Skip to main content

Configure Network for Private Link

When you deployed a CelerData cluster using Private Service Connect (PSC) but disabled the public access to the Cluster console during or after the deployment, cluster users can only access the CelerData Cluster console via a URL in the format *.privatelink.celerdata.com. All traffic to the CelerData Cluster console is routed to the *.privatelink.celerdata.com-formatted domain and then the PSC endpoint, which is automatically mapped by a Cloud DNS. The Cloud DNS configuration creates a mapping of {endpoint_name}.{region}.p.celerdata.com to the private IP of the PSC endpoint.

The complete routing flow is as follows:

Cluster users
  -> *.privatelink.celerdata.com
  -> {endpoint_name}.{region}.p.celerdata.com
  -> PSC Endpoint IP
  -> CelerData Cluster console
  • Cluster users communicate with the CelerData Cluster console through the *.privatelink.celerdata.com-formatted domain.
  • The domain *.privatelink.celerdata.com must be resolved to {endpoint_name}.{region}.p.celerdata.com, which requires setting up a Cloud DNS zone as described in the following section.
  • The domain {endpoint_name}.{region}.p.celerdata.com is mapped to the PSC Endpoint's private IP by the Cloud DNS zone which is automatically crated when you create the PSC endpoint.

To enable private network access, you must create a private Cloud DNS zone with a CNAME record that maps *.privatelink.celerdata.com to {endpoint_name}.{region}.p.celerdata.com.

Create a Private Cloud DNS Zone

Follow these steps to create a private Cloud DNS zone:

  1. Sign in to your project in the Google Cloud console.
  2. Expand the left-side navigation menu, and choose Network Services > Cloud DNS.
  3. Click CREATE ZONE. image
  4. On the Create a DNS zone page, follow these steps:
    • For Zone type, select Private.
    • Enter a Zone name, for example, private-link.
    • For DNS name, enter privatelink.celerdata.com.
    • In the Network section, click ADD NETWORKS. In the New networks box, select your Project and choose the VPC Network for cluster deployment, and click DONE.
  5. Click CREATE.

Add a CNAME record

Follow these steps to add a CNAME record to the private Cloud DNS zone:

  1. Sign in to your project in the Google Cloud console.
  2. Expand the left-side navigation menu, and choose Network Services > Cloud DNS.
  3. Select the DNS zone you created.
  4. Click ADD STANDARD to create a CNAME record. image
  5. On the Create record set page, follow these steps:
    • For DNS name, enter *.
    • For Resource record type, select CNAME.
    • For Canonical name, enter {endpoint_name}.us-central1.p.celerdata.com. For example: psc-endpoint-test.us-central1.p.celerdata.com.
  6. Click CREATE.