VPC Architecture

Deploying this Partner Solution with default parameters builds the following Yellowbrick Cloud Data Warehouse Manager (CDWM) in the AWS Cloud.

The Yellowbrick Installer in AWS provides a range of options for VPC network setup, from fully public to fully private:

Fully private: Installation into an existing VPC on a private network that the customer provides, given a list of prerequisites. This option is recommended for customers with enterprise security concerns. The installation process does not touch the customer's environment but installs into it and integrates with the existing network configuration.
Fully public: Installation into a new VPC on a public network with internet access. The installation process builds everything from scratch.

You can also install Yellowbrick with some other security options, including use of your own S3 bucket for Yellowbrick data storage.

The following architecture diagram shows a private network installation in a hub-and-spoke environment, where the Yellowbrick software is deployed into a spoke VPC with its own private subnets. Should the necessity arise for the private installation to be entirely offline, we kindly request that you reach out to Yellowbrick customer support for assistance.

The following architecture diagram shows a public network installation, with internet access.

As shown here, the Partner Solution sets up the following:

A highly available architecture that spans multiple availability zones (AZs).
A VPC configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS.

In the public subnets: Managed network address translation (NAT) gateways to allow outbound internet access for resources in the private subnets.

An Application Load Balancer attached to the public subnets. The load balancer directs traffic to the Cloud Data Warehouse Manager pod(s) configured as a Kubernetes ingress.
One or more Network Load Balancer(s) attached to the public subnets. Each load balancer directs traffic to each Cloud Data Warehouse instance configured as a Kubernetes service.

In the private subnets: In the first (preferred) Availability Zone, a primary Amazon EKS node with application pods in an Auto Scaling group.

Three Amazon Elastic Block Storage (Amazon EBS) volumes for Cloud Data Warehouse Manager (CDWM).
Two Amazon Elastic Block Storage (Amazon EBS) volumes for each Data Warehouse instance’s block storage.
A private and encrypted Amazon Simple Storage Service (Amazon S3) bucket for each Data Warehouse instance’s object storage.
Amazon EKS for the cluster to run Cloud Data Warehouse Manager (CDWM) and Cloud Data Warehouse instances as containerized applications.

Parent topic:AWS VPC Deployment Guide for Yellowbrick

Preparing for a New Installation

VPC Upgrade

Preparing for a New Installation

Data Warehouse Instances

Configuring SSL/TLS for Tools and Drivers

Secure Connections for ODBC/JDBC Clients and ybsql

Running a Bulk Load

Loading Tables from Parquet Files

ybload Command

Bulk Load Examples

Loading from Amazon S3

Loading from Azure Blob Storage

Setting Up the ybrelay Service

Setting up and Running a Spark Job

Creating WLM Resource Pools

Creating WLM Rules

Rule Examples

DECIMAL

Data Type Casting

SQL String Constants

CREATE EXTERNAL FORMAT

CREATE TABLE

GRANT

SELECT

GROUP BY Clause

Subqueries

SHOW

SQL Conditions

String Functions

ENCRYPT_KS

Pattern Matching

SQL Operators and Pattern Matching Functions

Regular Expression Details

Datetime Functions

Mathematical Functions

Aggregate Functions

Window Functions

Conditional Expressions

Formatting Functions

Type-Safe Casting Functions

JSON Functions

System Functions

Network Address Functions

VPC Architecture ​

VPC Architecture