Apigee Hybrid Port firewall - between two Data center

abiram8
Participant IV

Hi,

Apigee hybrid provides the port openings for internal covering both internal and external connection.

https://cloud.google.com/apigee/docs/hybrid/v1.4/ports?skip_cache=true&hl=es-ve

Could not find the port between the multiple data center (as indicated in OPDK).

Solved Solved
0 2 457
1 ACCEPTED SOLUTION

Are you trying to put the different components of a single deployment in multiple datacenters? Or are you trying to have multiple deployments in different datacenters and have the data sync up?

If it's the latter, look at the Multi-region deployment instructions:

https://cloud.google.com/apigee/docs/hybrid/v1.4/multi-region?skip_cache=true

where you basically just need to open up the cassandra to cassandra port (7000, 7001) between cassandra instance to sync up data after configuring cross region communications as described.

This will sync all of your cassandra/runtime data between regions. All of the other data like proxies are stored in the management plane and can be pushed to both regions (see https://cloud.google.com/apigee/docs/hybrid/v1.4/where-data)

View solution in original post

2 REPLIES 2

Are you trying to put the different components of a single deployment in multiple datacenters? Or are you trying to have multiple deployments in different datacenters and have the data sync up?

If it's the latter, look at the Multi-region deployment instructions:

https://cloud.google.com/apigee/docs/hybrid/v1.4/multi-region?skip_cache=true

where you basically just need to open up the cassandra to cassandra port (7000, 7001) between cassandra instance to sync up data after configuring cross region communications as described.

This will sync all of your cassandra/runtime data between regions. All of the other data like proxies are stored in the management plane and can be pushed to both regions (see https://cloud.google.com/apigee/docs/hybrid/v1.4/where-data)

Thanks @Chad Fuishige

If we need to maintain different component of single deployment into multiple datacenter, then what's the best practice ? & in what scenario we should design such single Hybrid runtime to multiple Data Center ?

In case of DMZ (for Apigee Runtime), which component should be placed in DMZ (Runtime Ingress for TLS/MTLS ?) and is it right practice to have all runtime components of Apigee Hybrid to DMZ (Including Cassandra ?)