mirror of
https://github.com/hasura/graphql-engine.git
synced 2024-09-19 14:37:32 +03:00
docs: add dedicated vpc docs for gcp
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/5560 Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Sean Park-Ross <94021366+seanparkross@users.noreply.github.com> Co-authored-by: Rikin Kachhia <54616969+rikinsk@users.noreply.github.com> GitOrigin-RevId: 811e49ca8c4a0b6d44fad4f965b0f3688384c6da
This commit is contained in:
parent
6648466a3f
commit
964dec9fb3
@ -22,12 +22,12 @@ import HeadingIcon from '@site/src/components/HeadingIcon';
|
||||
## Introduction
|
||||
|
||||
Users can request a Dedicated VPC to be provisioned for them on Hasura Cloud so that they have better isolation in terms
|
||||
of their project placement and they can initiate VPC peering with their own networks for secure connectivity.
|
||||
of their project placement. They can also initiate VPC peering with their own networks for secure connectivity.
|
||||
|
||||
:::info Note
|
||||
|
||||
Dedicated VPC is only available as part of **Cloud Enterprise** plan. Peering requests are only available for **AWS** or
|
||||
services running on AWS. [Contact Sales](https://hasura.io/contact-us/) to know more.
|
||||
Dedicated VPC is only available as part of **Cloud Enterprise** plan. Peering requests are available for **AWS** and
|
||||
**GCP**. [Contact Sales](https://hasura.io/contact-us/) to know more.
|
||||
|
||||
:::
|
||||
|
||||
@ -41,15 +41,15 @@ VPC** button on top. It'll open up a form with the following fields:
|
||||
|
||||
Enter the following details:
|
||||
|
||||
- **VPC Display Name**
|
||||
- **VPC CIDR block**: A valid private IPV4 CIDR block (it cannot be `10.2.0.0/16`, also it cannot conflict with your
|
||||
VPCs that you intend to peer with this VPC)
|
||||
- **VPC Region**: region where the VPC should be provisioned (note that projects will also be created in this region,
|
||||
within the VPC)
|
||||
- **Cloud Provider**
|
||||
- **Region**: region where the VPC should be provisioned (note that projects will also be created in this region
|
||||
- **VPC Name**: A display name for Hasura Dashboard
|
||||
- **VPC CIDR**: A valid private IPV4 address range (/16) that should be used with this VPC. For example `172.16.0.0/16`,
|
||||
`10.10.0.0/16` etc. (it cannot be `10.2.0.0/16`, also it cannot conflict with the VPCs that you intend to peer with this
|
||||
VPC)
|
||||
|
||||
Once you submit the request, the VPC will be shown as **Pending**. Hasura Cloud team may take 1-2 business days to
|
||||
complete your request. Once the VPC is provisioned, you will be able to see the VPC's details and create peering and
|
||||
projects.
|
||||
Once you submit the request, the VPC will appear as **Pending**. It will take about 10-20 minutes for your VPC to be
|
||||
provisioned. Once it is provisioned, you will be able to see the VPC's details and create peering and projects.
|
||||
|
||||
If the provisioning failed, you'll see the VPC in a **Failed** state. Reach out to support to resolve this.
|
||||
|
||||
@ -58,7 +58,7 @@ If the provisioning failed, you'll see the VPC in a **Failed** state. Reach out
|
||||
Once the VPC is provisioned, create a project by clicking on the **New Project** button in VPC details screen or get in
|
||||
touch with us to migrate your existing hasura project to the VPC.
|
||||
|
||||
<Thumbnail src='/img/deployment/dedicated-vpc/create-vpc-projects.png' alt='Create VPC Project' width='600px' />
|
||||
<Thumbnail src='/img/deployment/dedicated-vpc/create-vpc-projects.png' alt='Create VPC Project' width='500px' />
|
||||
|
||||
All projects within a VPC is listed under **Projects**.
|
||||
|
||||
@ -66,41 +66,47 @@ All projects within a VPC is listed under **Projects**.
|
||||
|
||||
## VPC Peering
|
||||
|
||||
Your Dedicated VPC can be peered with other networks that you own on AWS or managed services like Aiven or Timescale
|
||||
Cloud that run on AWS. It will enable private connectivity to your databases and other APIs from Hasura Cloud. You will
|
||||
not have to expose them publicly anymore.
|
||||
- [AWS](#aws)
|
||||
- [GCP](#gcp)
|
||||
|
||||
You can view all the request and active peerings in the **Peerings** tab.
|
||||
### AWS
|
||||
|
||||
Your Dedicated VPC can be peered with other networks that you own on AWS or managed services like Aiven or Timescale
|
||||
Cloud that run on AWS. It will enable private connectivity to your databases and other APIs from Hasura Cloud and
|
||||
you will not have to expose them publicly.
|
||||
|
||||
You can view all the requests and active peerings in the **Peerings** tab.
|
||||
|
||||
To create a new peering request, click on the **Initiate Peering Request** button.
|
||||
|
||||
<Thumbnail src='/img/deployment/dedicated-vpc/create-peering-request.png' alt='Create Peering Request' width='900px' />
|
||||
|
||||
There are two types of peering requests:
|
||||
There are two types of peering requests in AWS:
|
||||
|
||||
- Hasura to Customer
|
||||
- Customer to Hasura
|
||||
|
||||
### Hasura to Customer
|
||||
#### Hasura to Customer
|
||||
|
||||
This is typically used if you want to connect to RDS or Action/Event Trigger webhooks within an AWS VPC that you own.
|
||||
|
||||
<Thumbnail src='/img/deployment/dedicated-vpc/hasura-to-customer-peering.png' alt='Hasura to Customer' width='600px' />
|
||||
<Thumbnail src='/img/deployment/dedicated-vpc/hasura-to-customer-peering.png' alt='Hasura to Customer' width='500px' />
|
||||
|
||||
Fill in the form with the following details:
|
||||
|
||||
- **Display Name**
|
||||
- **AWS Account ID**: Account ID for your AWS account which contains the VPC (typically a 12 digit number)
|
||||
- **AWS VPC ID**: ID of your AWS VPC that you want to peer with (starts with `vpc-`)
|
||||
- **AWS VPC CIDR**: CIDR of your AWS VPC (if you have more than one CIDR for the VPC, please contact us)
|
||||
- **AWS VPC CIDR**: CIDR of your AWS VPC (if you have more than one CIDR for the VPC please
|
||||
[contact us](https://hasura.io/help/))
|
||||
- **Region**: AWS region where your VPC is provisioned
|
||||
|
||||
Once you fill in these details and initiate the peering request, it will appear as **Request Pending**. Hasura Cloud
|
||||
team may take 1-2 business day to provision the peering request. Once it is provisioned, you will see that status is
|
||||
changed to **Action Required**.
|
||||
will now provision the resources and send a peering request and you will see that status is changed to **Action
|
||||
Required**.
|
||||
|
||||
Accept the request on your AWS account to activate the peering connection. Once you do this, status will turn to
|
||||
**Active**. Note that it might take some time for the status to get updated on the dashboard.
|
||||
Accept the request on your AWS account to activate the peering connection. Once you do this, the status will turn to
|
||||
**Active**. Note that it might take a few minutes for the status to get updated on the dashboard.
|
||||
|
||||
After accepting the peering request, you need to follow these steps to start using the private network:
|
||||
|
||||
@ -117,12 +123,12 @@ Reach out to support using the **Help & Support** tab on dashboard if you face a
|
||||
|
||||
If the provisioning failed, you'll see the status as **Failed**. Reach out to support to resolve this.
|
||||
|
||||
### Customer to Hasura
|
||||
#### Customer to Hasura
|
||||
|
||||
This mode can be used if you're using a managed 3rd party service like Aiven or Timescale Cloud and want to initiate a
|
||||
peering request towards Hasura Cloud.
|
||||
|
||||
<Thumbnail src='/img/deployment/dedicated-vpc/customer-to-hasura-peering.png' alt='Customer to Hasura' width='600px' />
|
||||
<Thumbnail src='/img/deployment/dedicated-vpc/customer-to-hasura-peering.png' alt='Customer to Hasura' width='500px' />
|
||||
|
||||
This popup shows all the required info to create a peering request from the 3rd party service:
|
||||
|
||||
@ -142,11 +148,15 @@ Hasura Cloud.
|
||||
:::
|
||||
|
||||
Once you enter and initiate the peering request, you will see the peering as **Request Pending** on the dashboard.
|
||||
Hasura Cloud team may take 1-2 days to process the request. Once Hasura accepts the request, you will see that the
|
||||
peering is **Active**.
|
||||
Once Hasura accepts the request, you will see that the peering is **Active**. It will take about 5-10 minutes.
|
||||
|
||||
Now you should be able to use private IP addresses and private DNS names as Database URLs or Webhook URLs.
|
||||
|
||||
Reach out to support using the **Help & Support** tab on dashboard if you face any issues.
|
||||
|
||||
If the provisioning failed, you'll see the status as **Failed**. Reach out to support to resolve this.
|
||||
If the provisioning failed, you will see the status of **Failed**. Reach out to support to resolve this.
|
||||
|
||||
### GCP
|
||||
|
||||
For peering on GCP, please reach out to your account manager or contact us using
|
||||
[Help & Support](https://hasura.io/help/) page.
|
||||
|
Binary file not shown.
Before Width: | Height: | Size: 120 KiB After Width: | Height: | Size: 82 KiB |
Loading…
Reference in New Issue
Block a user