Questionnaire: Deploying in a Dedicated Region

This questionnaire is specific to deployments of PubSub+ Cloud in Dedicated Regions. For questions related to deployments in Customer-Controlled Regions, see Questionnaire: Deploying in a Customer-Controlled Region.

Deploying PubSub+ Cloud can require planning and coordination across different teams. It's important that you plan and design your deployment to ensure the long-term success of your system. The following questions are designed to uncover the configuration information needed to create your event broker services properly. To help make your deployment go quickly and smoothly, carefully research and plan your decisions around these questions.

How Solace
Uses This Information

What cloud provider do you want to use?

Dedicated Region deployments of PubSub+ Cloud support the following implementations of Kubernetes:

  • Amazon Elastic Kubernetes Service (EKS)
  • Azure Kubernetes Service (AKS)
  • Google Kubernetes Engine (GKE)

The Kubernetes implementation and version you are using helps Solace to determine how to configure the Mission Control Agent.

If you have an existing Kubernetes cluster, you may want to use the same type of cluster, but there is no requirement to do so.

If you use a different implementation of Kubernetes, contact Solace to find out how we can support your deployment.

Deployment Architecture for Kubernetes

Mission Control Agent

Deployment Options for PubSub+ Cloud

In what region do you want to install PubSub+ Cloud event broker services?

To correctly install and configure your Dedicated Region deployment, Solace needs to know which cloud provider region (if applicable) to use.

Creating Event Broker Services

Will VPC peering be required?

Will a VPN be required?

In Dedicated Regions, Solace is responsible for configuring, monitoring, and resolving issues with VPC peering. You must provide Solace with the CIDR block range where the application is running.

Peering between Dedicated Regions and customer VPCs requires that the customer assist with configuration and provide Solace with the required access to the customer network. In this scenario, Solace is responsible for maintaining only the Public Region parts of the network.

In dedicated regions, Solace uses the network peering solutions listed below when configuring messaging connectivity:

VPN connectivity is not supported for Dedicated Regions.

This connectivity information is based on the deployment type. For Dedicated Region deployments, the deployment type is determined when you choose your cloud provider when you create an event broker service. For more information, see Choosing the Right Cloud Provider When Creating an Event Broker Service .

Connectivity Model for Kubernetes Deployments

Will clients be connecting to PubSub+ Cloud only from private IPs within your private network?

Will you have clients connecting to PubSub+ Cloud from the Internet?

If so, how will you provide the public external connectivity?

PubSub+ Cloud uses three kinds of Kubernetes services (specified by the ServiceType) to expose its TCP services externally:

  • LoadBalancer
  • NodePort
  • ClusterIP

The answers to these questions helps Solace determine which Kubernetes ServiceType is best suited for your use case, and if Dedicated Region region deployment is the right choice for your case.

Exposing Event Broker Services to External Traffic

Kubernetes Publishing Services (ServiceTypes)

Do you require a private connection to Solace's VPC/VNet?

If you require a private connection to Solace’s VPC/VNet, you must provide a properly sized CIDR. The CIDR must accommodate both your network plan and the amount of event broker services you want to deploy. You must ensure the CIDR does not overlap with any other networks that will peer with your event broker services. A properly sized CIDR ensures you can connect to your event broker services without encountering routing issues.

Consider the size of your cluster’s network carefully, as it is not possible to change its size after creation.

For EKS and AKS, use the Excel-based CIDR calculator

For GKE, see Networking in Installing PubSub+ Cloud in Google Kubernetes Engine (GKE)

Do you need to allowlist IP addresses for external connectivity?

Do you require Solace to use a proxy server for outgoing HTTPS traffic?

If so, what it the proxy server URL?

Do you have outbound connections that will need to be initiated by an event broker service to external hosts?

If your network blocks external traffic, you may choose to whitelist the PubSub+ Home Cloud's IP address. In this case, you must provide details (URL, username, and password) of the HTTP/HTTPS proxy server to Solace.

For outbound connections initiated by an event broker service to external hosts (e.g., REST Destination Points or RDPs), Solace recommends that connections from a virtual private network go through a NAT that's configured with a static IP address.

Answers to these questions help Solace determine how to configure the deployment's network requirements to meet your use case.

Connectivity Model for Kubernetes Deployments

Contact Information

You must provide a point of contact for each entry in the table below. Solace prefers a distribution list as the point of contact, though you can choose to provide individual contact details.

Contact Type Distribution List or Contact Details

Event broker service incidents or issues.


Event broker service upgrade notifications and scheduling.


Release and maintenance notifications.