Setting up VPC peering connection

Navigation:  Installation > Installing KuberDock at Amazon Web Services >

Setting up VPC peering connection

Previous pageReturn to chapter overviewNext page

When deploying in Amazon Web Services, external hosts (like hosting control panels or billing systems) may be set up in a Virtual Private Cloud other than that where KuberDock cluster has been installed. To enable KuberDock and the host interaction in such cases, a VPC peering connection is required.

 

The VPC peering connection can be established between VPCs of the same AWS account as well as between ones belonging to different accounts.

 

Both cases are similar to great extent. Brief description of the connection setup within a common AWS account is given below. For the detailed explanations please refer the Working with VPC Peering Connections section of the AWS documentation.

 

A VPC peering connection can be created via Amazon VPC console:

 

vpc_01

 

Select a desired VPC and initiate a request to peer it with another VPC:

 

vpc_02

 

Accept the request:

 

vpc_03

 

At this point you will be proposed to modify your route tables (it may be done later as well).

 

Go to the route tables page and add a route to the route table associated with the subnet where the instance resides:

 

vpc_04

 

The connection needs proper configuration of KuberDock and the host subnets:

 

vpc_05

 

vpc_06

 

Route Tables should be updated for both ends of the VPC Peering Connection:

 

vpc_07

 

vpc_08

 

Then it is necessary to enable DNS for the connection:

 

vpc_09

 

Finally, the inbound and outbound rules for both VPC security groups should be properly updated to reference security groups in the peered VPC:

 

vpc_10

 

vpc_11

 

Note that to be able to perform the actions above, users need to be granted by means of an appropriate IAM policy with permission to create or modify VPC peering connections.