Google Cloud VPC peering
You can use Google Cloud VPC network peering for your C-tier and D-tier Classic databases hosted on Google Cloud.
Prerequisites
-
An active Astra DB Classic database.
-
Administrative access or the ability to create virtual networks in your Google Cloud account.
Enable the connection in Astra DB
To enable the VPC peering connection in Astra DB, you need to attach the connection to your database, download the internal secure connect bundle for use with your VPC peering connection, and add your peering connection to your database’s IP access list.
-
Astra Portal
-
DevOps API
-
In the Astra Portal, go to Databases, and then select your database.
-
Click Add Peering Connection.
-
For Project ID, enter your Google Cloud project name.
-
For VPC Network Name, enter the VPC Network Name from the list of VPCs in your Google Cloud Console.
-
Click Initiate.
-
Use the DevOps API to get VPC peering connection details for a database:
curl -sS -L -X GET "https://api.astra.datastax.com/v2/peering/provider/gcp/database/DATABASE_ID" \ --header "Authorization: Bearer APPLICATION_TOKEN" \ --header "Content-Type: application/json"
Replace the following:
-
DATABASE_ID
: The database ID. -
APPLICATION_TOKEN
: An application token with the Database Administrator role.A successful request returns details about the database’s VPC peering connections. If there are none, the response is empty.
-
-
Use the DevOps API to create a VPC peering connection for a database:
curl -sS -L -X POST "https://api.astra.datastax.com/v2/peering/provider/gcp/database/DATABASE_ID" \ --header "Authorization: Bearer APPLICATION_TOKEN" \ --header "Content-Type: application/json" --data '{ "projectId": "GOOGLE_CLOUD_PROJECT", "vpcNetworkName": "VPC_NETWORK_NAME" }'
Replace the following:
-
DATABASE_ID
: The database ID. -
APPLICATION_TOKEN
: An application token with the Database Administrator role. -
GOOGLE_CLOUD_PROJECT
: Your Google Cloud project name. -
VPC_NETWORK_NAME
: The VPC Network Name from the list of VPCs in your Google Cloud Console.Response
A successful request returns an object describing the new VPC peering connection:
{ "connectionId": "PEERING_CONNECTION_UUID", "status": "CONNECTION_STATUS", "currentVpc": { "provider": "gcp", "account": "GOOGLE_CLOUD_PROJECT", "vpcId": "VPC_UUID", "cidrBlock": "137.187.23.0/24" }, "otherVpc": { "provider": "gcp", "account": "GOOGLE_CLOUD_PROJECT", "vpcId": "VPC_UUID", "cidrBlock": "137.187.23.0/24" } }
-
Initiate peering in Google Cloud
-
In the Google Cloud Console, go to VPC Network.
-
Click VPC network peering, click Create Connection, and then click Continue.
-
In Create peering connection, enter a name for the connection, and then select the VPN network.
-
In the Peered VPC Network section, enable In another project, and then enter the Astra DB Project ID and the VPC network name that you used in Astra DB.
-
Click Initiate Peering.
Remove a VPC peering connection
-
Use the DevOps API to delete a VPC peering connection for a database:
curl -sS -L -X DELETE "https://api.astra.datastax.com/v2/peering/provider/gcp/database/DATABASE_ID" \ --header "Authorization: Bearer APPLICATION_TOKEN" \ --header "Content-Type: application/json"
-
If applicable, remove the disconnected peering connection from GCP.