Regional Consumption Tracking

To address one of the major concerns of costs associated with data-transfer across multiple VPCs and cloud accounts, many customer teams are investigating using the AWS backbone network and associated tools to create a cost-effective architecture. This article describes how to configure Kloudfuse with the same architecture.

Deploy the Kloudfuse Data Plane

  1. Deploy the Kloudfuse data plane in the selected VPC and region, as described in the Installation section.

    consumption 1

  2. Create a cross-account VPC peering for accessing Kloudfuse from another region.

    consumption 2

  3. Create an inter-region VPC peering connection on one of the VPCs, provide the details of the source and target VPCs, and accept the peering connection request on the other VPC.

    consumption 3

  4. In the private subnet route table of VPC in region-2, add the route table entries for CIDR of region-1 VPC, using the peering connection.

    consumption 4

  5. In the explicit subnet associations of the route table, add the source vpc private subnet.

  6. Request a TLS certificate for a subdomain to access the Kloudfuse data plane in region-1, and complete verification.

  7. Create a new network load balancer in the region-2 VPC with TLS listener. Associate it with the ACM certificate you requested earlier.

    consumption 5

  8. Create a new target group that associates with the private IP addresses of the nodes in the EKS cluster in region-1, where Kloudfuse data plane is deployed on the nodePort of kfuse-ingress-nginx-controller service.

    consumption 6

The Kloudfuse data plane is now accessible through the new subdomain using the new load balancer and the inter-region network peering.

Set Up VPC Private Link

Set up a VPC Private Link in the same region, to access the Kloudfuse endpoint.

consumption 7