While Qovery is all you need to deploy and run your applications in AWS, you might have existing resources in another VPC that you want to access from your Qovery applications. This tutorial will show you how to set up VPC peering between the Qovery VPC and an existing one in your account.
Before you begin, this guide assumes the following:
- You have an existing AWS VPC with a resource you need to access, like an RDS database
- You have a Qovery cluster ready on your AWS account
To match this requirement, you can customize the Qovery VPC CIDR at cluster creation:
Goal
In this tutorial, we will connect an existing VPC on our AWS accounts with the VPC of a Qovery managed cluster. We should then be able to deploy an application using a PostgresSQL RDS instance in our existing VPC.
Gather the necessary information
Before we begin, you will need to gather some information. It is recommended that you keep this information at hand in a file for convenience.
At the end of this step 1, you should have those elements:
Name Content VPC source CIDR x.x.x.x/x VPC source name vpc-xxx VPC destination CIDR y.y.y.y/y VPC destination name vpc-yyy Keep in mind the following convention:
- Existing VPC: your current VPC infrastructure (not managed by Qovery)
- Qovery VPC: the VPC deployed and managed by Qovery
Your existing VPC ID
To get your existing VPC ID in your AWS console, go to:
VPC > Your VPCs, find the VPC you would like to use as a peering target, and copy its IDYou will be able to have those information:
Name Content VPC destination CIDR x.x.x.x/x VPC destination name vpc-xxx 
The Qovery VPC ID
You can use the same method to get the Qovery VPC ID. It should be named
qovery-eks-workers.You will be able to have those information:
Name Content VPC source CIDR x.x.x.x/x VPC source name vpc-xxx The CIDR ranges of both VPCs
Create a peering connection
A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them privately.
In the AWS console, go to
VPC > Peering connectionsand click onCreate peering connection- Give it a name
- As a requester, select your Qovery VPC
- As an accepter, select your existing VPC
- Click on
Create peering connection
Accept the peering request
Once created, the peering connection needs to be accepted. On the peering connection view, click on
ActionsthenAccept request
You should see your peering connection marked as
Active
Update existing VPC route table
In the AWS console of your Qovery VPC, go to
VPC > Route Tables. You can filter the list using the IDs you noted at step 1 to find the routing table for your existing VPC.For your existing VPC edit the route table:
Click on the
Edit routesbutton thenAdd route.
- As a destination, enter the CIDR of your Qovery VPC
- As a target, select the
Peering connectionyou created earlier
Click
Save changes.Update Qovery VPC route table
This part needs to be done through the Qovery console.
In the cluster settings, under the
Networktab, clickAdd Network
- As a destination, enter the CIDR of your existing VPC
- As a target, enter the ID of the peering connection you created earlier
- You can put anything you want as a description.
Update the security groups
Our two VPCs are now connected, but we still need to update the security groups to allow communication between the Qovery applications and your existing resources.
What rules to put on your security groups depends on what you are trying to achieve. In our case, we would like to access an RDS instance from our Qovery applications.
We will edit the RDS security group in our existing VPC to add an inbound rule allowing PostgreSQL traffic from our Qovery instances:
Deploy an application
You should now be able to deploy an application using the RDS PostgreSQL database on your Qovery cluster. Refer to this guide if you need help deploying an application on Qovery.
You can learn more about VPC peering on AWS here: https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html