Hello Community,
I have several questions regarding the Private Gateway feature in ODC. I would appreciate your clarification on the following points:
1. Underlying Architecture of Private GatewayODC is built on AWS infrastructure, and AWS provides a service called Virtual Private Gateway that enables VPN connections between an AWS virtual network and an on-premises network.Is ODC’s Private Gateway implemented using native AWS services such as Virtual Private Gateway (or similar AWS networking services), or is it an OutSystems-managed proprietary implementation built on top of AWS?
2. Installation Location of Cloud ConnectorWhen using Private Gateway, the Cloud Connector must be installed in the on-premises environment.What I would like to clarify is: where is the Cloud Connector actually installed in practice?For example, if I want to connect ODC to a database within our internal network, is the Cloud Connector expected to be installed directly on the server or virtual machine where the database is running?Or is it more common to install the Cloud Connector on a separate server (for example, a dedicated intermediary server within the same network)?
3. Responsibility for Maintenance and Failures (Cloud Connector)Since the Cloud Connector is installed within the customer’s environment, I would like to clarify the boundary of responsibility.If a Cloud Connector version upgrade is required, or if a failure occurs, is handling upgrades, monitoring, and recovery the customer’s responsibility?Or does OutSystems provide any managed support for these operations?For reference, I reviewed the following documentation: [link here]
Any insights would be greatly appreciated.
Thank you in advance.
Hi Kazuna,
1. OutSystems is not using any AWS connectivity service. Cloud connector is an outbound tunnel (from your premise to your OutSystems tenant). Under the hood it uses Chisel (https://github.com/jpillora/chisel)
2. CC should be installed separately. CC allows any installation method but the recommended one is to use a container orchestration. See here for details https://github.com/OutSystems/cloud-connector. The container instance needs firewall rules to connnect to your OutSystems tenant and internally to your services, like database.While you can run multiple cloud connectors you can run only instance with the same configuration.
3. Yes, cloud connector is within your responsibility while the tenant side is the responsibility of OutSystems. Regarding a Platform Operations managed service some partners offer this kind of service. As far as I know this is not offered by OS (only on-demand support).
Stefan
PS: I wrote an exercise lab on Private Gateway. This one is using EC2 instances on AWS. https://without.systems/odc-private-gateway-on-aws