Connect out from SingleStoreDB Cloud Workspaces to Private Networks/Services via Google Private Service Connect

This topic describes how to create outbound connections from SingleStoreDB Cloud to private networks/services (not accessible from the Internet, like Kafka) for tasks like ingesting data via Pipelines.

Process overview:

  • Obtain a project name from SingleStore

  • Create a Network Load Balancer (NLB)

  • Whitelist the project

  • Publish the Service

  • Send the Service Attachment information to SingleStore

Obtain a Project Name from SingleStore

Contact SingleStore Customer Support (see How do I file a support ticket?) and obtain a project name for the service you are going to create. You'll need to whitelist that project name while creating the service later.

Creating a Network Load Balancer

Create and test your Network Load balancer.

  1. In the GCP console, go to Networking -> Networking Services -> Load Balancing.

  2. Click Create Load Balancer.

  3. In TCP Load Balancing click Start configuration.

  4. Choose Only between my VMs and Single region only, and then click Continue.

  5. Name the Network Load Balancer.

  6. Click Backend configuration, fill out Region and Network, and then add your service's Instance group.


    If you do not have an Instance group yet, but you do have a running service, you can create an Instance group in GCP Console -> Compute Engine -> Instance groups -> Create Instance Groups. If you already have an instance, but do not have a group, you may want to create an "unmanaged" group to which you can add existing instances.

  7. Fill out the Backend and Frontend configurations and then click Create.

Once you have an NLB you can test it.  An easy test would be to use curl the Network Load Balancer's IP and Port from within the VPC to verify that connection is indeed established.

$ curl <ADDRESS_OF_THE_NLB>:<port>

Publishing a Service

Publish the Service and then send the Service attachment information to SingleStore. You will also need to whitelist the project that SingleStore sent you earlier.

  1. In the GCP Console, go to Networking -> Network Services -> Private Service Connect -> Published Services. Click Publish Service.

  2. Add the project name you received from SingleStore to the whitelist for your Service.

  3. Enter the necessary details and create a subnet if needed. Do NOT enable Use Proxy Protocol.

  4. Click ADD SERVICE.

  5. In the list of services, click on the service you just crated and then open the Private Service Connect service details screen.

  6. Send the "Service attachment" information to SingleStore Support (see How do I file a support ticket?). Service attachment names usually have a format like this: projects/<SERVICE_PROJECT>/regions/<REGION>/serviceAttachments/<SERVICE_NAME>.