears. Select **Modify my route tables now** to go directly to the route tables page, or select **Close** to do this later. - -1. Now that your VPC peering connection is active, you must add an entry to your VPC route tables to enable traffic to be directed between the peered VPCs. For more information, see [Update your route tables for a VPC peering connection](https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-routing.html). Three route tables are created at BigAnimal VPC. You must update all of them. For more information, see [this FAQ article](https://support.biganimal.com/hc/en-us/articles/6935474150425-How-to-connect-BigAnimal-cluster-with-private-connectivity-at-AWS). - -1. Access the cluster with its domain name from your cluster's connection string. It's accessible from `vpc-client` after peering. - - ```shell - psql -h vpce-XXXXXXXXXXXXXXXXXXXX.eu-west-1.vpce.amazonaws.com -U edb_admin - __OUTPUT__ - Password for user edb_admin: - - psql (13.4 (Ubuntu 13.4-1.pgdg28.84+1), server 13.4.8 (Debian 13.4.8-1+deb10)) - WARNING : psql major version 13, server major version 13. Some psql features might not work. - SSL connection (protocol : TLSV1.3cipherTLS_AES_256_GCM_SHA384, bits : 256, compression : off) Type "help" for help. - - edb_admin=> - ``` diff --git a/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/index.mdx b/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/index.mdx index 0d6c7864b44..1d7c3dea5e7 100644 --- a/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/index.mdx +++ b/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/index.mdx @@ -1,6 +1,7 @@ --- title: Connecting from AWS navTitle: From AWS +deepToC: true redirects: - /biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/01_vpc_endpoint/ --- From e5c8cef47fd5ef62875713fa6c9a1dc75be3bfc3 Mon Sep 17 00:00:00 2001 From: drothery-edb Date: Thu, 7 Sep 2023 07:35:11 -0400 Subject: [PATCH 2/3] added links to kb articles for endpoint method --- .../02_connecting_from_aws/index.mdx | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/index.mdx b/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/index.mdx index 1d7c3dea5e7..106ab7bffb3 100644 --- a/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/index.mdx +++ b/product_docs/docs/biganimal/release/using_cluster/02_connecting_your_cluster/02_connecting_from_aws/index.mdx @@ -142,6 +142,11 @@ Now that your endpoint service is created, you can connect it to the cluster VPC In your application's AWS account, select **VPC** and then select **Endpoints**. Select the endpoint you created previously and use the DNS name provided in the details section to access your cluster. -### Other method when using your account +#### Related knowledge base articles -[VPC peering](02_vpc_peering) +- [Using the VPC endpoint method to connect to BigAnimal's account](https://support.biganimal.com/hc/en-us/articles/21312607867417-AWS-BAH-Connect-to-BigAnimal-hosted-private-cluster-using-AWS-VPC-endpoint) +- [Using the VPC endpoint method to connect to your account](https://support.biganimal.com/hc/en-us/articles/7514502928281-AWS-Connect-to-BigAnimal-private-cluster-using-AWS-Client-VPN-endpoint) + +### Alternative method: VPC peering + +- [VPC peering](02_vpc_peering) From 0ee0c7b8cc5e4acd0cdec7a0d47b8c9055094296 Mon Sep 17 00:00:00 2001 From: drothery-edb Date: Thu, 7 Sep 2023 07:35:31 -0400 Subject: [PATCH 3/3] added links to endpoint KB articles --- product_docs/docs/biganimal/release/knowledge_base.mdx | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/product_docs/docs/biganimal/release/knowledge_base.mdx b/product_docs/docs/biganimal/release/knowledge_base.mdx index d327bbb1306..9f172e35cbb 100644 --- a/product_docs/docs/biganimal/release/knowledge_base.mdx +++ b/product_docs/docs/biganimal/release/knowledge_base.mdx @@ -33,8 +33,10 @@ See the following article for step-by-step instructions for setting up deploying - [How to configure PgBouncer with a BigAnimal cluster](https://support.biganimal.com/hc/en-us/articles/4848726654745-How-to-configure-PgBouncer-with-BigAnimal-Cluster) -## Connecting to a private BigAnimal cluster using AWS VPC peering +## Connecting to a private BigAnimal cluster using AWS -See the following article for step-by-step instructions for setting up the connection to a private BigAnimal cluster using AWS VPC peering: +See the following articles for step-by-step instructions for setting up the connection to a private BigAnimal cluster using AWS: +- [Using the VPC endpoint method to connect to BigAnimal's account](https://support.biganimal.com/hc/en-us/articles/21312607867417-AWS-BAH-Connect-to-BigAnimal-hosted-private-cluster-using-AWS-VPC-endpoint) +- [Using the VPC endpoint method to connect to your account](https://support.biganimal.com/hc/en-us/articles/7514502928281-AWS-Connect-to-BigAnimal-private-cluster-using-AWS-Client-VPN-endpoint) - [Connect to BigAnimal private cluster using AWS VPC peering](https://support.biganimal.com/hc/en-us/articles/6935474150425-AWS-Connect-to-BigAnimal-private-cluster-using-AWS-VPC-peering) \ No newline at end of file