¶ About Virtual Private Cloud
A Virtual Private Cloud (VPC) is a private, isolated section within a cloud environment like our IaaS Cloud. It allows you to create a virtual network topology that mimics a traditional physical network. Within a VPC, you can launch instances with private IP addresses in a specified range and you can also define network tiers within the VPC, grouping similar instances based on IP address ranges. A single virtual router manages all isolated networks within the VPC, facilitating network control and traffic management. This setup enables you to implement ACL rules to control internet traffic between the isolated networks, providing enhanced security and organization.
¶ Creating a Virtual Private Cloud
To create a new VPC, follow these steps:
1. Navigate to Network → VPC on the left navigation bar.
2. Click on Add VPC in the top row:
3. Specify the following parameters:
- Name of the VPC.
- Short Description text of the VPC.
- Zone of the VPC.
- CIDR of the VPC.
- Custom DNS suffix for the Network domain.
- Appropriate VPC offering from the drop down menu.
Creates either a default VPC with a single router or a redundant VPC, both including the following services: DHCP, Network ACL, port forwarding, Source NAT, Static NAT, user data, DNS, load balancing, and VPN.
- Optionally, specify DNS 1 and DNS 2 to set a custom IPv4 for the VPC network. If left empty, the DNS specified for the zone will be used.
- Select whether the VPC should Start immediately, then click OK to create your VPC.
¶ Managing a Virtual Private Cloud
¶ Adding Network Tiers
Network tiers within a VPC are isolated networks, each with its own VLAN and CIDR range, where instances can be assigned to. These tiers do not have access to each other by default but can communicate via a virtual router. The virtual router serves as the gateway for each tier, providing inexpensive, low-latency network connectivity between the tiers within the VPC. This segmentation ensures that each tier acts as a distinct location within the VPC, enhancing security and organization.
To create a network tier for a VPC, follow these steps:
1. Navigate to Network → VPC on the left navigation bar.
2. Select a specific VPC from the list view.
3. Choose Networks in the right management block and click on Add new tier:
4. Specify the following parameters:
- Name of the network tier.
- Appropriate Network offering from the drop down menu.
- Gateway of the network tier.
The gateway must be within the range of the super CIDR of your VPC and must not overlap with any existing network tier.
- Network tier's Netmask.
- External ID of the network.
- Default ACL rule set.
5. Click on OK to add the new network tier.
¶ Configuring Network Access Control List
ACLs control incoming (ingress) and outgoing (egress) traffic between the associated network tier and external networks. If you are not satisfied with the default ACL rules, you can configure additional ones by following these steps:
1. Navigate to Network → VPC on the left navigation bar.
2. Select a specific VPC from the list view.
3. Choose Network ACL lists in the right management block and click on Add network ACL list:
4. Here, you have to specify the ACL List name and give a short Description for the new list.
5. Afterward, you can select the newly created ACL from the list view and navigate to ACL List Rules to Add ACL by specifying the following parameters:
- Evaluation order to the rule by assigning #Rule.
- Comma-separated CIDR list to accept traffic only from specific IP addresses.
- Fixed Action, which can be either allow or deny.
- Networking Protocol that sources use to send traffic to the tier.
- Start & End port for the incoming traffic.
- Traffic type, which can either be incoming(ingress) or outgoing(egress).
- Short Description for the ACL rule.
6. Click on OK to save the new rule to the ACL.
¶ Attaching Instances to a Virtual Private Cloud
To attach a new instance to a VPC, follow these steps:
1. Navigate to Network → VPC on the left navigation bar.
2. Select a specific VPC from the list view.
3. Choose Networks in the right management block.
4. Navigate to Instance and click on the Add instance button:
5. Follow the procedure for Creating a new Instance and the VM will automatically attach to the VPC.
¶ Remove a Virtual Private Cloud
To remove a VPC, follow these steps:
1. Navigate to Network → VPC on the left navigation bar.
2. Select a specific VPC from the list view.
3. Click on Remove VPC in the right top action toolbar:
4. Click on OK to confirm and remove the VPC.