diff --git a/docs/user/_sidebar.md b/docs/user/_sidebar.md index 7d28ffcc..b7895d72 100644 --- a/docs/user/_sidebar.md +++ b/docs/user/_sidebar.md @@ -15,9 +15,9 @@ * [Back Up Network File System Volumes in Google Cloud](/cloud-manager/user/tutorials/01-20-21-gcp-nfs-volume-backup.md) * [Create Scheduled Automatic Network File System Volume Backups in Google Cloud](/cloud-manager/user/tutorials/01-20-22-gcp-scheduled-nfs-backup.md) * [Restore Network File System Volume Backups in Google Cloud](/cloud-manager/user/tutorials/01-20-23-gcp-nfs-volume-restore.md) - * [Create Virtual Private Cloud Peering in Amazon Web Services](/cloud-manager/user/tutorials/01-30-10-aws-vpc-peering.md) - * [Create Virtual Private Cloud Peering in Google Cloud](/cloud-manager/user/tutorials/01-30-20-gcp-vpc-peering.md) - * [Create Virtual Private Cloud Peering in Microsoft Azure](/cloud-manager/user/tutorials/01-30-30-azure-vpc-peering.md) + * [Creating VPC Peering in Amazon Web Services](/cloud-manager/user/tutorials/01-30-10-aws-vpc-peering.md) + * [Creating VPC Peering in Google Cloud](/cloud-manager/user/tutorials/01-30-20-gcp-vpc-peering.md) + * [Creating VPC Peering in Microsoft Azure](/cloud-manager/user/tutorials/01-30-30-azure-vpc-peering.md) * [Using AwsRedisInstance Custom Resources](/cloud-manager/user/tutorials/01-40-10-aws-redis-instance.md) * [Using GcpRedisInstance Custom Resources](/cloud-manager/user/tutorials/01-40-20-gcp-redis-instance.md) * [Glossary](/cloud-manager/user/00-10-glossary.md) diff --git a/docs/user/tutorials/01-30-10-aws-vpc-peering.md b/docs/user/tutorials/01-30-10-aws-vpc-peering.md index 986d3f94..e529cc84 100644 --- a/docs/user/tutorials/01-30-10-aws-vpc-peering.md +++ b/docs/user/tutorials/01-30-10-aws-vpc-peering.md @@ -1,4 +1,4 @@ -# Create VPC Peering in Amazon Web Services +# Creating VPC Peering in Amazon Web Services This tutorial explains how to create a Virtual Private Cloud (VPC) peering connection between a remote VPC network and SAP BTP, Kyma runtime in Amazon Web Services. Learn how to create a new VPC network, and a virtual machine (VM), and assign required permissions to the provided Kyma account and role in your AWS account. diff --git a/docs/user/tutorials/01-30-20-gcp-vpc-peering.md b/docs/user/tutorials/01-30-20-gcp-vpc-peering.md index 51595399..261fd3ec 100644 --- a/docs/user/tutorials/01-30-20-gcp-vpc-peering.md +++ b/docs/user/tutorials/01-30-20-gcp-vpc-peering.md @@ -1,4 +1,4 @@ -# Create VPC Peering in Google Cloud +# Creating VPC Peering in Google Cloud This tutorial explains how to create a Virtual Private Cloud (VPC) peering connection between a remote VPC network and SAP BTP, Kyma runtime in Google Cloud. @@ -16,80 +16,32 @@ This tutorial explains how to create a Virtual Private Cloud (VPC) peering conne Due to security reasons, the VPC network in the remote project, which receives the VPC peering connection, must contain a tag with the Kyma shoot name. -1. Fetch your Kyma ID. +1. Fetch your Kyma ID and export it as an environment variable. ```shell - kubectl get cm -n kube-system shoot-info -o jsonpath='{.data.shootName}' + export KYMA_SHOOT_ID=`kubectl get cm -n kube-system shoot-info -o jsonpath='{.data.shootName}'` ``` -2. Replace the placeholder with the fetched Kyma ID and export it as an environment variable. - - ```shell - export KYMA_SHOOT_ID={YOUR_KYMA_ID} - ``` - -3. Replace the placeholder with your project ID and export it as an environment variable. +2. Export your project ID and VPC network as environment variables. ```shell export REMOTE_PROJECT_ID={YOUR_REMOTE_PROJECT_ID} + export REMOTE_VPC_NETWORK={REMOTE_VPC_NETWORK} ``` -4. Create a tag key with the Kyma shoot name in the remote project. +3. Create a tag key with the Kyma shoot name in the remote project. ```shell gcloud resource-manager tags keys create $KYMA_SHOOT_ID --parent=projects/$REMOTE_PROJECT_ID ``` -5. Fetch the tag created in the previous step. +4. Create a tag value in the remote project. ```shell - gcloud resource-manager tags keys list --parent=projects/$REMOTE_PROJECT_ID + gcloud resource-manager tags values create None --tag-key=$REMOTE_PROJECT_ID/$KYMA_SHOOT_ID ``` - The command returns an output similar to this one: - - ```console - NAME SHORT_NAME DESCRIPTION - tagKeys/123456789012345 shoot--kyma-dev--abc1234 - ``` - -6. Replace the `tagKeys/123456789012345` placeholder with your tag key and export it as an environment variable. Your tag key is the value returned in the `NAME` column of the previous command's output. - - ```shell - export TAG_KEY="tagKeys/123456789012345" - ``` - -7. Export any valid tag value. For example, `None`. - - ```shell - export TAG_VALUE=None - ``` - -8. Create the tag value in the remote project. - - ```shell - gcloud resource-manager tags values create $TAG_VALUE --tag-key=$TAG_KEY - ``` - -9. Fetch the tag with the value created in the previous step. - - ```shell - gcloud resource-manager tags values list --parent=$TAG_KEY - ``` - -10. Replace the `tagValues/1234567890123456789` placeholder with the fetched tag value. Export it as an environment variable. - - ```shell - export TAG_VALUE="tagValues/1234567890123456789" - ``` - -11. Replace the placeholder with your VPC network name and export it as an environment variable. - - ```shell - export REMOTE_VPC_NETWORK={REMOTE_VPC_NETWORK} - ``` - -12. Fetch the network selfLinkWithId from the remote vpc network. +5. Fetch the network `selfLinkWithId` from the remote VPC network. ```shell gcloud compute networks describe $REMOTE_VPC_NETWORK @@ -108,13 +60,13 @@ Due to security reasons, the VPC network in the remote project, which receives t ... ``` -13. Export resource ID environment variable. Use the value of `selfLinkWithId` returned in the previous command's output, but replace `https://www.googleapis.com/compute/v1` with `//compute.googleapis.com`. +6. Export resource ID as an environment variable. Use the value of `selfLinkWithId` returned in the previous command's output, but replace `https://www.googleapis.com/compute/v1` with `//compute.googleapis.com`. ```shell export RESOURCE_ID="//compute.googleapis.com/projects/remote-project-id/global/networks/1234567890123456789" ``` -14. Add the tag to the VPC network. +7. Add the tag to the VPC network. ```shell gcloud resource-manager tags bindings create --tag-value=$TAG_VALUE --parent=$RESOURCE_ID @@ -175,3 +127,19 @@ Due to security reasons, the VPC network in the remote project, which receives t ``` The **status.conditions** field contains information about the VPC Peering status. + +## Next Steps + +When the VPC peering is not needed anymore, you can remove it. + +1. Delete the GcpVpcPeering resource from your Kyma cluster. + + ```shell + kubectl delete gcpvpcpeering vpcpeering-dev + ``` + +2. Remove the inactive VPC peering from the remote project. + + ```shell + gcloud compute networks peerings delete my-project-to-kyma-dev --network=remote-vpc-network --project=remote-project-id + ``` diff --git a/docs/user/tutorials/01-30-30-azure-vpc-peering.md b/docs/user/tutorials/01-30-30-azure-vpc-peering.md index 678cb4c7..68251df0 100644 --- a/docs/user/tutorials/01-30-30-azure-vpc-peering.md +++ b/docs/user/tutorials/01-30-30-azure-vpc-peering.md @@ -1,4 +1,4 @@ -# Create VPC Peering in Microsoft Azure +# Creating VPC Peering in Microsoft Azure This tutorial explains how to create a Virtual Private Cloud (VPC) peering connection between a remote VPC network and SAP, BTP Kyma runtime in Microsoft Azure. Learn how to create a new resource group, VPC network and a virtual machine (VM), and assign required roles to the provided Kyma service principal in your Microsoft Azure subscription. diff --git a/docs/user/tutorials/README.md b/docs/user/tutorials/README.md index eb2b64e2..d2b857e4 100644 --- a/docs/user/tutorials/README.md +++ b/docs/user/tutorials/README.md @@ -12,9 +12,9 @@ Browse the Cloud Manager tutorials to learn how to create and use cloud resource * [Create Scheduled Automatic Network File System Volume Backups in Google Cloud](./01-20-22-gcp-scheduled-nfs-backup.md) * [Restore Network File System Volume Backups in Google Cloud](./01-20-23-gcp-nfs-volume-restore.md) * VPC Peering - * [Create Virtual Private Cloud Peering in Amazon Web Services](./01-30-10-aws-vpc-peering.md) - * [Create Virtual Private Cloud Peering in Google Cloud](./01-30-20-gcp-vpc-peering.md) - * [Create Virtual Private Cloud Peering in Microsoft Azure](./01-30-30-azure-vpc-peering.md) + * [Creating VPC Peering in Amazon Web Services](./01-30-10-aws-vpc-peering.md) + * [Creating VPC Peering in Google Cloud](./01-30-20-gcp-vpc-peering.md) + * [Creating VPC Peering in Microsoft Azure](./01-30-30-azure-vpc-peering.md) * Redis * [Using AwsRedisInstance Custom Resources](./01-40-10-aws-redis-instance.md) * [Using GcpRedisInstance Custom Resources](./01-40-20-gcp-redis-instance.md)