Private Path architecture
A Private Path service provides private connectivity for IBM Cloud and third-party services. A Private Path service requires a Private Path network load balancer (NLB) to deploy a service on IBM Cloud and a Virtual Private Endpoint (VPE) gateway for consumers to connect to the service.
Figure 1 illustrates the steps required for a Private Path service to connect consumers to provider' services and applications:
- The provider creates a Private Path NLB.
- The provider creates a Private Path service and associates their service with the Private Path NLB.
- The consumer creates a VPE gateway that requests connectivity to the Private Path service.
- The provider approves the connectivity request and establishes the connection.
Private Path service components
The following list describes common components included in a Private Path service:
- VPE gateway
- Allows consumers to connect to a provider's service using the service's cloud resource name (CRN). To learn more, see About virtual private endpoint gateways.
- Private Path service
- Associates a provider's service with a Private Path NLB to manage incoming connectivity requests. To learn more, see About Private Path services.
- Private Path NLB
- Load balances traffic in a Private Path service, only receiving requests across the IBM Cloud network. To learn more, see About network load balancers.
- DNS Services
- Uses a private Domain Name System (DNS) to associate human friendly names with IP addresses. Private DNS zones are resolvable only on IBM Cloud, and only from explicitly permitted networks in an account. To learn more, see Getting started with IBM Cloud DNS Services.