.png)
Installation in Private Cloud
As an alternative to using on-premises servers, the MyQ Server can be installed and run on an Azure Virtual Machine, with a VPN tunnel connecting the physical network and Azure's virtual network, using site-to-site VPN via Amazon Web Service (AWS), or using a Google Compute Engine Instance in Google Cloud.
For an overview of MQ in the cloud, see MyQ in Cloud.
For more information about the cloud deployment, see Deployment in the Cloud.
Private Cloud Using Azure
Environment Requirements:
The minimum recommended virtual machine is B4ms, with a dedicated (non-system disk) standard HDD.
The recommended CPU, RAM and HDD resources are the same as a standard installation and can be found in system requirements.
VPN tunnel (100mbps line is recommended) connecting the physical network and Azure's virtual network where the MyQ Server is installed.
Outgoing communication on ports used by MyQ must be allowed on Azure's Network security group. See main communication ports for a full list.
The geolocation of the cloud server should be as physically close as possible.
The Ping answer from printers to the cloud server should be within 750 ms (max 1 second, can be adjusted in config.ini)
For more information about Azure - Extend an on-premises network using VPN, see:
Once you set up the Azure virtual environment, follow the Installation instructions to install MyQ.
A VPN tunnel connecting the physical network and Azure's virtual network is also required when using Microsoft Universal Print. Thanks to this VPN tunnel, there is no need for a VPN connection from the client’s side to the MyQ Server.
Private Cloud Using Amazon
Environment Requirements
Amazon EC2 Instance: MyQ Server(s) can be installed on an AWS EC2 instance. The instance should meet the standard system requirements for MyQ X installations, which include sufficient CPU, RAM, and storage. Refer to the MyQ X Documentation for detailed system requirements.
AWS VPC Setup: Create an AWS Virtual Private Cloud (VPC) with necessary resources like subnets, route tables, and gateways. Follow the procedure outlined in the AWS VPC guide.
Site-to-Site VPN: A site-to-site VPN tunnel is mandatory to connect your on-premises network with the AWS VPC. This VPN allows MyQ X to access resources on the local network. The setup process involves creating a customer gateway, a virtual private gateway, and configuring routing and security groups on AWS. Detailed steps can be found in the AWS Site-to-Site VPN documentation.
When connecting your AWS VPC to your on-premises network via a site-to-site VPN connection it is assumed that the target on-premises network has resources like a DNS server, a DHCP server, a network switch, or router, an internet gateway, a physical or virtual firewall, etc. Other resources like a domain, a domain controller, a file server, an SMTP server, etc. are optional.
Getting started with AWS Site-to-site VPN
For details, refer to the AWS guide.
Create a Customer Gateway: Represent your on-premises network’s VPN device in AWS. This involves entering the static IP address of the device and selecting appropriate routing options. Follow the steps in the AWS Customer Gateway guide.
Create a Virtual Private Gateway: This is the VPN gateway on the AWS side. After creation, attach it to your VPC. Instructions are detailed in the AWS Virtual Private Gateway guide.
Configure Routing: Update your VPC’s route table to direct traffic through the VPN connection to your on-premises network. Refer to the AWS Route Table Configuration.
Update Security Groups: Modify the security group associated with your EC2 instance to allow necessary inbound and outbound traffic. See the AWS Security Group guide for details.
Create the VPN Connection: Establish the VPN connection between your AWS VPC and your on-premises network by configuring the necessary tunnels. Detailed instructions can be found here.
Download Configuration File: Download the configuration file provided by AWS to set up your customer gateway device.
Configure Your Customer Gateway Device: Follow the instructions in the configuration file to complete the VPN setup on your on-premises gateway device.
Private Cloud Using Google Cloud
Environment Requirements
Google Compute Engine Instance: MyQ Server can be installed on a Google Cloud Compute Engine virtual machine. The instance must meet the standard system requirements for MyQ X installations, including sufficient CPU, RAM, and storage. For detailed information, refer to the Compute Engine Overview.
Site-to-Site VPN: A site-to-site VPN tunnel is required to securely connect the on-premises network to the Google Cloud Virtual Private Cloud (VPC). This ensures encrypted communication using IPsec. For more details, see the Cloud VPN Overview.
VPC Network: A custom or default VPC network is needed to host the MyQ server. The VPC enables connectivity between resources like subnets and gateways within Google Cloud. Learn more in the VPC Networks Documentation.
Latency Considerations: Select a region close to the on-premises network to minimize latency. All resources should ideally be in the same region.
Setup Steps
Create a Project:
Organize resources by creating a new project or using an existing one in Google Cloud. For instructions, visit the Google Cloud Console.
Set Up a VPC Network:
Create a custom VPC with subnets and appropriate IP ranges not overlapping with the on-premises network. For guidance, see the Quickstart: Create and Manage VPC Networks.
Configure VPN:
Use Classic VPN or HA VPN to establish IPsec tunnels between the on-premises network and the VPC.
Configure IKEv2 with pre-shared keys and set up routing options (e.g., route-based or policy-based). Refer to Classic VPN Topologies or HA VPN Topologies for details.
Create a Compute Engine VM Instance:
Select machine specifications based on MyQ system requirements (e.g., 8 vCPUs, 8 GB RAM). Additional storage for MyQ data should be separate from the OS disk for better performance and resiliency. Learn more from the Compute Engine Documentation.
Network Configuration:
Assign internal IP addresses from the VPC subnet range.
External IP addresses are optional but can be used temporarily for internet access during setup.
Once the environment is set up, follow MyQ installation instructions to deploy the server on the VM.