Skip to main content

GCP BAH | Connect to BigAnimal hosted private cluster using GCP Private Endpoint

shanshan zhao
  • Updated

Background

This article introduces the steps to connect a private BigAnimal cluster setup in the BigAnimal Hosted account.

For BYOA private connection setup, please kindly refer to GCP | Connect to BigAnimal private cluster using GCP Private Endpoint, and GCP | Connect to BigAnimal private cluster using GCP VPC Peering

Prerequisites

  • A private BigAnimal Cluster deployed in a GCP project
  • A VM with psql or edb-psql installed in your GCP project. The example here is: development-data 
  • VM's VPC has a subnet in the same region as BigAnimal Cluster. 

Main Steps

  1. Make sure GCP project ID is set
  2. Create Endpoint in your GCP project
    1. Get client VPC info
    2. Create an endpoint
  3. Private DNS Zone
  4. Connect to BigAnimal

Step 1 GCP project ID

When creating a private cluster, your Google Cloud Project ID is required. This GCP Project will be added to the allowlist, then the connection from this project will be accepted by BigAnimal.
Please make sure your VM is running in this GCP project.

Step 2 Create Endpoint from Client Application

Go to your GCP project, here is development-data

2.1 Get VPC info

If there is no existing VM in GCP, you are recommended to create a VM in the same region as BigAnimal Cluster. 

If the VM is running, then go to your VM, Network Interface - Network is your VPC, (below default is my VM’s VPC)

 

2.2 Create an endpoint with VPC

Go to your GCP project, here is development-data

  1. Go to Private Service Connect - CONNECTED ENDPOINTS - + CONNECT ENDPOINT
     
  2. Target: Published Service, and paste Service Attachment URL from Cluster - Connect
  3. Endpoint Name: use BigAnimal cluster ID (for example p-zxvvj29eca)
  4. Choose the VPC(of your VM) and select the subnet (if no subnet is available, then please check VPC requirement below )
  5. Create an IP address, or choose an existing IP that is not used by the other endpoints
  6. Enable Global Access – Please note, if your VM is running in a different region from BigAnimal, then Global Access should be enabled. 
  7. Create the endpoint.
  8. Check the endpoint status is accepted and get the IP address.

2.3 Connect to BigAnimal with IP

Step 3 Private DNS Zone

  1. Go to Network services, Cloud DNS
  2. Check if the Cloud DNS zone already exists, filtering with the DNS name
    DNS name     is from your BigAnimal Cluster’s host, exclude the cluster ID.

     

     

  3. If not, create a DNS zone with Service Directory

    Just make sure the VPC, Region, Namespace are the same as your endpoint.

    If you configured with Service Directory, then all the Endpoints in the same VPC, Region, Namespace will be added to this DNS zone automatically.

Step 4 Connect to BigAnimal with the connection string 

Now you can connect with your <endpoint name>.private.bahstaging.s.edbcloud.io 

Please note, we do recommend you name the endpoint with the pg cluster id and then you can connect to the cluster with the connection string provided by BigAnimal.

Appendix A - Possible issues

VPC Requirement

If the application side VPC has not subnet in the same region as BigAnimal Cluster, then it will return the below errors when creating the endpoint. 

Solution: add a subnet in that region

Endpoint is in Pending or Error state

Pending state

It may be caused by the GCP project id was not added on BigAnimal side. Please go to your cluster edit page and verify the GCP project id is correct. If the problem still exists, contact BigAnimal support.

Error state

If the IP address is used by the other endpoint, then it will be in an error state. Solution: create a new IP when creating the endpoint.