Regional Consumption Tracking
To address one of the major concerns of costs associated with data-transfer across multiple VPCs and cloud accounts, many customer teams are investigating using the AWS backbone network and associated tools to create a cost-effective architecture. This article describes how to configure Kloudfuse with the same architecture.
Deploy the Kloudfuse Data Plane
-
Deploy the Kloudfuse data plane in the selected VPC and region, as described in the Installation section.
-
Create a cross-account VPC peering for accessing Kloudfuse from another region.
-
Create an inter-region VPC peering connection on one of the VPCs, provide the details of the source and target VPCs, and accept the peering connection request on the other VPC.
-
In the private subnet route table of VPC in region-2, add the route table entries for CIDR of region-1 VPC, using the peering connection.
-
In the explicit subnet associations of the route table, add the source vpc private subnet.
-
Request a TLS certificate for a subdomain to access the Kloudfuse data plane in region-1, and complete verification.
-
Create a new network load balancer in the region-2 VPC with TLS listener. Associate it with the ACM certificate you requested earlier.
-
Create a new target group that associates with the private IP addresses of the nodes in the EKS cluster in region-1, where Kloudfuse data plane is deployed on the
nodePort
ofkfuse-ingress-nginx-controller service
.
The Kloudfuse data plane is now accessible through the new subdomain using the new load balancer and the inter-region network peering.