DOC-1743 Document feature Private Networking Phase 1 #453
Conversation
✅ Deploy Preview for rp-cloud ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
|
Important Review skippedAuto incremental reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the 📝 WalkthroughWalkthroughThis PR adds documentation for Serverless private networking support on AWS. It introduces new navigation entries under the Serverless subsection, creates documentation pages for configuring AWS PrivateLink with the Cloud API, updates the cluster overview to indicate Serverless now supports private networking, and adds a January 2026 changelog entry. Additionally, it updates references from "Networks page" to "Networking page" across multiple networking documentation files and replaces the "Metrics endpoints" feature with "Ability to export metrics to third-party monitoring systems" in the Serverless cluster documentation. Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested reviewers
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Comment |
micheleRP
force-pushed
the
DOC-1743-Document-feature-Private-Networking-Phase-1
branch
from
a404c31 to
7bb176b
Compare
micheleRP
force-pushed
the
DOC-1743-Document-feature-Private-Networking-Phase-1
branch
from
4cedd95 to
8875289
Compare
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Fix all issues with AI agents
In `@modules/get-started/pages/cluster-types/serverless.adoc`:
- Line 96: The docs contradict each other about metrics export: update
modules/get-started/pages/cluster-types/serverless.adoc by removing or moving
the bullet "Ability to export metrics to a third-party monitoring system" out of
the "Unsupported features" list and instead include it under the
supported/features or capabilities section (or add a note that Serverless now
supports exporting metrics) so it aligns with the announcement in
modules/get-started/pages/whats-new-cloud.adoc; ensure the wording matches the
What's New statement about the January 2026 GA release and keep the exact phrase
so cross-references remain clear.
In `@modules/networking/pages/serverless/aws/privatelink.adoc`:
- Around line 1-2: The file privatelink.adoc currently contains only a title and
description with no setup instructions; add full AWS PrivateLink documentation
or convert it to a placeholder index page. Either (A) add sections similar to
transit-gateway.adoc/vpc-peering-aws.adoc: prerequisites, required IAM
permissions, Cloud API resource names and examples, step-by-step configuration
commands, endpoint service and VPC endpoint setup, testing/verification steps,
and usage notes/FAQ; or (B) replace the body with a clear placeholder section
indicating the page is intentionally empty and linking to related Serverless AWS
pages (e.g., transit-gateway.adoc, vpc-peering-aws.adoc) and a TODO to add
detailed PrivateLink configuration later. Include explicit examples and resource
identifiers in the content you add (API call examples, CLI snippets, and sample
YAML/JSON), so reviewers can validate correctness.
In `@modules/ROOT/nav.adoc`:
- Around line 29-31: Update the incorrect navigation xref in
modules/ROOT/nav.adoc: replace the reference
xref:networking:byoc/aws/index.adoc[AWS] with
xref:networking:serverless/aws/index.adoc[AWS] so the "Serverless" section
points to the correct serverless/aws index; ensure the third-level entry that
currently reads xref:networking:serverless/aws/privatelink.adoc[...] remains
unchanged.
🧹 Nitpick comments (1)
modules/networking/pages/serverless/aws/index.adoc (1)
1-3: Consider adding introductory content for the index page.While index pages with
page-layout: indexcan be minimal, adding a brief introduction would help users understand what private networking options are available for Serverless clusters on AWS and provide context before they navigate to child pages.For example, a paragraph explaining AWS PrivateLink support, its benefits, and linking to configuration steps would improve the user experience.
📜 Review details
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Jira integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (10)
modules/ROOT/nav.adocmodules/get-started/pages/cloud-overview.adocmodules/get-started/pages/cluster-types/serverless.adocmodules/get-started/pages/whats-new-cloud.adocmodules/networking/pages/dedicated/aws/vpc-peering.adocmodules/networking/pages/dedicated/gcp/vpc-peering-gcp.adocmodules/networking/pages/serverless/aws/index.adocmodules/networking/pages/serverless/aws/privatelink.adocmodules/networking/pages/serverless/index.adocmodules/networking/partials/vnet-peering.adoc
🧰 Additional context used
🧠 Learnings (6)
📓 Common learnings
Learnt from: micheleRP
Repo: redpanda-data/cloud-docs PR: 377
File: modules/networking/pages/dedicated/gcp/configure-psc-in-ui.adoc:35-71
Timestamp: 2025-08-07T16:36:45.111Z
Learning: In Redpanda Cloud documentation, NAT subnet and firewall rule creation commands for GCP Private Service Connect are producer-side infrastructure steps that only BYOC (Bring Your Own Cloud) customers need to perform, since they manage their own VPC. Dedicated cluster customers don't need these steps because Redpanda manages the infrastructure for them. The ifdef::env-byoc[] guard correctly hides these commands from Dedicated users.
📚 Learning: 2025-08-07T16:36:45.111Z
Learnt from: micheleRP
Repo: redpanda-data/cloud-docs PR: 377
File: modules/networking/pages/dedicated/gcp/configure-psc-in-ui.adoc:35-71
Timestamp: 2025-08-07T16:36:45.111Z
Learning: In Redpanda Cloud documentation, NAT subnet and firewall rule creation commands for GCP Private Service Connect are producer-side infrastructure steps that only BYOC (Bring Your Own Cloud) customers need to perform, since they manage their own VPC. Dedicated cluster customers don't need these steps because Redpanda manages the infrastructure for them. The ifdef::env-byoc[] guard correctly hides these commands from Dedicated users.
Applied to files:
modules/networking/pages/dedicated/gcp/vpc-peering-gcp.adocmodules/get-started/pages/whats-new-cloud.adocmodules/networking/partials/vnet-peering.adocmodules/get-started/pages/cloud-overview.adocmodules/networking/pages/dedicated/aws/vpc-peering.adoc
📚 Learning: 2025-07-21T21:53:37.731Z
Learnt from: micheleRP
Repo: redpanda-data/cloud-docs PR: 361
File: modules/networking/pages/cloud-security-network.adoc:193-196
Timestamp: 2025-07-21T21:53:37.731Z
Learning: In Redpanda Cloud documentation, field names and labels should match exactly what appears in the UI, even if the terminology might seem technically inconsistent. For example, the NAT gateway IP address field is labeled "Internet gateway" in the UI, so documentation should use "Internet gateway" to help users locate the correct field.
Applied to files:
modules/networking/pages/dedicated/gcp/vpc-peering-gcp.adoc
📚 Learning: 2025-07-21T21:52:17.061Z
Learnt from: micheleRP
Repo: redpanda-data/cloud-docs PR: 361
File: modules/networking/pages/cloud-security-network.adoc:176-179
Timestamp: 2025-07-21T21:52:17.061Z
Learning: In Redpanda Cloud documentation, BYOVPC and BYOVNet are different product names for different cloud providers: BYOVPC is used for AWS and GCP, while BYOVNet is used for Azure. When documentation sections cover multiple cloud providers, the combined notation "BYOVPC/BYOVNet" is correct and should not be changed to use only one term.
Applied to files:
modules/networking/pages/dedicated/gcp/vpc-peering-gcp.adocmodules/ROOT/nav.adoc
📚 Learning: 2025-04-25T01:41:57.162Z
Learnt from: micheleRP
Repo: redpanda-data/cloud-docs PR: 267
File: modules/manage/pages/maintenance.adoc:91-92
Timestamp: 2025-04-25T01:41:57.162Z
Learning: The notification timeline for Redpanda Cloud deprecations has been deliberately removed from the documentation, even though the PR summary mentioned a 180-day advance notice period.
Applied to files:
modules/get-started/pages/whats-new-cloud.adoc
📚 Learning: 2025-04-25T01:42:09.318Z
Learnt from: micheleRP
Repo: redpanda-data/cloud-docs PR: 267
File: modules/manage/pages/maintenance.adoc:63-64
Timestamp: 2025-04-25T01:42:09.318Z
Learning: The timeline for major upgrade notifications (180 days in advance) was intentionally removed from the Redpanda Cloud maintenance documentation, even though it was mentioned in the PR objectives.
Applied to files:
modules/get-started/pages/whats-new-cloud.adoc
🔇 Additional comments (9)
modules/get-started/pages/cloud-overview.adoc (1)
62-62: LGTM! Private networking correctly enabled for Serverless.The update accurately reflects that Serverless clusters now support private networking via AWS PrivateLink, which aligns with the PR objectives for documenting Private Networking Phase 1.
modules/networking/pages/dedicated/gcp/vpc-peering-gcp.adoc (1)
24-24: LGTM! UI reference updated for consistency.The navigation reference correctly reflects the current UI terminology by changing "Networks page" to "Networking page."
modules/networking/partials/vnet-peering.adoc (1)
30-30: LGTM! UI reference updated for consistency.The navigation reference correctly uses "Networking page" to match the current UI and align with similar updates across other networking documentation files.
modules/networking/pages/dedicated/aws/vpc-peering.adoc (2)
25-25: LGTM! Terminology update aligns with current UI.The change from "Networks page" to "Networking page" correctly reflects the current UI terminology.
40-46: LGTM! Helpful clarifications added.The additions provide clearer guidance on the peering connection acceptance process, including the expected status and route table configuration steps.
modules/networking/pages/serverless/index.adoc (1)
1-3: LGTM! Clean index page for the new Serverless networking section.The index page follows standard documentation conventions and appropriately introduces the AWS PrivateLink configuration topic.
modules/get-started/pages/cluster-types/serverless.adoc (2)
53-56: LGTM! Clear documentation of AWS PrivateLink support.The added text effectively explains private networking capabilities for Serverless clusters on AWS, including the billing implications and management options.
57-57: LGTM! Helpful step addition.The explicit "Click Create cluster" step improves the clarity of the cluster creation workflow.
modules/get-started/pages/whats-new-cloud.adoc (1)
9-13: Verify consistency with Serverless feature documentation.The announcement states that the GA release includes "the ability to view and export metrics from Serverless clusters to third-party monitoring systems", but modules/get-started/pages/cluster-types/serverless.adoc (line 96) still lists this as an unsupported feature. Please ensure both documents accurately reflect the current feature availability.
✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.
|
|
||
| After you have enabled PrivateLink for your cluster, your connection URLs are available in the *How to Connect* section of the cluster overview in the Redpanda Cloud Console. | ||
|
|
||
| include::networking:partial$private-links-access-rp-services-through-vpc.adoc[] |
There was a problem hiding this comment.
Same comments on this page as I made in the UI doc
|
|
||
| == Test the connection | ||
|
|
||
| You can test the PrivateLink connection from any VM or container in the consumer VPC. If configuring a client isn't possible right away, you can do these checks using `rpk` or cURL: |
There was a problem hiding this comment.
Somewhere we should probably talk about rpk cloud cluster select and how it will prompt you to select public or private if both are enabled.
| { | ||
| "serverless_cluster": { | ||
| "name": "<my-private-link-cluster>", | ||
| "resource_group_id": "$RESOURCE_GROUP_ID", | ||
| "serverless_region": "$SERVERLESS_REGION", | ||
| "aws_private_link": { | ||
| "enabled": true, | ||
| "connect_console": true, | ||
| "allowed_principals": ["<principal_1>","<principal_2>"] | ||
| } | ||
| } | ||
| } |
There was a problem hiding this comment.
| { | |
| "serverless_cluster": { | |
| "name": "<my-private-link-cluster>", | |
| "resource_group_id": "$RESOURCE_GROUP_ID", | |
| "serverless_region": "$SERVERLESS_REGION", | |
| "aws_private_link": { | |
| "enabled": true, | |
| "connect_console": true, | |
| "allowed_principals": ["<principal_1>","<principal_2>"] | |
| } | |
| } | |
| } | |
| { | |
| "serverless_cluster": { | |
| "name": "<my-private-link-cluster>", | |
| "resource_group_id": "$RESOURCE_GROUP_ID", | |
| "serverless_region": "$SERVERLESS_REGION", | |
| "private_link_id": "$SERVERLESS_PRIVATE_LINK_ID", | |
| "networking_config": { | |
| "private": "STATE_ENABLED", | |
| "public": "STATE_ENABLED" | |
| } | |
| } | |
| } |
Valid values for private/public are: STATE_ENABLED, STATE_DISABLED, or they can be omitted. One must be enabled. If none are provided public is treated as STATE_ENABLED.
# Conflicts: # modules/get-started/pages/cluster-types/serverless.adoc
Linux build servers are case-sensitive, so the xref paths in nav.adoc need to match the actual file paths exactly. Co-Authored-By: Claude Opus 4.5 <[email protected]>
# Conflicts: # modules/get-started/pages/whats-new-cloud.adoc
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
Co-authored-by: Sarah Haskins <[email protected]>
micheleRP
force-pushed
the
DOC-1743-Document-feature-Private-Networking-Phase-1
branch
from
2a55940 to
7267ea0
Compare
Description
This pull request introduces several important updates to the Redpanda Cloud documentation, focusing on the general availability (GA) of Serverless on AWS, the addition of private networking support for Serverless clusters, and a terminology update to refer to the "Cloud Console" instead of the "Cloud UI."
Key changes include:
Serverless on AWS: General Availability and Feature Updates
Documentation and Navigation Improvements
Clarifications and Corrections
These updates ensure that users have accurate, up-to-date guidance on deploying and managing Serverless clusters, especially with respect to private networking and the transition to the new Cloud Console interface.
Resolves https://redpandadata.atlassian.net/browse/DOC-1743, https://redpandadata.atlassian.net/browse/DOC-1508
Review deadline:
Page previews
Checks