Create a private network connection with Alibaba Cloud
NineData supports the creation of private network connections to connect NineData and Alibaba Cloud's internal network. User can connect to cloud services through NineData without applying for a public network address for cloud services.
Prerequisite
- The cloud provider of the data source is Alibaba Cloud.
- User's Alibaba Cloud account has activated the Alibaba Cloud endpoint service. If not, please log in to Alibaba Cloud Endpoint Console, click Active Endpoint Service to activate.
limit
Currently, the regions that support the establishment of private network connections are , , and .
Automatically create private network connections
To automatically create a private network connection, user need to enter the Access Key or role information of the target Alibaba Cloud account into the NineData console in advance, that is, configure the cloud vendor access credentials.
Log in to NineData console.
In the left navigation bar, click Datasource > PrivateLink.
Click Create PrivateLink in the upper right corner of the page.
On the Create PrivateLink page, configure parameters according to the table below.
Parameter Description Name Enter a private network connection name. To facilitate subsequent search and management, please use meaningful names. Cloud Vendor Select the name of the cloud provider whose private network connection needs to be added. Select Alibaba Cloud here. Authorize Select Authorize cloud vendor access permissions and automatically create to automatically create a private network connection. Region Select the region where the data source that needs to be connected through the private network is located. Cloud Vendor Root Account ID Enter the Alibaba Cloud main account ID, click the blank area of the page after the input is complete, and see the prompt Add Successfully. Note : Only the main account ID is supported, not the sub-account ID. Please consult with the primary account owner for main account ID if necessary. Access Credentials Select the configured cloud vendor access credentials. If not configure yet, please see Configuring Cloud Vendor Access Credentials for instruction. VPC Select the private network VPC to be used for the endpoint.
Important: Please make sure that this VPC is the same as your ECS's VPC, or there is intranet connectivity between the two VPCs.Click Test Connection, wait for the prompt that Connection Succeeded, and click Create PrivateLink to complete the creation.
tipIf the connection test fails, correct the parameter configuration until the connection test passes.
If the system reports an error:
Privatelink-CreateVpcEndpoint: The product is not activated., it indicates that the Alibaba Cloud endpoint service has not been actived yet. Please log in to the [Alibaba Cloud endpoint console](https://vpc.console.aliyun.com/ endpoint/cn-hangzhou/endpoints), click Active Endpoint Service to activate.
Manually create a private network connection
Log in to NineData console.
In the left navigation bar, click Datasource > PrivateLink.
Click Create PrivateLink in the upper right corner of the page.
On the Create PrivateLink page, configure parameters according to the table below.
Parameter Description Name Enter a private network connection name. To facilitate subsequent search and management, please use meaningful names. Cloud Vendor Select the name of the cloud provider whose private network connection needs to be added. Select Alibaba Cloud here. Authorize Select Without authorization, manually create. Region Select the region where the data source that needs to be connected through the private network is located. Cloud Vendor Root Account ID Enter the Alibaba Cloud main account ID, click the blank area of the page after the input is complete, and see the prompt to Add Successfully.
Note : Only the main account ID is supported, not the sub-account ID. Please consult with the primary account owner for main account ID if necessary.Endpoint ID Copy the Connection Enpoint Service ID provided on the page, log in to the Alibaba Cloud console to create the server, and enter the instance ID of the server upon completation. For how to create, please refer to the appendix. Endpoint IP Enter the IP address for the endpoint ID. For how to obtain it, please refer to the appendix. Click Connection Test, wait for the prompt that Connection Succeeded, and click Create PrivateLink to complete the creation.
tipIf the connection test fails, correct the parameter configuration until the connection test passes.
Appendix: Create an Alibaba Cloud endpoint
Note : There is no charge for creating an Alibaba Cloud endpoint.
Log in to Alibaba Cloud endpoint console.
Click the Reverse Endpoint tab in the console.
Click Create Endpoint and configure parameters according to the table below.
tipIf cannot allocate the button to Create Endpoint, it means the user has not opened the Alibaba Cloud private network connection service before, please click to activate the Active Endpoint Service, select the service agreement in the pop-up window, and click Activate PrivateLink.
Parameter Description Endpoint Name Enter the name of the endpoint, with a length of 2 to 128 characters, starting with English letters, and can contain numbers, underscores (_) and hyphens (-). Endpoint Type Choose Reverse Endpoint. Endpoint Service Click the Select Services tab, paste the Connection Endpoint Service ID provided in the NineData console into the input box, press Enter, and select the filtered server.
Note : If no results are filtered, make sure the correct Connection Endpoint Service ID is ended.VPC Select the VPC used by the ECS where the data source resides. Security Groups Select a security group. If have not created a security group, please refer to the official documentation of Alibaba Cloud. Zones and vSwitche Select the zone and vSwitch of the ECS where the data source is located. Click OK to create, and the page will automatically jump to the details page of the newly created server. Wait for the creation to complete, and record the instance ID and IP Address, as shown in the figure below, and then return to continue configuring the private network connection.
