VPC Peering Connection with Oracle Cloud
This document describes how to create a VPC peering connection between EMQX Cloud and Oracle Cloud Infrastructure (OCI) by using Local Peering Gateways (LPGs).
In this setup:
- The Virtual Cloud Network (VCN), where your Oracle Cloud resources reside, acts as the requesting side.
- The VCN where the EMQX Cloud deployment resides acts as the accepting side of the peering connection.
Prerequisites
Before you begin, ensure that:
- Your Oracle Cloud VCN and the EMQX Cloud deployment are located in the same region.
- The CIDR block of your Oracle Cloud VCN does not overlap with the CIDR block of the EMQX Cloud VCN.
- You have sufficient permissions to manage VCNs, Local Peering Gateways, route tables, and security rules in Oracle Cloud.
Create a VPC Peering Connection
Step 1: Create a Local Peering Gateway in EMQX Cloud
Log in to the EMQX Cloud Console and go to the Deployment Overview page of the target deployment.
From the left navigation menu, click Network Management.
In the VPC Peering Connection section, click + VPC Peering Connection.
On the dialog page, confirm the Region of Deployment and make sure it matches the region of your Oracle Cloud VCN.
Click Create Local Peering Gateway.
EMQX Cloud automatically creates a Local Peering Gateway in its VCN and displays the following information:
- Local Peering Gateway OCID
- Region of Deployment
- CIDR of the EMQX Cloud VCN
Keep this dialog open, as the OCID will be used in later steps.
Step 2: Create a Local Peering Gateway in Oracle Cloud
Log in to the Oracle Cloud Console.
In the top search bar, search for Virtual Cloud Networks, and open the VCN where your Oracle Cloud resources are deployed.
In the VCN details page, select Gateways from the left navigation.
In the Local Peering Gateways section, click Create Local Peering Gateway.
Enter a name (for example,
vpc-peering-lpg) and select the appropriate compartment.
Click Create.
Step 3: Establish the Peering Connection
In the Local Peering Gateways list, locate the newly created LPG.
Click the Actions menu (⋯) and select Establish Peering Connection.
On the Establish Peering Connection page:
- Select Enter Local Peering Gateway OCID.
- Paste the Local Peering Gateway OCID obtained from the EMQX Cloud console.
Click Establish Peering Connection.
Wait until the Peering Status changes to Peered.
Step 4: Configure Route Tables
After the peering connection is established, you must update the route table to allow traffic to flow to the EMQX Cloud VCN.
In the Oracle Cloud Console, go back to the VCN details page.
Select the Routing tab.
Locate the route table associated with the subnet where your Oracle Cloud resources reside.
Click Add Route Rules and configure the following:
- Target Type:
Local Peering Gateway - Destination CIDR Block: CIDR of the EMQX Cloud VCN
- Target Local Peering Gateway compartment: Select the compartment where the Local Peering Gateway was created.
- Target Local Peering Gateway: Select the Local Peering Gateway you created for this peering connection.
- Target Type:
Save the route rule.
Step 5: Configure Security Rules
Finally, update the security rules to allow traffic from the EMQX Cloud VCN.
In the VCN details page, open the Security tab.
Locate the Security Lists or Network Security Groups (NSGs) associated with your Oracle Cloud resources.
Add Ingress Rules to allow traffic from the EMQX Cloud CIDR block.
- Source: EMQX Cloud VCN CIDR
- IP Protocol: TCP (or as required)
- Destination Port Range: As required by your application
Save the changes.
Delete a VPC Peering Connection
To delete a peering connection, you need to ensure that the status of the VPC peering connection is Running.
TIP
Before deleting the peering connection, make sure that there are no associated resources in the deployment; otherwise, there will be unpredictable risks.
Go to the VPC Peering Connection area on the Network Management page in your deployment.
Click the "delete" icon in the Actions column of the peering connection.