quick start · the eip of the ecs to test that the ecs can be accessed from the internet. ensure...

Virtual Private Cloud

Quick Start

Issue 20

Date 2020-04-15

HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2020. All rights reserved.

No part of this document may be reproduced or transmitted in any form or by any means without priorwritten consent of Huawei Technologies Co., Ltd. Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.All other trademarks and trade names mentioned in this document are the property of their respectiveholders. NoticeThe purchased products, services and features are stipulated by the contract made between Huawei andthe customer. All or part of the products, services and features described in this document may not bewithin the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,information, and recommendations in this document are provided "AS IS" without warranties, guaranteesor representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in thepreparation of this document to ensure accuracy of the contents, but all statements, information, andrecommendations in this document do not constitute a warranty of any kind, express or implied.

Issue 20 (2020-04-15) Copyright © Huawei Technologies Co., Ltd. i

Contents

1 Setting Up an IPv4 Network................................................................................................. 1

Virtual Private CloudQuick Start Contents

Issue 20 (2020-04-15) Copyright © Huawei Technologies Co., Ltd. ii

1 Setting Up an IPv4 Network

This topic describes how to create a VPC with an IPv4 CIDR block and bind an EIPaddress to an ECS in the VPC to allow the ECS to access the Internet. Figure 1-1shows the configuration procedure.

Figure 1-1 Setting up an IPv4 network

Step 1: Create a VPC

Before creating your VPCs, determine how many VPCs, the number of subnets,and what IP address ranges you will need. For details, see Network Planning.

In the instructions presented here, our sample VPC is named vpc-test and itsdefault subnet called subnet-01.

1. Log in to the management console.

2. Under Network, click Virtual Private Cloud.

3. Click Create VPC.

Virtual Private CloudQuick Start 1 Setting Up an IPv4 Network

Issue 20 (2020-04-15) Copyright © Huawei Technologies Co., Ltd. 1

https://support.huaweicloud.com/intl/en-us/usermanual-vpc/vpc_0001.html

4. Set the VPC and subnet parameters.

Figure 1-2 Creating a VPC and subnet

Table 1-1 VPC parameter description

Parameter Description Example Value

Region Specifies the desired region.Regions are geographic areasthat are physically isolatedfrom each other. The networksinside different regions are notconnected to each other, soresources cannot be sharedacross different regions. Forlower network latency andfaster access to your resources,select the region nearest you.

AP-Hong Kong

Name Specifies the VPC name. vpc-test




CIDR Block Specifies the Classless Inter-Domain Routing (CIDR) blockof the VPC. The CIDR block ofa subnet can be the same asthe CIDR block for the VPC(for a single subnet in theVPC) or a subset (for multiplesubnets in the VPC).The following CIDR blocks aresupported:10.0.0.0/8–24172.16.0.0/12–24192.168.0.0/16–24

192.168.0.0/16

EnterpriseProject

When creating a VPC, you canadd the VPC to an enabledenterprise project.An enterprise projectfacilitates project-levelmanagement and grouping ofcloud resources and users. Thename of the default project isdefault.For details about creating andmanaging enterprise projects,see the EnterpriseManagement User Guide.

default

Tag Specifies the VPC tag, whichconsists of a key and valuepair. You can add a maximumof ten tags to each VPC.The tag key and value mustmeet the requirements listedin Table 1-3.

● Key: vpc_key1● Value: vpc-01

Table 1-2 Subnet parameter description


Name Specifies the subnet name. subnet-01

CIDR Block Specifies the CIDR block forthe subnet. This value must bewithin the VPC CIDR block.

192.168.0.0/24



https://support.huaweicloud.com/intl/en-us/usermanual-em/en-us_topic_0131965280.html



AdvancedSettings

Two options are available,Default and Custom. You canset Advanced Settings toCustom to configure advancedsubnet parameters.

Default

Gateway Specifies the gateway addressof the subnet.

192.168.0.1

DNS ServerAddress

By default, there are two DNSserver addresses configured(including two private DNSserver addresses or one privateDNS server address and onepublic DNS server address. Aprivate DNS server addresstakes precedence over a publicDNS server address). In thisway, services in the VPC canaccess cloud services throughthe private DNS serveraddress, reducing the latency.If you want to use other publicDNS servers for resolution, youcan change the default DNSserver addresses.

100.125.x.x

Tag Specifies the subnet tag, whichconsists of a key and valuepair. You can add a maximumof ten tags to each subnet.The tag key and value mustmeet the requirements listedin Table 1-4.

● Key: subnet_key1● Value: subnet-01

Table 1-3 VPC tag key and value requirements

Parameter Requirements ExampleValue

Key ● Cannot be left blank.● Must be unique for the same VPC and can be

the same for different VPCs.● Can contain a maximum of 36 characters.● Can contain letters, digits, underscores (_),

hyphens (-), and Chinese characters.

vpc_key1



Parameter Requirements ExampleValue

Value ● Can contain a maximum of 43 characters.● Can contain letters, digits, underscores (_),

periods (.), and hyphens (-).

vpc-01

Table 1-4 Subnet tag key and value requirements

Parameter Requirements Example Value

Key ● Cannot be left blank.● Must be unique for each subnet.● Can contain a maximum of 36

characters.● Can contain letters, digits,

underscores (_), hyphens (-), andChinese characters.

subnet_key1

Value ● Can contain a maximum of 43characters.

● Can contain letters, digits,underscores (_), periods (.), andhyphens (-).

subnet-01

During VPC creation, a default subnet will be created. You can also click AddSubnet to create more subnets for the VPC. In this example, only one subnetis created.You can set Advanced Settings to Custom to configure advanced subnetparameters. In this example, Advanced Settings is set to Custom.

5. Click Create Now.

Step 2: Buy an ECSOn the management console, under Computing, click Elastic Cloud Server, andthen click Buy ECS.

Configure the network as follows:

Figure 1-3 Network configuration



● Network: Select the created VPC vpc-test and subnet subnet-01.● Security Group: Select the default security group Sys-default. Table 1-5

describes the default rules for a default security group. You can also create asecurity group and add rules to the security group.

Table 1-5 Default security group rules

Direction

Protocol

Port/Range

Source/Destination Description

Outbound

All All Destination: 0.0.0.0/0 Allow all outbound traffic.

Inbound

All All Source: ID of thecurrent security group(for example, sg-xxxxx)

Allow communication amongECSs within the security groupand deny all inbound traffic(incoming data packets).

Inbound

TCP 22 Source: 0.0.0.0/0 Allow all IP addresses to accessLinux ECSs over SSH.

Inbound

TCP 3389

Source: 0.0.0.0/0 Allow all IP addresses to accessWindows ECSs over RDP.

● EIP: Select Not required.

Step 3: Buy an EIP and Bind It to an ECSThe EIP service provides independent public IP addresses and bandwidth forInternet access. You can buy an EIP and bind it to an ECS to allow the ECS toaccess the Internet.

If you already have an EIP that has not been bound to an ECS, you can directlybind the EIP to the ECS.

Buying an EIP

1. Log in to the management console.2. On the console homepage, under Network, click Virtual Private Cloud.3. In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.4. Click Buy EIP.5. Set parameters as prompted.



Figure 1-4 Buying an EIP

Table 1-6 Parameter description


Billing Mode The following billing modes areavailable:● Yearly/Monthly● Pay-per-use

Pay-per-use

Region Specifies the desired region.Regions are geographic areasthat are physically isolated fromeach other. The networks insidedifferent regions are notconnected to each other, soresources cannot be sharedacross different regions. For lownetwork latency and quickresource access, select thenearest region.

AP-Hong Kong

EIP Type Dynamic BGP: When changesoccur on a network usingdynamic BGP, routing protocolsprovide automatic, real-timeoptimization of networkconfigurations, ensuringnetwork stability and improvinguser experience.

Dynamic BGP




Bandwidth Type The following bandwidth typesare available:● Dedicated: The bandwidth

can be used by only one EIP.● Shared: The bandwidth can

be allocated to multiple EIPs.These EIPs can share thebandwidth.

Dedicated

Billed By Specifies whether the billing isby bandwidth size or by traffic.

Bandwidth

Bandwidth Specifies the bandwidth size inMbit/s.

5

Bandwidth Name Specifies the name of thebandwidth.

bandwidth-test

Required Duration You must specify the requiredduration if Billing Mode is setto Yearly/Monthly.

1 month

Quantity Specifies the number of EIPs tobe assigned.You can set the number of EIPsto be assigned only whenBilling Mode is set to Pay-per-use.

1

Tag Specifies the EIP tag thatconsists of a key and value pair.The tag key and value mustmeet the requirements listed inTable 1-7.

● Key:Ipv4_key1

● Value:192.168.12.10

Enterprise Project When assigning an EIP, you canadd the EIP to an enabledenterprise project.An enterprise project facilitatesproject-level management andgrouping of cloud resources andusers. The name of the defaultproject is default.For details about creating andmanaging enterprise projects,see the EnterpriseManagement User Guide.

default





Table 1-7 EIP tag requirements

Parameter Requirement Example Value

Key ● Cannot be left blank.● Must be unique for each EIP.● Can contain a maximum of 36

characters.● Can contain letters, digits,

underscores (_), and hyphens (-).

Ipv4_key1

Value ● Can contain a maximum of 43characters.

● Can contain letters, digits,underscores (_), periods (.), andhyphens (-).

192.168.12.10

6. Click Buy Now.

Binding an EIP

1. In the EIP list, locate the target EIP and click Bind.

Figure 1-5 Bind

2. Select an ECS.

Figure 1-6 Bind EIP



3. Click OK.

Verifying the Result

If an EIP was successfully bound to an ECS, you can access the ECS from theInternet. You can use SSH or RDP to connect to the ECS through the EIP, or pingthe EIP of the ECS to test that the ECS can be accessed from the Internet.

Ensure that the security group of the ECS allows the ICMP traffic (ping) and the accessfrom specific ports, such as port 22 (SSH) and port 3389 (RDP).



quick start · the eip of the ecs to test that the ecs can be accessed from the internet. ensure...

Documents