Connect out from SingleStore Helios Workspaces to Private Networks/Services via Google Private Service Connect

For outbound connections, you'll send the service attachment to SingleStore. You'll also receive a project name from SingleStore so that you can whitelist the project while creating the service.

To create outbound connections from SingleStore Helios to private networks/services (not accessible from the Internet, like Kafka) for tasks like ingesting data via pipelines perform the following tasks:

  1. Obtain a project name from SingleStore.

  2. Create a Network Load Balancer (NLB).

  3. Publish the Service.

  4. Send the Service Attachment to SingleStore.

Obtain a Project Name from SingleStore

Contact SingleStore Customer Support (see Support FAQ) and obtain a project name for the service you are going to create. Provide the following information in the support ticket:

  • Workspace ID. SingleStore can only process the connection request when your workspace is in the Active state.

  • Region details

  • Request a project name from SingleStore

  • In the support ticket, specify that the request is for outbound connection

You'll need to whitelist this project name while creating the service later.

Create a Network Load Balancer

  1. In the GCP console, select Networking > Networking Services > Load Balancing > Create load balancer.

  2. Under TCP Load Balancing, select Start configuration.

  3. Under Internet facing or internal only, select Only between my VMs and Single region only.

  4. Under Backend type, select Backend Service. Select Continue.

  5. On the New TCP load balancer screen, enter a Name for the Network Load Balancer.

  6. Select Backend configuration, enter the Region and Network information, and then add your service's Instance group.

    Note

    If you do not have an Instance group yet, but you do have a running service, select GCP Console > Compute Engine > Instance groups > Create Instance Groups to create an instance group. If you already have an instance, but do not have a group, you may want to create an unmanaged group to which you can add existing instances. See Creating groups to create an unmanaged instance group.

  7. Fill out the Backend and Frontend configurations and then click Create.

For more NLB configuration related information, see Configuring Load Balancer.

Once you have an NLB, you can test it.  An easy test would be to use curl with the Network Load Balancer's IP and Port from within the VPC to verify that the connection is established.

$ curl <ADDRESS_OF_THE_NLB>:<port>

Publish the Service

When you publish a service, you create a service attachment. Send the Service attachment information to SingleStore. You will also need to whitelist the project that SingleStore sent you earlier.

  1. In the GCP Console, select Networking > Network Services > Private Service Connect > Published Services > Publish Service.

  2. Under Load balancer type, select Internal TCP/UDP Load Balancer.

  3. Add the project name you received from SingleStore to the whitelist for your Service.

  4. Enter the necessary details and create a subnet if needed. See Publish a Service for more information. Do NOT enable Use Proxy Protocol.

  5. Select Add service.

For more information, see Publish Services using Private Service Connect.

Send the Service Attachment to SingleStore

Contact SingleStore Support and provide the Service Attachment. Follow these steps:

  1. On the Google Cloud console, go to the Private Service Connect page.

  2. On the Published Service tab, select the service you just created. Open the Private Service Connect service details screen.

  3. Send the Service attachment information to SingleStore Support. Service attachment names usually have the following format: projects/<SERVICE_PROJECT>/regions/<REGION>/serviceAttachments/<SERVICE_NAME>.

Last modified: April 6, 2023

Was this article helpful?