Qin Ying, Fan
62b5636b2d
Reviewed-by: Kucerak, Kristian <kristian.kucerak@t-systems.com> Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com> Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
5.4 KiB
Overview
If your ECSs do not require Internet access or need to access the Internet using IP addresses on the default network (100.64.0.0/11) with limited bandwidth (for example, the ECSs functioning as the database nodes or server nodes for deploying a website), you can follow the procedure shown in Figure 1 to configure a VPC for the ECSs.
Table 1 describes the different tasks in the procedure for configuring the network.
Task |
Description |
|---|---|
Create a VPC. |
This task is mandatory. After the VPC is created, you can create other required network resources in the VPC based on your service requirements. |
Create another subnet for the VPC. |
This task is optional. If the default subnet cannot meet your requirements, you can create one. The new subnet is used to assign IP addresses to NICs added to the ECS. |
Create a security group. |
This task is mandatory. You can create a security group and add ECSs in the VPC to the security group to improve ECS access security. After a security group is created, it has a default rule, which allows all outgoing data packets. ECSs in a security group can access each other without the need to add rules. |
Add a security group rule. |
This task is optional. If the default rule meets your service requirements, you do not need to add rules to the security group. |