Private connectivity for Integration Connectors
This page explains how to use the Private Service Connect (PSC) to establish a connection between your backend system which is on a private network and the Integration Connectors runtime. The page assumes that you are familiar with the following concepts:
- Google Cloud Virtual Private Cloud (VPC)
- Integration Connectors
- Private Service Connect
- Internal load balancers
- Compute Engine
Why is PSC required?
Integration Connectors runtime requires PSC to access services or endpoints running on a private network which can be in Google Cloud, on-premise, or other cloud provider networks.
For example, you might want to run a private MySQL instance without assigning an external IP address. In this scenario, you must create a PSC service attachment so that the Integration Connectors runtime can access your private MySQL instance. By using the PSC service attachment, there is no need for you to assign a public IP address for your backend system.
How to create a PSC service attachment?
The following are the high-level steps to create a PSC service attachment:
- Create a VPC network and the required subnets.
- Create a VM instance for installing your backend service.
- Install your backend service.
- Create an instance group for the VM instance.
- Create a health-check probe.
- Set up an internal load balancer.
- Configure the appropriate firewall rules for your network traffic.
- Create the PSC service attachment.
- Create an endpoint attachment.
- Verify the PSC service attachment connectivity by creating a connection.
These steps are described in detail with an example for the following scenarios:
- MySQL instance deployed in a Compute Engine VM
- Cloud SQL instance deployed in Google Cloud
- MongoDB Atlas cluster deployed in Google Cloud