Cloud Network Requirements
Incredibuild requires communication between all machines in your Incredibuild environment, as well as some communication with Incredibuild Cloud's management services.
-
Make sure you meet the system requirements depending on the version of Incredibuild you are using:
-
There must be direct communication between the machines that host your Incredibuild Initiator Agents and the machines that host your Incredibuild Cloud Helper Agents.
-
There must be direct communication between the machine that hosts your Incredibuild Coordinator and the machines that host your Incredibuild Cloud Agents.
-
The machine that hosts your Incredibuild Coordinator and the machines that host your Incredibuild Cloud Helper Agents must have communication with the Incredibuild Cloud gateway https://cloudapi.incredibuild.com. If you do not want your machines to have direct access to the internet, you can configure AWS Private Link before onboarding instead. For details, see below.
-
The machines that host your Incredibuild Cloud Helper Agents must have communication with https://devicstorage.blob.core.windows.net. This is used to deploy new Incredibuild Cloud Helper Agents on demand.
-
To perform onboarding or edit settings, you must have access to https://cloud.incredibuild.com through a modern web browser.
-
If you plan to use your own security group, you need to open additional ports. For details, see Using your own Security Group.
Using AWS Private Link
Limited Availability Feature: This feature is only available to select customers upon request to support@incredibuild.com. It is only supported when using Incredibuild for Linux.
You can configure an AWS Private Link to access Incredibuild's cloud service without allowing your cloud resources to access the internet. This must be done before onboarding to the cloud.
-
Create a VPC in your AWS account in your target region.
-
If your target region was not Ireland, create an additional VPC in the Ireland region and peer this VPC with the one your created in step 1.
-
Create a VPC Endpoint in Ireland. For service category, select AWS services, and then Amazon API Gateway.
-
Create another VPC Endpoint in your target region. For service category, select AWS services, and then Amazon S3. Make sure this is assigned to your subnet on the target VPC.
-
Set security group rules to allow traffic between the two VPCs.
-
If your target region is Ireland, skip this step. It establishes communication between your peered VPCs.
-
In the VPC in your target region set the following route: 0.0.0.0/0 > to the peered Ireland VPC.
-
In the Ireland VPC, set the following route: target region VPC CIDR > to the peered target region VPC
-
-
Make sure you add the ec2:DescribeVpcEndpoints permission when creating a role during Incredibuild onboarding.
-
Begin the standard Setup process, enter your Endpoint in the Settings > Network area.