counterweight/superhog-infra-repo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

private dns

Browse source
This commit is contained in:
Pablo Martin 2024-02-06 16:55:20 +01:00
parent b4191bd58d
commit e03c57e094
1 changed files with 17 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

18
human-script.md
View file

@ -137,7 +137,7 @@ Follow this to deploy the entire data infra.
- Action: Allow - Action: Allow
- Priority: 100 - Priority: 100
- Postgres Services Rule - Postgres Services Rule
- Name: AllowPostgresFromJumphostInbound - Name: AllowPostgresFromServicesInbound
- Source: the addresss range for the `services-subnet`. In this example, `10.69.0.64/26`. - Source: the addresss range for the `services-subnet`. In this example, `10.69.0.64/26`.
- Source port ranges: * - Source port ranges: *
- Destination: the addresss range for the `databases-subnet`. In this example, `10.69.0.8/29`. - Destination: the addresss range for the `databases-subnet`. In this example, `10.69.0.8/29`.
@ -155,8 +155,24 @@ Follow this to deploy the entire data infra.
- Action: Allow - Action: Allow
- Priority: 1000 - Priority: 1000
### 2.3 Private DNS Zone
- We will set up a private DNS Zone to avoid using hardcoded IPs to refer to services within the virtual network. This makes integrations more resilient because a service can change its IP and still be reached by other services (as long as other network configs like firewalls are still fine).
- Create the Private DNS Zone
- Name it: `<your-env>.data.superhog.com`
- Add tags:
- `team: data`
- `environment: <your-env>`
- `project: network`
- Add a new virtual network link to the zone
- Name it: `privatelink-<your-env>.data.superhog.com`
- Associate it to the virtual network.
- Enable autoregistration
## 3. Jumphost ## 3. Jumphost
### 3.1 Deploy Jumphost machine
## 4. DWH ## 4. DWH
## 5. Airbyte ## 5. Airbyte