Networks

By default, Crunchy Bridge will provision each new cluster inside a new private network in the Crunchy managed area in that particular cloud. AWS and Google cloud documentation refers to this as VPC (Virtual Private Cloud) and a similar service at Azure is called VNET (Azure Virtual Network). Each network is separate and private from other networks in the same cloud.

Once a cluster has been provisioned inside a network, it cannot be moved. If you need multiple clusters inside the same network you should create the first cluster, discover that network, and then create additional clusters within that established network. See the next section for details on creating a new cluster in an existing network.

Creating resources inside your network

In order to create a network on Crunchy Bridge, you must first create a cluster. A network will be created as part of the process. Once you have an existing cluster and network, you can use the Dashboard to create new clusters in that network (see next section). You can also use the API or CLI to see and manage clusters in your network.

To find your network details, navigate to a cluster's Overview page and click into the Networking section to see its network. You can manage the cluster's Firewall rules here, or click "All Networks" to see all the existing networks for the Team where this cluster resides.

Inside the All Networks area you can see all the network groups where your clusters reside. You can rename a network or add a new cluster to it using the Actions dropdown.

Inside the All Networks area you can see all the network groups where your clusters reside. You can rename a network or add a new cluster to it using the Actions dropdown. Read replicas, forks, and High Availability failover clusters will by default be created within the same network. Read replicas and forks can be provisioned in a different existing network if you specify that during provisioning.

Peering to other private networks

Virtual networks are one of the cornerstone features of securely supporting cloud Postgres applications while giving you the flexibility to choose vendors, marketplace applications, and other services, and connecting everything securely. A virtual network can let you connect your database to your other application services via a private subnet without ever exposing the database to the larger internet. AWS, Azure, and Google Cloud will allow you to create a virtual network for those of your resources and applications which need database access.

Using VPC peering or private link, you can connect your private network to your Crunchy Bridge private network.

For larger organizations that need further refinement of networking and peering, you may want to have one network group for production machines and another one for development and staging machines.

Firewalls

Crunchy Bridge allows for custom networking configurations. See more in firewalls.