private dns
This commit is contained in:
Pablo Martin
parent
b4191bd58d
commit
e03c57e094
1 changed files with 17 additions and 1 deletions
|
|
@ -137,7 +137,7 @@ Follow this to deploy the entire data infra.
|
|||
- Action: Allow
|
||||
- Priority: 100
|
||||
- Postgres Services Rule
|
||||
- Name: AllowPostgresFromJumphostInbound
|
||||
- Name: AllowPostgresFromServicesInbound
|
||||
- Source: the addresss range for the `services-subnet`. In this example, `10.69.0.64/26`.
|
||||
- Source port ranges: *
|
||||
- Destination: the addresss range for the `databases-subnet`. In this example, `10.69.0.8/29`.
|
||||
|
|
@ -155,8 +155,24 @@ Follow this to deploy the entire data infra.
|
|||
- Action: Allow
|
||||
- Priority: 1000
|
||||
|
||||
### 2.3 Private DNS Zone
|
||||
|
||||
- We will set up a private DNS Zone to avoid using hardcoded IPs to refer to services within the virtual network. This makes integrations more resilient because a service can change its IP and still be reached by other services (as long as other network configs like firewalls are still fine).
|
||||
- Create the Private DNS Zone
|
||||
- Name it: `<your-env>.data.superhog.com`
|
||||
- Add tags:
|
||||
- `team: data`
|
||||
- `environment: <your-env>`
|
||||
- `project: network`
|
||||
- Add a new virtual network link to the zone
|
||||
- Name it: `privatelink-<your-env>.data.superhog.com`
|
||||
- Associate it to the virtual network.
|
||||
- Enable autoregistration
|
||||
|
||||
## 3. Jumphost
|
||||
|
||||
### 3.1 Deploy Jumphost machine
|
||||
|
||||
## 4. DWH
|
||||
|
||||
## 5. Airbyte
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue