Private Path service architecture

Private Path service architectural diagram

The following diagram illustrates the steps required for a Private Path service to connect Consumer and Provider services:

1. Provider creates the Private Path Network Load Balancer.
2. Provider creates a Private Path service resource and associates their service with the Private Path Network Load Balancer.
3. Consumer creates VPE Gateway that requests connectivity to the Private Path Service.
4. Provider approves the connectivity request, and connection is established.

Private Path service components

The following list describes common components included in a Private Path service:

Virtual Private Endpoint Gateway

Allows consumers to connect to a provider's service over a Private Path. To learn more, see About virtual private endpoint gateways.

Private Path service

Associates a provider's service with a Private Path network load balancer and to manage incoming connectivity requests. To learn more, see About Private Path services.

Private Path network load balancer

Load balances traffic in a Private Path. Only receives requests across the IBM Cloud network. To learn more, see About network load balancers.

Transit Gateway

Connects VPCs within your network to enable them to share and access resources. To learn more, see Accessing VPEs from an on-prem network using Direct Link or from another VPC using Transit Gateway.

Direct Link

Directly connects to your IBM Cloud infrastructure without crossing over public internet and access your VPE Gateways for IBM Cloud Services. To learn more, see Accessing VPEs from an on-prem network using Direct Link or from another VPC using Transit Gateway.

Private DNS

Use a Private Domain Name System (DNS) to associate human friendly names with IP addresses. Private DNS zones are resolvable only on IBM Cloud, and only from explicitly permitted networks in an account. To learn more, see Getting started with IBM Cloud DNS Services.