Virtual Private Cloud (VPC) Peering

VPC peering is a networking connection between two VPCs enabling traffic to be routed between them. When you use VPC peering, instances in the VPCs communicate with each other as if they are in the same network. The VPCs can be in different regions (also known as Inter-Region VPC peering connections).

VPC peering facilitates the transfer of data. For example, if you have more than one AWS account, you can peer the VPCs across those accounts and create a file-sharing network.

This procedure describes how to peer two VPCs, using subnet routes, and how to manage the peering connections and routes. For detailed steps on setting up VPC peering in Duplo, refer to the Duplo documentation.

Enable and peer VPCs

Enable VPCs for peering:

We will be referring following steps to peer 2 VPCs VPC-A and VPC-B.

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays. In this example, the Infrastructures are named VPC-A and VPC-B.

2. From the Name column, select the first Infrastructure (VPC-A) for which to enable peering. VPC-A and its defined subnet routes are displayed.

3. Click the Peering tab.
4. From the Select a VPC to peer with VPCA list box, select the VPC that you want to peer with VPC-A. In this example, we select VPC-B.

5. Select the Is Peered checkbox.

6. Click Save.
7. Repeat steps 1 to 6 for VPC-B Infrastructure to configure bidirectional peering.

Select subnet routes for VPC peering

Now that your two VPCs (VPC-A and VPC-B) are connected, define the subnet routes that the VPCs use for communication.

To begin, on the VPC Peering page for the first VPC that you set up (VPC-A), click Peer again. The Infrastructure page displays.

1. Select the Infrastructure (VPC-A) containing the first VPC that you enabled for peering.

2. Select the Peering tab.

3. Select the Select a VPC to peer with VPCA list box. The second VPC (VPC-B) displays in the list box and the Is Peered checkbox is selected, indicating that you previously connected the first VPC (VPC-A) with the second VPC (VPC-B) for peering.

4. Select the subnet routes that you want to define for VPC peering communication between the two VPCs (VPC-A and VPC-B). In this example, we select the checkboxes for subnet routes vpc-B-a-private and vpc-B-a-public.
5. Click Save.

Click Peer again and repeat the numbered procedure above to peer the VPC-B Infrastructure.

Verify peering between associated VPCs

Confirm that your two VPCs are enabled for peering, are connected with each other, and have subnet routes defined for communication.

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays.

2. Select one of the Infrastructures containing a VPC that you previously enabled for peering and for which you defined subnet routes. In this example, we select VPC-A.

3. Click the Peering tab.
4. In the Select a VPC to peer with VPC-A list box, select VPC-B to confirm that VPC-B is peered with VPC-A and uses the subnet routes you defined. The name of the second VPC (VPC-B) displays in the list box and the Is Peered checkbox is selected. The subnet routes that you selected are displayed as checked.

5. Click Save.

Configure Security Group rules for Tenant VPC zones

To maintain accessibility, add Security Group rules for Tenant VPC zones:

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure.

2. Select the Infrastructure from the Name column.

3. Click the Security Group Rules tab.
4. Click Add. The Add Tenant Security pane opens.
5. Define the rule for your Port Range and click Add.

Delete subnet routes for peered VPCs

Delete subnet routes that you defined for VPC peer-to-peer communication:

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays.

2. Select one of the Infrastructures containing a VPC that you previously enabled for peering and for which you defined subnet routes. Continuing the example above, in this case, we select VPC-A.

3. Click the Peering tab.
4. In the Select a VPC to peer with VPC-A list box, select the corresponding VPC (in this case, VPC-B) The peered VPC (VPC-B) displays and the Is Peered checkbox is selected along with the associated subnet routes defined for communication.

5. Uncheck subnet routes you want to remove. Using the CTRL key, you can select multiple checkboxes and clear them with a single click. In this example, we remove the subnet route VPC-B-A-private by clearing its checkbox.
6. Click Save. The subnet route vpc-b-A-private has been removed for VPC-A/VPC-B peering.

7. Optionally, confirm the deletion by verifying peering between associated PVCs.

Delete peered VPCs

Delete the peering connection between VPCs:

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays.

2. Select one of the Infrastructures containing a VPC that you previously enabled for peering and for which you defined subnet routes. Continuing the example above, in this case, we select VPC-A.

3. Click the Peering tab. The VPC Peering page displays for VPC-A.
4. Select the Choose VPC list box. The peered VPC (VPC-B) displays and the Is Peered checkbox is selected along with the associated subnet routes defined for communication.

5. Clear the Is Peered checkbox.
6. Click Save. The Select Subnets list no longer displays and the peering connection between VPC-A and VPC-B has been removed.

7. Optionally, confirm the deletion by verifying peering between associated VPCs.