Connectivity to IBM Cloud services with Satellite Link
When using IBM Cloud services from workload components in your Satellite location, you should use Satellite Link functionality to facilitate secure access to the IBM Cloud services. Satellite Link endpoints provide a connection over a secure tunnel directly to private service endpoints.
Inside a Satellite location, this private access can be accomplished by using a Satellite Link endpoint to map a TCP port on the control plane hosts to the IBM Cloud service private endpoint. The Link endpoint is a virtualized function that scales horizontally, is redundant and highly available, and spans all zones of your Satellite location.
Private service endpoints for IBM Cloud services should be used when you define cloud endpoints for your location.
Creating Satellite Link endpoints
- Create Satellite Link endpoints for the IBM Cloud services that you need to consume from your Satellite location. For more information, see Creating and managing link endpoints.
Cloud endpoints for your location use a TCP port on the control plane hosts. If the endpoint is supposed to be used by a component outside of your Red Hat OpenShift on IBM Cloud cluster deployed on your Satellite location, you need to allow network connectivity from the origin of that component to the port on the control plane.