Skip to main content
Version: User Guides (Cloud)

Set up a Private Link (Azure)

This guide demonstrates the procedure for setting up a private link from a Zilliz Cloud cluster to your service hosted in different Microsoft Azure VPCs.

Before you start

Make sure the following conditions are met:

  • You have signed up for Zilliz Cloud.

  • A cluster has been created. For information on how to create a cluster, see Create Cluster.

Zilliz Cloud offers you an intuitive wizard to add a private link. On the Private Link tab in your project, click + Add Private Link and configure the settings.

Setting up a private link is project-level. When you configure a private link for a cluster, it applies to its neighboring clusters in the same project deployed in the same cloud region.

Copy your Cluster ID

On the Cluster Details tab in the Zilliz Cloud console, copy your cluster ID.

OOhXbh65DopBKhxjNr7ciP3WnHe

In the Create Private Link dialog box,

  1. Select a provider and region.

    CucwbnXMvo4MKIxZFblckLexnHe

  2. Enter your user ID from the Microsoft Azure Subscription page.

    InPxbRBPLofV2jxhzkVc9hUpnDg

  3. Click Add to have Zilliz Cloud verify the submitted user ID and whitelist it.

    DRzObdSHfoFFesxGSAmclzT1n4X

  4. Copy the endpoint service alias in the above dialog box similar to the following.

    AYcpbsHXcopDtoxrdgycSuCUnZe

Create a Private Endpoint on the Azure portal

  1. Go to Private Link Center, and click + Create.

    NybUbya1ZoeQFFxsoahcGr7ZnsB

  2. Fill in the basic information for the private endpoint to create.

    RikRbsk6JoZatzxccNycL1W4nKb

  3. Click Next: Resource > and choose Connect to an Azure resource by resource ID or alias. Then paste the one copied from the Zilliz Cloud console into Resource ID or alias.

    GTPnbA6kbo2cHjxMjggcvW0Wnvf

  4. Select proper values in Virtual network and Subnet, and keep the default for other settings on this tab.

    Sl6MbHp9ho087TxkIo7cLoFrnOc

  5. Click Next until you reach the Review + create tab. If the validation passes, click Create to create the private endpoint.

    SouVbDyimoKdpKxDOKhcnDSjnRb

  6. Once the deployment succeeds, you will see the following.

    IUOxbdG2noCDmZxS2bhcDvmMnrb

  7. Click Go to resource and see the overview page of the created Private Endpoint.

  8. Click JSON View in the upper right corner on the Overview page. Note that the Connection Status is displayed as Pending.

    TZYqb1YO5oXfFWxSj6xcdYqQnTh

    In the Resource JSON panel, copy the values of name and properties.resourceGuid. Your endpoint ID should be these two values joined by a period (.).

    ESbBbLrCEoXHGXxsYIacacfknRg

    For example, the value of the key name is zilliz, and the value of the key properties.resourceGuid is d73e9b55-7b9c-4f8d-8f0a-40e737f1ccbf. Your Private Endpoint ID should be zilliz.d73e9b55-7b9c-4f8d-8f0a-40e737f1ccbf.

  9. Fill your Private Endpoint ID in the Create Private Link dialog box on the Zilliz Cloud console and click Create.

    KBd4bLBWto3SuyxGHswcBGisnxc

    Upon creation, Zilliz Cloud starts processing your private link request. The private link should be available within 5 minutes.

  10. Once the private link is ready, you will see the link URI on the Cluster Details tab of your Zilliz Cloud cluster. Copy the private link URI for the next step.

    PKhPbrMGloqncbxhxpCcZamlnVg

Create a Private DNS Zone on the Azure portal

  1. On the Overview page of the created Private Endpoint, choose Settings > DNS configuration, and copy the IP address of the network interface created along with the Private Endpoint.

    GC9jbsUp2oXgCZxkojbcrmJanJb

    The example value in the screen shot above is 10.0.0.4.

  2. Go to Create a Private DNS zone, and click + Create to start the process.

  3. In the Basics tab, select the subscription and resource group used above, and paste the Private Link URI copied from the Zilliz Cloud console in Instance details > Name. Then click Review create.

    QweWbLRSioY9Cix8nMUc0Q75n1e

  4. Once the validation passes, click Create to start the process.

    LsmabNzrwoz9lvxJpKac2gEdnGG

  5. If the deployment succeeds, you will see the following.

    LGB3bC80FoQnXIxx527cVkTMnAe

  6. Click Go to resource to see the Overview page of the created Private DNS zone.

    M401b0RiNoauaHxbBH6crLXlnXc

  1. On the Overview page of the created Private DNS Zone, choose Settings > Virtual network links in the left navigation pane.

  2. Click + Add. In the Add virtual network link dialog box, enter a Link name, and select Subscription and Virtual network you have used above. In the Configuration section, select Enable auto registration also.

    KQZ2bvbbUodBlAxV98ccbrwxnWg

    Once everything is set up as expected, click OK to continue. The link status of the created virtual network link will change to Completed after the deployment succeeds.

    R84pbAxcKo24pDxQvlKcyxV7n4b

  3. Click Overview in the left navigation pane to go back to the Overview page of the Private DNS zone.

    S4bTb3ICwoWnlgxqSFrcYwEInvh

  4. Click + Record set. In the Add record set dialog box, enter your cluster ID suffixed with -privatelink in Name, select A - Address record in Type, and set TTL to 10 Minutes. Check whether the listed IP address is the one you have noted down.

    DtFQb18jloG9JDxYg0AcSlRsn75

    Click OK to save the record set.

    YWSZbd4qEoAW64xf9gHcamC8nyd

  5. Go back to the Overview page of the created Private Endpoint on the Azure portal, and you will see that the Connection Status of the Private Endpoint turns from Pending to Approved.

    CqAEbOjDUogQGdxl3gjclaPAn1e

    Now the resources in your Azure virtual network can access the Zilliz Cloud cluster privately.