Skip to Main Content

Install Env Via GCP Marketplace

Refer to Overview▸, using AutoMQ Cloud requires environment setup first. This article explains how to install the BYOC environment from Tencent Cloud Cloud Application.

In this article, references to AutoMQ Product Services, AutoMQ Services, and AutoMQ specifically refer to AutoMQ HK Limited and its subsidiaries.

Operational Process

Step 1: Prepare VPC

The AutoMQ BYOC environment is deployed within the user's VPC to ensure data privacy and security. When installing the AutoMQ environment using cloud applications, the user must specify existing VPC network and subnet information and ensure that the VPC meets the following conditions:

  • Subnet CIDR Requirements: The AutoMQ data plane cluster is deployed using the user's VPC, which consumes the IPs of the VPC subnets. It is recommended to allocate sufficient available IPs for each subnet (each subnet should have at least 1000 available IPs) to avoid future deployment and scaling issues.

  • Configuring Private Network Access to Google API: AutoMQ needs to access GCS and other cloud services. It is recommended to configure private network resolution and routing to access the aforementioned Google API through a private network to avoid unnecessary public network traffic costs. For configuration methods, refer to the appendix at the end of this article "Configuring VPC to Access Google Cloud Services API through Private Network".

Note: Failure to correctly configure VPC private network access may result in significant public network traffic costs. Please refer to the appendix for configuring private network access to Google Cloud Services API before installing AutoMQ.

Step 2: Install AutoMQ from GCP Marketplace

  1. Access the AutoMQ application link. The AutoMQ Cloud BYOC environment is distributed by default through the Marketplace on Google Cloud. Users can search for AutoMQ on the Marketplace.
  1. Click Launch to begin installing the AutoMQ console and fill in the necessary parameters as instructed below.
Parameter Setting
Description
Deployment name
  • Description: The name of the current deployment.
  • Constraint: It is recommended to use a recognizable name, limited to 20 characters.
Service Account
  • Service account used for executing the installation deployment. You can use an existing account or create a new service account. The service account must be associated with the appropriate roles and permissions.
Cloud Provider Region and Zone
  • Select the target region and zone to deploy the AutoMQ console.
Network Interface
  • Description: Set the target VPC Network for deployment. Once set, it cannot be changed.
Console CIDR
  • Description: Set the CIDR for the security group that will access the AutoMQ environment console.
  • Default value: 0.0.0.0/0, allowing access from all addresses.
Data Bucket
  • Description: Set the name of the GCS bucket for storing messages. This bucket is used to store Kafka message data.

When creating the GCS bucket, pay attention to setting the following parameters:
Location type: It is recommended to set it to Region type and select the region where the application is deployed.
Storage Class: It is recommended to choose the Standard storage type.
Other parameters: Set according to GCS recommended default parameters.

Operations Bucket
  • Description: Set the name of the GCS bucket for operational data. This GCS bucket is used to store AutoMQ system logs, metrics, etc., and does not contain application data.

Note: The operations bucket and the data bucket must be set to different buckets.



When creating the GCS bucket, pay attention to setting the following parameters:
Location type: It is recommended to set it to Region type and select the region where the application is deployed.
Storage Class: It is recommended to choose the Standard storage type.
Other parameters: Set according to GCS recommended default parameters.

Console Instance Type
  • Description: Set the VM instance type for deploying the AutoMQ BYOC environment console.
  • Limitation: It is recommended to choose a model with at least 2 cores and 8GB of memory from the list of options provided by the console.
Cluster Deployment Type
  • Description: Set whether the environment will install the AutoMQ data cluster onto Kubernetes or VM.
  • Optional values:
    • Deploy to GKE: After setting this option, refer to Deploy to Google Cloud GKE▸ to configure the GKE cluster. Subsequently, the AutoMQ cluster will be installed on the user-provided GKE.
  1. After installation, check the console output for the initial account password and console address.
Output
Output Description
Automq Byoc Endpoint
  • The URL address of the AutoMQ BYOC environment console. Users can access this address via browser or access the service via API or Terraform.
Automq Byoc Initial Username
  • The initial username for the environment console.
Automq Byoc Initial Password
  • The initial password for the environment console. Users need to change it immediately upon first login.
Environment Id
  • The environment ID corresponding to the environment console.
Automq Byoc Vpc Id
  • The VPC where the environment console is located.
Automq Byoc Google Service Account
  • The name of the service account bound to AutoMQ. The AutoMQ cluster will use this service account's identity to access cloud resources. When configuring the GKE node pool, you need to bind this service account. For more details, refer to Deploy to Google Cloud GKE▸.
Automq Byoc Instance Id
  • The ECS instance ID where the environment console is located.
Automq Deploy Zone
  • The actual deployment region of the AutoMQ console.

Note: In Google Cloud Solution Deployments, the Basic Info shows the Location representing the operating region of the current resource stack, not the deployment region of AutoMQ. The actual deployment region of AutoMQ is Automq Deploy Zone.

  1. Use the above information to log in to the AutoMQ console.

Step 3: Complete BYOC Environment Ops Authorization

BYOC environment is deployed in the user's VPC, ensuring data security and privacy isolation. However, the BYOC environment will generate system logs, metrics, and other system data unrelated to business. After the environment installation is complete, users need to refer to Manage Environment Ops Authing▸ to provide the corresponding operational authorization to the AutoMQ service provider, facilitating system stability monitoring and self-healing operations.

Next Steps

On Google Cloud, AutoMQ currently only supports deployment to GKE clusters. Therefore, after completing the environment installation, users need to prepare a GKE cluster first, then configure it in the AutoMQ console to deploy the AutoMQ cluster to GKE.

For the documentation to prepare GKE and complete subsequent deployments, please refer to Deploy to Google Cloud GKE▸.

Appendix

Configuring VPC for Private Access to Google Cloud Services API

The default domain name for Google Cloud service APIs resolves to public addresses. If accessing cloud services within a VPC, the default is to access them from the public network.

AutoMQ requires extensive access to GCS storage. To avoid unnecessary public network traffic costs, it is recommended that customers configure private network access to Google APIs at the VPC level. The configuration method is outlined in the steps below:

  1. Go to the Cloud DNS Product Console and create a Private DNS Zone. The parameters are as follows:

  • Zone Type: Set to Private.

  • Zone Name: Custom input as desired.

  • DNS Name: Set to “googleapis.com.”.

  • Networks: Associate the VPC that needs to access Google API via private network.

  1. Add private resolution records within the DNS Zone created in the previous step.

The first resolution record to add is *.googleapis.com. record resolved to private.googleapis.com via CNAME.

The second resolution record to add is private.googleapis.com record resolved to “199.36.153.8, 199.36.153.9, 199.36.153.10, 199.36.153.11” via A type. These addresses are retrieved from the Google Cloud official documentation.

  1. Navigate to the target VPC and review the routing table. Add a route for Google API access.

Enter the correct parameters to create a private subnet route. The private subnet IP range is 199.36.153.8/30. Set the weight to 99.

After the private subnet route is created, you will need to enter the correct parameters to create an additional route. The private subnet IP range is 34.126.0.0/18.

  1. Add firewall rules. After adding VPC routes, you need to add firewall rules within the VPC to allow subnets 199.36.153.8/30 and 34.126.0.0/18.
  1. Enter the virtual machine within the VPC, test access to GCS and other cloud services, check the access address, and confirm it has taken effect as the private network address configured in the previous steps.