4.1 KiB
4.1 KiB
Hybrid connectivity to on-premise services through PSC
The sample allows to connect to an on-prem service leveraging Private Service Connect (PSC).
It creates:
-
A producer: a VPC exposing a PSC Service Attachment (SA), connecting to an internal regional TCP proxy load balancer, using a hybrid NEG backend that connects to an on-premises service (IP address + port)
-
A consumer: a VPC with a PSC endpoint pointing to the PSC SA exposed by the producer. The endpoint is accessible by clients through a local IP address on the consumer VPC.
Sample modules
The blueprint makes use of the modules psc-producer and psc-consumer contained in this folder. This is done so you can build on top of these building blocks, in order to support more complex scenarios.
Prerequisites
Before applying this Terraform
- On-premises
- Allow ingress from 35.191.0.0/16 and 130.211.0.0/22 CIDRs (for HCs)
- Allow ingress from the proxy-only subnet CIDR
- GCP
- Advertise from GCP to on-prem 35.191.0.0/16 and 130.211.0.0/22 CIDRs
- Advertise from GCP to on-prem the proxy-only subnet CIDRs
Relevant Links
Variables
name | description | type | required | default |
---|---|---|---|---|
dest_ip_address | On-prem service destination IP address. | string |
✓ | |
prefix | Prefix to use for resource names. | string |
✓ | |
producer | Producer configuration. | object({…}) |
✓ | |
project_id | When referncing existing projects, the id of the project where resources will be created. | string |
✓ | |
region | Region where resources will be created. | string |
✓ | |
subnet_consumer | Consumer subnet CIDR. | string # CIDR |
✓ | |
zone | Zone where resources will be created. | string |
✓ | |
dest_port | On-prem service destination port. | string |
"80" |
|
project_create | Whether to automatically create a project. | bool |
false |
|
vpc_config | VPC and subnet ids, in case existing VPCs are used. | object({…}) |
{…} |
|
vpc_create | Whether to automatically create VPCs. | bool |
true |