Skip to content

Commit 9d859e8

Browse files
committed
Update set-up-private-endpoint-connections-on-azure.md
1 parent 52817dc commit 9d859e8

1 file changed

Lines changed: 61 additions & 12 deletions

File tree

tidb-cloud/set-up-private-endpoint-connections-on-azure.md

Lines changed: 61 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -77,23 +77,72 @@ If you have multiple clusters, you need to repeat these steps for each cluster t
7777
>
7878
> For each TiDB Cloud Dedicated cluster, the corresponding endpoint service is automatically created 3 to 4 minutes after the cluster creation.
7979
80-
2. Log in to the [Azure portal](https://portal.azure.com/), and then create a private endpoint for your cluster using the copied TiDB Cloud resource ID as follows:
80+
2. Create the private endpoint by using either Azure Portal or Azure CLI.
8181

82-
1. In the Azure portal, search for **Private endpoints**, and then select **Private endpoints** in the result.
83-
2. On the **Private endpoint** page, click **+ Create**.
84-
3. In the **Basics** tab, fill in the project and instance information, and then click **Next: Resource**.
85-
4. In the **Resource** tab, choose **Connect to an Azure resource by resource ID or alias** as the **connection method**, and paste the TiDB Cloud resource ID to the **Resource ID or alias** field.
86-
5. Continue clicking **Next** to go through the remaining configuration tabs and complete the required settings. Then, click **Create** to create and deploy the private endpoint. It might take a few seconds for Azure to complete the deployment. For more information, see [Create a private endpoint](https://learn.microsoft.com/en-us/azure/private-link/create-private-endpoint-portal?tabs=dynamic-ip#create-a-private-endpoint) in Azure documentation.
82+
<SimpleTab>
83+
<div label="Use Azure Portal">
8784

88-
3. After the private endpoint is created and deployed, click **Go to resource**, and then do the following:
85+
1. Log in to the [Azure portal](https://portal.azure.com/).
86+
2. Search for **Private endpoints**, and then select **Private endpoints** in the result.
87+
3. On the **Private endpoint** page, click **+ Create**.
88+
4. In the **Basics** tab, fill in the project and instance information, and then click **Next: Resource**.
89+
5. In the **Resource** tab, choose **Connect to an Azure resource by resource ID or alias** as the **connection method**, and paste the copied TiDB Cloud resource ID to the **Resource ID or alias** field.
90+
6. Continue clicking **Next** to go through the remaining configuration tabs and complete the required settings. Then, click **Create** to create and deploy the private endpoint. It might take a few seconds for Azure to complete the deployment. For more information, see [Create a private endpoint](https://learn.microsoft.com/en-us/azure/private-link/create-private-endpoint-portal?tabs=dynamic-ip#create-a-private-endpoint) in Azure documentation.
91+
7. After the private endpoint is created and deployed, click **Go to resource**, and then do the following:
8992

90-
- Click **Settings** > **Properties** in the left navigation pane, and copy its **Resource ID** for later use.
93+
- Click **Settings** > **Properties** in the left navigation pane, and copy its **Resource ID** for later use.
9194

92-
![Azure private endpoint resource ID](/media/tidb-cloud/azure-private-endpoint-resource-id.png)
95+
![Azure private endpoint resource ID](/media/tidb-cloud/azure-private-endpoint-resource-id.png)
9396

94-
- Click **Settings** > **DNS configuration** in the left navigation pane, and then copy its **IP address** for later use.
97+
- Click **Settings** > **DNS configuration** in the left navigation pane, and then copy its **IP address** for later use.
9598

96-
![Azure private endpoint DNS IP](/media/tidb-cloud/azure-private-endpoint-dns-ip.png)
99+
![Azure private endpoint DNS IP](/media/tidb-cloud/azure-private-endpoint-dns-ip.png)
100+
101+
</div>
102+
<div label="Use Azure CLI">
103+
104+
1. Sign in to Azure CLI and select your subscription:
105+
106+
```bash
107+
az login
108+
az account set --subscription ${your_subscription_id}
109+
```
110+
111+
2. Create the private endpoint by using the TiDB Cloud resource ID copied in Step 2:
112+
113+
```bash
114+
az network private-endpoint create \
115+
--name ${your_private_endpoint_name} \
116+
--resource-group ${your_resource_group_name} \
117+
--vnet-name ${your_vnet_name} \
118+
--subnet ${your_subnet_name} \
119+
--private-connection-resource-id "${your_tidb_cloud_resource_id}" \
120+
--connection-name ${your_private_endpoint_connection_name} \
121+
--location ${your_region}
122+
```
123+
124+
3. Get the private endpoint **Resource ID**:
125+
126+
```bash
127+
az network private-endpoint show \
128+
--name ${your_private_endpoint_name} \
129+
--resource-group ${your_resource_group_name} \
130+
--query "id" \
131+
--output tsv
132+
```
133+
134+
4. Get the private endpoint **IP address** from DNS configuration:
135+
136+
```bash
137+
az network private-endpoint show \
138+
--name ${your_private_endpoint_name} \
139+
--resource-group ${your_resource_group_name} \
140+
--query "customDnsConfigs[0].ipAddresses[0]" \
141+
--output tsv
142+
```
143+
144+
</div>
145+
</SimpleTab>
97146

98147
### Step 3. Accept the endpoint
99148

@@ -136,4 +185,4 @@ The endpoint service is created automatically after you open the **Create Azure
136185

137186
The Azure private endpoint connection feature can automatically detect your private endpoints. This means that after [creating an Azure private endpoint](#step-2-create-an-azure-private-endpoint) in the Azure portal, if you click **Cancel** in the **Create Azure Private Endpoint Connection** dialog in the TiDB Cloud console, you can still view the created endpoint on the **Networking** page. If the cancellation is unintentional, you can continue to configure the endpoint to complete the setup. If the cancellation is intentional, you can delete the endpoint directly in the TiDB Cloud console.
138187

139-
[^1]: The diagram of the Azure Private Link architecture is from the [What is Azure Private Link service](https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview) document ([source file on GitHub](https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/private-link/private-link-service-overview.md)) in Azure documentation, licensed under the Creative Commons Attribution 4.0 International.
188+
[^1]: The diagram of the Azure Private Link architecture is from the [What is Azure Private Link service](https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview) document ([source file on GitHub](https://github.com/MicrosoftDocs/azure-docs/blob/main/articles/private-link/private-link-service-overview.md)) in Azure documentation, licensed under the Creative Commons Attribution 4.0 International.

0 commit comments

Comments
 (0)