Connect from a client application to a CelerData cluster

You can connect to CelerData clusters from your client application to query and visualize the data in your data lakes and relational databases.

The connection methods vary depending on your cloud provider. Currently, CelerData supports the following cloud providers:

• AWS
• Azure

AWS

Connect from a client application on a public network

If you want to connect your client applications on a public network to your CelerData cluster, you must specify the public subnet ID, and configure the security group with inbound rules that allow client access.

Follow these steps to add an inbound rule to the security group of the VPC that hosts your CelerData cluster:

1. Sign in to the AWS VPC console as a user with administrator privileges.

2. In the upper-right corner of the page, select your AWS region.

3. In the left-side navigation pane, choose Security > Security groups.

4. On the Security groups page, click the security group ID of the VPC that hosts your CelerData cluster.

5. On the detail page of the security group, click Edit inbound rules on the Inbound rules tab.

6. On the Edit inbound rules page, click Add rule to add an inbound rule.

7. Edit the inbound rule:

   If you want to expose your CelerData cluster to all applications on public networks, you can edit it as follows:

   a. Set Type to All traffic.

   b. Set Source to Anywhere-IPv4.

   If you want to expose your CelerData cluster to a specific application on public networks, you can edit it as follows:

   a. Set Type to All traffic.

   b. Set Source to Custom and specify the IP address of your application.

8. Click Save rules.

Connect from a client application on a private subnet

If you want to connect to your CelerData cluster from a client application that is in a custom VPC, you must configure the VPC that hosts the FEs in your CelerData cluster to allow the client application to request port 9030.

You can connect your CelerData cluster from your client application using the same VPC that hosts the FE node, or from another custom VPC via VPC peering connection.

Create a VPC peering connection

Follow these steps to create a VPC peering connection:

1. Sign in to the AWS VPC console as a user with administrator privileges.
2. In the navigation pane, choose Virtual private cloud > Peering connections.
3. Choose Create peering connection.
4. Configure the information as follows, and choose Create Peering Connection when you are done:
   • Peering connection name tag: You can optionally name your VPC peering connection.
   • VPC (Requester): Select the VPC in your account with which to create the VPC peering connection.
   • Account: Choose My account to create a peering connection with a VPC within this account, or choose Another account to create a peering connection with a VPC from another account.
   • Account ID: Enter the AWS account ID of the owner of the accepter VPC if you choose Another account.
   • Region: Choose This Region if the accepter VPC resides in the same region. If it resides in a different region, choose Another region, and select the region in which the accepter VPC resides.
   • VPC (Accepter): Enter the ID of the VPC with which to create the VPC peering connection.
5. In the confirmation dialog box, choose OK.

Accept a peering connection

Follow these steps to accept a VPC peering connection:

1. Sign in to the AWS VPC console as a user with administrator privileges.
2. In the upper-right corner of the page, select the region of the accepter VPC.
3. In the navigation pane, choose Virtual private cloud > Peering connections.
4. Select the pending VPC peering connection (the status is pending-acceptance), and choose Actions, Accept Request.
5. In the confirmation dialog box, choose Yes, Accept.

Azure

Connect from a client application on a public network

To allow your client application on a public network to access your CelerData cluster deployed on Azure, follow these steps to add an inbound security rule to the network security group of the virtual network that hosts your CelerData cluster:

1. Sign in to the Microsoft Azure portal.

2. Navigate to the Network security groups service page, and click the network security group that your CelerData cluster belongs to.

3. On the page that appears, choose Inbound security rules in the left-side pane, and click Add to add a new inbound security rule.

4. In the right-side pane that appears, configure the inbound security rule:

   If you want to expose your CelerData cluster to all applications on public networks, you can edit it as follows:

a. Select Any from the Source drop-down list.

b. Enter * in the Source port ranges field.

c. Enter 9030 in the Destination port ranges field.

If you want to expose your CelerData cluster to a specific application on public networks, you can edit it as follows:

a. Select IP Address from the Source drop-down list.

b. Specify the IP address of your application in the Source IP addresses/CIDR ranges field.

c. Enter * in the Source port ranges field.

d. Enter 9030 in the Destination port ranges field.

For other fields, you can use the default settings.

5. Click Add to add the inbound security rule.

Connect from a client application on a private subnet

If you want to connect to your CelerData cluster from a client application that is in a custom virtual network, you must configure the virtual network that hosts the FEs in your CelerData cluster to allow the client application to request port 9030.

You can connect your CelerData cluster from your client application using the same virtual network that hosts the FE nodes, or from another custom virtual network via virtual network peering.

Create a VPC peering connection

Follow these steps to create a VPC peering connection:

1. Sign in to the Microsoft Azure portal.

2. Navigate to the Virtual networks service page, and click the virtual network that hosts your CelerData cluster.

3. On the page that appears, choose Peerings in the left-side pane, and click Add to add a virtual network peering.

4. On the Add peering page, configure the virtual network peering:

   a. Enter a name for the peering link in the Peering link name field for This virtual network.

   b. Choose Allow <your_virtual_network_name> to access the peered virtual network.

   c. Enter a name for the peering link in the Peering link name field for Remote virtual network.

   d. Select the deployment model of the virtual network you want to peer with in the Virtual network deployment model section.

   e. Select the subscription of the virtual network you want to peer with from the Subscription drop-down list.

   f. Select the virtual network you want to peer with from the Virtual network drop-down list.

   NOTE

   If you do not have read access to the virtual network or subscription you want to peer with, but only the resource ID of the virtual network, you must choose I know my resource ID, and specify the resource ID of the virtual network you want to peer with in the Resource ID field.

   g. Choose Allow the peered virtual network to access <your_virtual_network_name>.

5. Click Add to add the virtual network peering.