Help Center/ ServiceStage/ FAQs/ Continuous Delivery/ How Can I Access Dependent Services Through VPC Endpoints When Building Images?
Updated on 2024-10-31 GMT+08:00
View PDF
Share

How Can I Access Dependent Services Through VPC Endpoints When Building Images?

Background

VPC Endpoint is a cloud service that provides secure and private channels to connect your VPCs to VPC endpoint services. It allows you to plan networks flexibly without having to use EIPs.

When building images for components in the Kubernetes environment, you can create VPC endpoints to communicate with Object Storage Service (OBS) and SoftWare Repository for Container (SWR), and use API Gateway (APIG) to call functional APIs of ServiceStage based on configured private domain names.

VPC endpoints can be used to access dependent services only in CN East 2, CN South-Guangzhou, AP-Singapore, AF-Johannesburg, and CN East-Shanghai1.

Procedure

  1. Log in to ServiceStage.
  2. Select the region where your service is located, for example, CN East2.

  3. In the address box of the browser, obtain the value of the region field.

    The following information in bold is an example of region: 
    https://console-intl.huaweicloud.com/servicestage/?agencyId=d6****************************41&region=cn-east-4&locale=zh-cn#/overview

  4. Create VPC endpoints for SWR and APIG. For details, see Buying a VPC Endpoint for Accessing Interface VPC Endpoint Services.

    1. Region: Select the region specified in 2.
    2. Service Category: Select Find a service by name.
    3. VPC Endpoint Service Name: Enter the VPC endpoint service name for each cloud service by referring to Table 1.

      Replace ${region} in the following table with the value obtained in 3.

      Table 1 Accessing interface VPC endpoint services

      Cloud Service

      VPC Endpoint Service Name

      SWR

      com.myhuaweicloud.${region}.swr

      NOTE:

      If you select the CN South-Guangzhou region, the VPC endpoint service name of SWR is swr.cn-south-1.myhuaweicloud.com.

      APIG

      com.myhuaweicloud.${region}.api
    4. Select Create a Private Domain Name.
    5. VPC: Select the same VPC for each VPC endpoint service listed in Table 1.
    6. Subnet: Select a subnet for each VPC endpoint service listed in Table 1.
    7. Set other parameters based on site requirements.

  5. Create VPC endpoints for OBS. For details, see Buying a VPC Endpoint for Accessing Gateway VPC Endpoint Services.

    You need to create VPC endpoints for the VPC endpoint services of OBS listed in Table 2.

    1. Region: Select the region specified in 2.
    2. Service Category: Select Find a service by name.
    3. VPC Endpoint Service Name: Enter the VPC endpoint service name for OBS by referring to Table 2.
      Table 2 Accessing gateway VPC endpoint services

      Region

      VPC Endpoint Service Name

      CN South-Guangzhou

      cn-south-1.com.myhuaweicloud.v4.obsv2

      cn-south-1.com.myhuaweicloud.v4.obsv2.lz05

      cn-south-1.com.myhuaweicloud.v4.obsv2.lz08

      cn-south-1.com.myhuaweicloud.v4.obsv2.lz09

      CN East2

      com.myhuaweicloud.cn-east-4.obslb01.v4.obsv2.vxlan

      com.myhuaweicloud.cn-east-4.obslb01.v6.obsv2.vxlan

      AP-Singapore

      ap-southeast-3.com.myhuaweicloud.v4.obsv2

      ap-southeast-3.com.myhuaweicloud.v6.obsv2

      AF-Johannesburg

      af-south-1.myhuaweicloud.v4.obsv2

      af-south-1.myhuaweicloud.v6.obsv2

      CN East-Shanghai1

      cn-east-3.com.myhuaweicloud.v4.global.obsv2

      cn-east-3.v4obsv2_new.58c9f146-63f0-4f07-98d3-18fe4874086b

      cn-east-3.myhuaweicloud.v4.obsv2.lz03

      cn-east-3.myhuaweicloud.v4.obsv2.lz04

      cn-east-3.com.myhuaweicloud.v4.obsv2.lz09

      cn-east-3.com.myhuaweicloud.v4.obsv2.lz11
    4. VPC: Select the VPC specified in 4 for all VPC endpoint services listed in Table 2.
    5. Subnet: Select a subnet for each VPC endpoint service listed in Table 2.
    6. Set other parameters based on site requirements.

  6. In the endpoint list, obtain the service addresses of the VPC endpoint created for APIG and SWR in 4.

    Replace ${region} with the value obtained in 3.

  7. Create private domain names. For details, see Creating a Private Zone.

    1. Domain Name: Enter the following private domain names:

      Replace ${region} with the value obtained in 3.

      • servicestage.${region}.myhuaweicloud.com
      • swr-api.${region}.myhuaweicloud.com
      • swr.${region}.myhuaweicloud.com
    2. VPC: Select the VPC specified in 4.
    3. Set other parameters based on site requirements.

  8. Add record sets for all private domain names created in 7. For details, see Adding an A Record Set.

    1. Type: Select A – Map domains to IPv4 addresses.
    2. Value: Set this parameter by referring to the following table.

      Replace ${region} in the following table with the value obtained in 3.

      Private Domain Name

      Record Value

      servicestage.${region}.myhuaweicloud.com

      Enter the address of the com.myhuaweicloud.${region}.api VPC endpoint service obtained in 6.

      swr-api.${region}.myhuaweicloud.com

      swr.${region}.myhuaweicloud.com

      Enter the address of the com.myhuaweicloud.${region}.swr VPC endpoint service obtained in 6.
    3. Set other parameters based on site requirements.

Parent topic: Continuous Delivery