1. Liferay Help Center
  2. Liferay Cloud Announcements
  3. Platform Changelog

Documentation

Integration of Private Service Connect and Cloud Interconnect

Released 09/21/2023

Introduction

Liferay Cloud has implemented a new feature facilitating the integration of Google Cloud's Private Service Connect (PSC) within its platform. PSC, a tunneling solution, enables the establishment of dedicated connections involving specific Kubernetes services or namespaces.

Private Service Connect (available in shared clusters and private clusters)

Liferay Cloud now supports Private Service Connect (PSC) to provide secure, dedicated connections between services within Liferay Cloud and customer's external on-premise (self-hosted) systems such as ERPs and CRMs. PSC ensures high performance and enhanced security by leveraging Google Cloud Platform's (GCP) infrastructure. This feature requires customers to have their own GCP project and deploy their on-premise services there.

Key Features of PSC in Liferay Cloud

  • Service-Oriented Design: Allows targeted connections to specific service IP addresses within Liferay Cloud, promoting a secure and controlled network environment.

  • Explicit Authorization: Built-in authorization model ensures granular control over service access, allowing only intended service endpoints to connect.

  • No Shared Dependencies: Utilizes Network Address Translation (NAT) to eliminate shared resource dependencies, facilitating easy deployment and scalability.

  • High Performance: Direct traffic flow from consumer clients to producer backends minimizes latency and maximizes bandwidth capacity.

Request Flow

PSC facilitates secure communication between external systems and Liferay Cloud services through the following high-level flow:

  1. External to Liferay Cloud:

    • External requests are routed through the customer's gateway.

    • Requests are directed to Liferay Cloud via PSC ServiceAttachment, ensuring secure and controlled access.

    • Within Liferay Cloud, requests are efficiently managed and distributed to the appropriate services.

  2. Liferay Cloud to External Systems:

    • Liferay Cloud services initiate requests to external systems.

    • Requests are routed through the PSC ServiceAttachment to the customer's GCP project.

    • Secure and reliable communication is maintained throughout the process.

Implementation Steps

  1. Manual Setup Requirement:

    • PSC setup in Liferay Cloud requires a manual process. Customers must submit a support ticket to request PSC configuration.

  2. Submission of a Support Ticket:

    • Customers need to send a ticket to Liferay Support with the following information:

      • Detailed requirements for PSC setup.

      • Specific Kubernetes service or namespace details that need access.

      • Any additional configuration details relevant to the setup.

  3. Configuration Process:

    • Upon receiving the support ticket, Liferay Cloud support will initiate the setup process.

    • The support team will configure PSC to establish secure connections between specified services and external systems.

  4. Verification and Testing:

    • After the setup, the configuration will be verified to ensure proper connectivity and security.

    • The support team will perform tests to confirm that only the specified services or namespaces can access the PSC.

Benefits

  • Secure and Reliable Connections: Establishes a secure, dedicated connection between on-premise systems and services within Liferay Cloud.

  • Enhanced Performance: Ensures low latency and high throughput by leveraging dedicated connections.

  • Granular Access Control: Limits access to specific services or namespaces, enhancing security.

Support and Maintenance

  • Ongoing Support: Liferay Cloud support will provide ongoing assistance and troubleshooting for PSC configurations.

  • Documentation and Updates: Detailed documentation and updates will be provided to customers to ensure they stay informed about best practices and any changes to the setup process.

Contact and Assistance

For any questions or additional support, customers can reach out to Liferay Cloud support by opening a ticket at Liferay Support.

By following these steps and leveraging the capabilities of PSC, customers can achieve a secure, efficient, and reliable connection between their on-premise systems and services within Liferay Cloud.

Cloud Interconnect Integration (available only on private cluster)

Cloud Interconnect provides a dedicated connection directly from an organization's on-premises network or other cloud environments to Google Cloud Platform. This connection bypasses the public internet, yielding benefits like enhanced security, reduced latency, and predictable network performance. When combined with PSC, Cloud Interconnect serves as a bridge, facilitating more secure, efficient, and streamlined interactions between on-premises systems and Liferay Cloud.

How It Works

  1. Establishment of PSC Connection: Liferay Cloud platform now supports PSC connections, ensuring that only specified Kubernetes services or namespaces can initiate and access this connection.

  2. Tunneling Solutions: With PSC in place, a dedicated channel is available for specific GCP services or different GCP VPCs to connect in or out of a VPC within the Liferay Cloud platform.

  3. Cloud Interconnect as a Bridge: For organizations looking to securely bridge their on-premises data and systems with GKE or Google Cloud Storage, the combined utility of PSC and Cloud Interconnect offers a robust solution. Data, whether sensitive or voluminous, can be securely and rapidly transferred between points.

Conclusion

Through the integration of Private Service Connect and Cloud Interconnect in the Liferay Cloud platform, users can now leverage dedicated and secure channels for communication and data transfer between their on-premises systems and Liferay Cloud, capitalizing on enhanced security, reduced latency, and consistent performance.

Was this article helpful?
1 out of 1 found this helpful