Hosted grids on Tricentis Flood can enjoy the benefits of Amazon's virtual private cloud (VPC) integration so that they can use the same scalable infrastructure inside a virtual network dedicated to their AWS account. It is logically isolated from other virtual networks in the AWS cloud which offers multiple layers of security, including security groups and network access control lists (ACL)
This is great for users wanting to host grid nodes in their own private subnets.
To use this feature simply select Custom VPC when configuring your own hosted grid.
We will then auto discover available VPC identifiers, subnets, availability zones and security groups available within your hosted region.
SETTING UP YOUR VPC
If you haven't already, you will need to create your own VPC prior to creating a Grid with Flood.
We recommend using a VPC with Public and Private Subnets.
The configuration for this scenario includes a virtual private cloud (VPC) with a public subnet and a private subnet. We will then automatically create grid nodes in the private subnet, with a load balancer in the public subnet.
To get started, simply follow these instructions. Open your VPC dashboard in the AWS console and click Start VPC Wizard.
Select the VPC with Public and Private Subnets configuration. This will create the two subnets, and grid nodes will be able to reach Flood for test control / results via Network Address Translation (NAT) in the public subnet. Please note, this will also create an m1.small instance for NAT. This eliminates the need to expose grid nodes on the public subnet and removes the hassle of needing elastic IPs for each of your grid nodes.
In the detailed review, please ensure that the availability zones for the public and private subnets are the same. This will ensure that grid nodes can be reached for test results via an elastic load balancer hosted in the public subnet.
Please note that Grid nodes will be created in your private subnet, as such they still need outbound access to Flood and related resources. If creating your own customised VPC in AWS please ensure that the Security -> Network ACL allows outbound access for your private subnet otherwise Grid nodes will fail to start.
We publish a high level network diagram here which details the network connectivity required.
WHAT ABOUT A VPC WITH PUBLIC SUBNETS ONLY?
AWS provide an alternative scenario using just a single public subnet, and an Internet gateway to enable communication over the Internet.
Unfortunately this configuration does not allow the Grid nodes hosted in the public subnet outbound connectivity to the Internet without installation of an additional NAT instance, or manual assignment of Elastic IPs to each node via your VPC console after the Grid has been created.
For this reason, we recommend using the the VPC wizard to set up a VPC with a NAT instance; for more information, see Scenario 2: VPC with Public and Private Subnets previously described. Otherwise, you can set up the NAT instance manually using the steps detailed here.