Connector for Public Cloud IaaS Providers
Private networks and application servers use Connectors to interface with CloudConnexa so that services and applications reachable or hosted on them can be accessed. Connectors are used to establish a connection to CloudConnexa that is meant to stay always ON.
Private networks and application servers use Connectors to interface with CloudConnexa so that services and applications reachable or hosted on them can be accessed. Connectors establish a connection to CloudConnexa that is meant to stay always ON. Networks can be connected using either IPsec or OpenVPN tunnels. Application servers, or Hosts as they are called in CloudConnexa, use only OpenVPN tunnels.
Basically, Connectors are just OpenVPN and IPsec protocol-compatible clients that make an outbound connection to a CloudConnexa Region (Point of Presence). It is the fact that the OpenVPN connection profile that these clients use and that their connection to CloudConnexa is associated with a CloudConnexa Network or Host entity that makes them Connectors.
Note
Using IPsec for connecting Networks is in Beta.
Types of CloudConnexa Connectors
Connectors are of two types: a CloudConnexa Network Connector or a CloudConnexa Host Connector, depending on the CloudConnexa entity they are associated with.
Difference between Host and Network Connectors
Network Connector
A Network Connector connects a private network to CloudConnexa. Since it connects two networks (i.e., the CloudConnexa WPC and your private network), it must act as a router. The Connector's OpenVPN connection profile can be used with an OpenVPN-compatible hardware router or installed on a general-purpose computing device or virtual machine configured to act as a software router.
A Network Connector is an unattended Client application that is always connected to CloudConnexa for the purpose of:
Providing inbound access from the CloudConnexa WPC to the private network based on the private and public applications, routes, and IP Services configured as being reachable from that private network.
If the private network is configured to act as an Internet Gateway, providing inbound access to Internet traffic from the WPC to the private network
Providing outbound access to devices on the private network to WPC
A Network Connector can use IPsec and OpenVPN protocols.
Host Connector
Unlike a Network Connector, a Host Connector does not connect the WPC to a private network and, therefore, cannot be a router. A Host Connector connects an application server (for example, FTP server, remote desktop server, network attached storage system) to the CloudConnexa WPC.
Unlike a Network Connector, the Host Connector can only provide access to private applications running on the computing device it is installed on and can allow that device access to the WPC.
A Host Connector has to use OpenVPN protocol and not IPsec.
Deployment guides for OpenVPN Connectors
There are three main steps for getting an OpenVPN Connector operational:
Install an OpenVPN client if it does not already exist.
Obtain and use the Connector's OpenVPN connection profile.
For a Network Connector, enable NAT and routing
OpenVPN Connector for Public Cloud IaaS
The information in the table below applies to both Host and Network Connectors. However, the instructions to enable NAT and routing do not apply to Host Connectors.
IaaS | Install Client | Obtain Profile | Enable NAT and routing for Network Connector | Guides |
|---|---|---|---|---|
AWS | A CloudFormation template is generated based on the selected AWS Region. The template is presented in the Deploy Connector section of the Administration Portal. The template creates an Ubuntu EC2 instance and installs the OpenVPN 3 client. | The CloudFormation template has the needed instructions to retrieve the profile. | The CloudFormation template for Network Connector has the needed instructions to enable NAT and routing. NoteDuring configuration, there is a field called ManageRoutes. Select True if you are doing a site-to-site setup and want to automatically push the subnets of the other sites to the VPC routing table. | Tutorial: Connect Your AWS VPC to CloudConnexa by Deploying a Connector |
Azure | An Azure Resource Manager (ARM) template is generated and presented on the Administration Portal Deploy Connector section. The template creates an Ubuntu Virtual Machine and installs the OpenVPN 3 client. | The ARM template has the needed instructions to retrieve the profile. | The ARM template for Network Connector has the needed instructions to enable NAT and routing. | Tutorial: Connect Your Azure VNet to CloudConnexa by Deploying a Connector |
GCP | Launch a Linux VM on GCP and use the OS instructions for Linux | The profile token is used to import the profile. | The Linux script generated for the Network Connector includes the commands to setup NAT and routing. Enabling NAT and routing may be required for the Connector with Cockpit installation. Tutorial: Enable routing and NAT on Linux | Tutorial: Use the Linux OpenVPN 3 Connector integrated with Cockpit |
For IaaS providers not on the list, run a Linux instance and either use the Connector with Cockpit or generate scripts by selecting Linux as the Operating System.