📄️ Create a Project and Enable Necessary APIs
To launch and manage resources for your CelerData deployments in Google Cloud, you must create a project in your Google Cloud account, and enable necessary APIs for it.
📄️ Create a Service Account for your Compute Engine
CelerData generates a profile for each query during query execution, and stores it in storage for ease of your reference. The profile is generated by the virtual machine instances on which your CelerData cluster is deployed, and is stored in a Cloud Storage bucket. In addition, if you create an Elastic cluster, the data will be stored in this bucket by default.
📄️ Grant Google Cloud Resource Permissions to CelerData
This topic will guide you on how to grant necessary permissions to CelerData for cluster deployment and scaling operations using IAM roles.
📄️ Create a VPC Network, a Subnet, and Firewall Rules
To deploy a CelerData cluster on GCP, you must specify a subnet for the virtual machine instances on which the cluster depends, and create specific firewall rules for ingress and egress to define the inbound and outbound traffic rules that the cluster nodes must adhere to for cross-node communication and external communication.
📄️ Create a Private Service Connect Endpoint
You can create a Private Service Connect (PSC) endpoint on Google Cloud Platform (GCP) to enable direct, secure connectivity between CelerData's VPC and your own VPC. If your cluster is deployed in a private subnet without internet access, you must configure the correct PSC endpoint for connectivity.
📄️ Configure Network for Private Link
When you deployed a CelerData cluster using Private Service Connect (PSC) but disabled the public access to the Cluster console during or after the deployment, cluster users can only access the CelerData Cluster console via a URL in the format .privatelink.celerdata.com. All traffic to the CelerData Cluster console is routed to the .privatelink.celerdata.com-formatted domain and then the PSC endpoint, which is automatically mapped by a Cloud DNS. The Cloud DNS configuration creates a mapping of .{region}.p.celerdata.com to the private IP of the PSC endpoint.
📄️ Configure Network for Private Access to Google APIs and Services
If you deploy a CelerData cluster in a private subnet for security reasons, the cluster, by default, cannot not be accessed or access resources over the public internet, including Google APIs and Services. However, CelerData Cloud requires access to Google APIs and services to: