sgode/virtual-private-cloud
1
0
Fork 0
forked from docs/virtual-private-cloud
Code Pull Requests Activity

Changes to vpc_umn from docs/doc-exports#1154 (VPC UMN 20240422 version

Browse Source 
For det

Reviewed-by: Sarda, Priya <prsarda@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: proposalbot <proposalbot@otc-service.com>
Co-committed-by: proposalbot <proposalbot@otc-service.com>
This commit is contained in:
proposalbot 2024-05-06 10:47:17 +00:00 committed by zuul
parent a0502ad2b6
commit c3793100a7
58 changed files with 1625 additions and 1553 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
umn/source/_static/images/en-us_image_0000001818823258.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 16 KiB

BIN
umn/source/_static/images/en-us_image_0000001818983038.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 19 KiB

BIN
umn/source/_static/images/en-us_image_0000001865582789.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB

BIN
umn/source/_static/images/en-us_image_0000001865582793.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

BIN
umn/source/_static/images/en-us_image_0000001865662813.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.4 KiB

BIN
umn/source/_static/images/en-us_image_0000001865674836.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 79 KiB

BIN
umn/source/_static/images/en-us_image_0000001865684752.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 29 KiB

BIN
umn/source/_static/images/en-us_image_0000001865828728.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 86 KiB

BIN
umn/source/_static/images/en-us_image_0000001865833004.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 80 KiB

BIN
umn/source/_static/images/en-us_image_0000001865837676.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 93 KiB

BIN
umn/source/_static/images/en-us_image_0000001865884494.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 96 KiB

BIN
umn/source/_static/images/en-us_image_0000001865898552.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 143 KiB

BIN
umn/source/_static/images/en-us_image_0000001866046474.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 12 KiB

BIN
umn/source/_static/images/en-us_image_0000001866063864.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 64 KiB

BIN
umn/source/_static/images/en-us_image_0000001911771617.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 64 KiB

BIN
umn/source/_static/images/en-us_image_0000001911842313.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

BIN
umn/source/_static/images/en-us_image_0000001911849797.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 125 KiB

BIN
umn/source/_static/images/en-us_image_0000001911853289.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 32 KiB

6
umn/source/access_control/firewall/managing_firewalls/viewing_a_firewall.rst
View File

@ -27,5 +27,11 @@ Procedure
6. On the displayed page, click the **Inbound Rules**, **Outbound Rules**, and **Associated Subnets** tabs one by one to view details about inbound rules, outbound rules, and subnet associations. 6. On the displayed page, click the **Inbound Rules**, **Outbound Rules**, and **Associated Subnets** tabs one by one to view details about inbound rules, outbound rules, and subnet associations.
.. figure:: /_static/images/en-us_image_0000001865684752.png
:alt: **Figure 1** Viewing a firewall
**Figure 1** Viewing a firewall
.. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image1| image:: /_static/images/en-us_image_0000001818982734.png
.. |image2| image:: /_static/images/en-us_image_0000001865662773.png .. |image2| image:: /_static/images/en-us_image_0000001865662773.png

75
umn/source/access_control/security_group/managing_a_security_group/creating_a_security_group.rst
View File

File diff suppressed because it is too large Load Diff

6
umn/source/access_control/security_group/managing_instances_associated_with_a_security_group/viewing_the_security_group_of_an_ecs.rst
View File

@ -29,5 +29,11 @@ Procedure
You can view the security groups associated with the ECS and the inbound and outbound rules. You can view the security groups associated with the ECS and the inbound and outbound rules.
.. figure:: /_static/images/en-us_image_0000001911842313.png
:alt: **Figure 1** View the security group of an ECS
**Figure 1** View the security group of an ECS
.. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image1| image:: /_static/images/en-us_image_0000001818982734.png
.. |image2| image:: /_static/images/en-us_image_0000001818982866.png .. |image2| image:: /_static/images/en-us_image_0000001818982866.png

36
umn/source/access_control/security_group/managing_security_group_rules/adding_a_security_group_rule.rst
View File

@ -71,21 +71,21 @@ Procedure
.. table:: **Table 1** Inbound rule parameter description .. table:: **Table 1** Inbound rule parameter description
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+====================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+
| Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP |
| | | | | | | |
| | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Type | Source IP address version. You can select: | IPv4 | | Type | Source IP address version. You can select: | IPv4 |
| | | | | | | |
| | - IPv4 | | | | - IPv4 | |
| | - IPv6 | | | | - IPv6 | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Source | Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example: | 0.0.0.0/0 | | Source | Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. | 0.0.0.0/0 |
| | | | | | | |
| | - IP address: | | | | - IP address: | |
| | | | | | | |
@ -93,14 +93,14 @@ Procedure
| | - All IP addresses: 0.0.0.0/0 | | | | - All IP addresses: 0.0.0.0/0 | |
| | - IP address range: 192.168.1.0/24 | | | | - IP address range: 192.168.1.0/24 | |
| | | | | | | |
| | - **Security group**: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with **Action** set to **Allow** and **Source** set to security group B, access from instance B is allowed to instance A. | | | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | |
| | | | | | | |
| | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. Click **OK**. #. Click **OK**.
@ -122,21 +122,21 @@ Procedure
.. table:: **Table 2** Outbound rule parameter description .. table:: **Table 2** Outbound rule parameter description
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+============================================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+
| Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP |
| | | | | | | |
| | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Type | Source IP address version. You can select: | IPv4 | | Type | Source IP address version. You can select: | IPv4 |
| | | | | | | |
| | - IPv4 | | | | - IPv4 | |
| | - IPv6 | | | | - IPv6 | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example: | 0.0.0.0/0 | | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. | 0.0.0.0/0 |
| | | | | | | |
| | - IP address: | | | | - IP address: | |
| | | | | | | |
@ -144,12 +144,12 @@ Procedure
| | - All IP addresses: 0.0.0.0/0 | | | | - All IP addresses: 0.0.0.0/0 | |
| | - IP address range: 192.168.1.0/24 | | | | - IP address range: 192.168.1.0/24 | |
| | | | | | | |
| | - **Security group**: The destination is from another security group. You can select a security group in the same region under the current account from the drop-down list. For example, instance A is in security group A and instance B is in security group B. If security group A has an outbound rule with **Action** set to **Allow** and **Destination** set to security group B, access from instance A is allowed to instance B. | | | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. Click **OK**. #. Click **OK**.

5
umn/source/access_control/security_group/managing_security_group_rules/deleting_a_security_group_rule.rst
View File

@ -13,10 +13,7 @@ If your security group rule is no longer required, you can delete it.
Notes and Constraints Notes and Constraints
--------------------- ---------------------
Security group rules use whitelists. Deleting a security group rule may result in ECS access failures. Security group rules work as follows: Security group rules use whitelists. Deleting a security group rule may result in ECS access failures.
- Inbound rule: If an inbound request matches the source in an inbound security group rule with **Action** set to **Allow**, the request is allowed.
- Outbound rule: If the destination of an outbound security group rule with **Action** set to **Allow** is 0.0.0.0/0, all outbound requests are allowed.
Procedure Procedure
--------- ---------

30
umn/source/access_control/security_group/managing_security_group_rules/fast-adding_security_group_rules.rst
View File

@ -43,34 +43,33 @@ Procedure
.. table:: **Table 1** Inbound rule parameter description .. table:: **Table 1** Inbound rule parameter description
+-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+====================================================================================================================================================================================================+=======================+ +=======================+==============================================================================================================================================================================+=======================+
| Protocols and Ports | Common protocols and ports are provided for: | SSH (22) | | Protocols and Ports | Common protocols and ports are provided for: | SSH (22) |
| | | | | | | |
| | - Remote login and ping | | | | - Remote login and ping | |
| | - Web services | | | | - Web services | |
| | - Databases | | | | - Databases | |
+-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Type | Source IP address version. You can select: | IPv4 | | Type | Source IP address version. You can select: | IPv4 |
| | | | | | | |
| | - IPv4 | | | | - IPv4 | |
| | - IPv6 | | | | - IPv6 | |
+-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Source | Source of the security group rule. The value can be an IP address, an IP address group, or a security group to allow access from IP addresses or instances in the security group. You can specify: | 0.0.0.0/0 | | Source | Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. You can specify: | 0.0.0.0/0 |
| | | | | | | |
| | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | |
| | - xxx.xxx.xxx.0/24 (IPv4 address range) | | | | - xxx.xxx.xxx.0/24 (IPv4 address range) | |
| | - 0.0.0.0/0 (all IPv4 addresses) | | | | - 0.0.0.0/0 (all IPv4 addresses) | |
| | - sg-abc (security group) | | | | - sg-abc (security group) | |
| | - IP address group: ipGroup-test | |
| | | | | | | |
| | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | |
+-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | (Optional) Supplementary information about the security group rule. | ``-`` | | Description | (Optional) Supplementary information about the security group rule. | ``-`` |
| | | | | | | |
| | The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
8. Click **OK**. 8. Click **OK**.
@ -90,32 +89,31 @@ Procedure
.. table:: **Table 2** Outbound rule parameter description .. table:: **Table 2** Outbound rule parameter description
+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+=======================================================================================================================================================================================================+=======================+ +=======================+=================================================================================================================================================================================+=======================+
| Protocols and Ports | Common protocols and ports are provided for: | SSH (22) | | Protocols and Ports | Common protocols and ports are provided for: | SSH (22) |
| | | | | | | |
| | - Remote login and ping | | | | - Remote login and ping | |
| | - Web services | | | | - Web services | |
| | - Databases | | | | - Databases | |
+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Type | Source IP address version. You can select: | IPv4 | | Type | Source IP address version. You can select: | IPv4 |
| | | | | | | |
| | - IPv4 | | | | - IPv4 | |
| | - IPv6 | | | | - IPv6 | |
+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | Destination of the security group rule. The value can be an IP address, an IP address group, or a security group to allow access to IP addresses or instances in the security group. You can specify: | 0.0.0.0/0 | | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. You can specify: | 0.0.0.0/0 |
| | | | | | | |
| | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | |
| | - xxx.xxx.xxx.0/24 (IPv4 address range) | | | | - xxx.xxx.xxx.0/24 (IPv4 address range) | |
| | - 0.0.0.0/0 (all IPv4 addresses) | | | | - 0.0.0.0/0 (all IPv4 addresses) | |
| | - sg-abc (security group) | | | | - sg-abc (security group) | |
| | - IP address group: ipGroup-test | | +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | (Optional) Supplementary information about the security group rule. | ``-`` | | Description | (Optional) Supplementary information about the security group rule. | ``-`` |
| | | | | | | |
| | The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
11. Click **OK**. 11. Click **OK**.

27
umn/source/access_control/security_group/managing_security_group_rules/importing_and_exporting_security_group_rules.rst
View File

@ -19,6 +19,8 @@ Notes and Constraints
- The security group rules to be imported must be configured based on the template. Do not add parameters or change existing parameters. Otherwise, the import will fail. - The security group rules to be imported must be configured based on the template. Do not add parameters or change existing parameters. Otherwise, the import will fail.
- Duplicate rules are not allowed, you can delete the rule and try again. - Duplicate rules are not allowed, you can delete the rule and try again.
- If you want to import rules of the security group in one region to another under one account, only rules with both **Source** and **Destination** set to **IP address** can be applied.
- If you want to import rules of the security group in one account to the security group in another account, only rules with both **Source** and **Destination** set to **IP address** can be applied.
Procedure Procedure
--------- ---------
@ -51,26 +53,26 @@ Procedure
.. table:: **Table 1** Template parameters .. table:: **Table 1** Template parameters
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+====================================================================================================================================================================================================================================================================================================================================================================================================================+====================================+ +=======================+===============================================================================================================================================================================================================================================================================================================================================================+====================================+
| Direction | The direction in which the security group rule takes effect. | Inbound | | Direction | The direction in which the security group rule takes effect. | Inbound |
| | | | | | | |
| | - **Inbound**: Inbound rules control incoming traffic to instances in the security group. | | | | - **Inbound**: Inbound rules control incoming traffic to instances in the security group. | |
| | - **Outbound**: Outbound rules control outgoing traffic from instances in the security group. | | | | - **Outbound**: Outbound rules control outgoing traffic from instances in the security group. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+
| Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP |
| | | | | | | |
| | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+
| | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+
| Type | Source IP address version. You can select: | IPv4 | | Type | Source IP address version. You can select: | IPv4 |
| | | | | | | |
| | - IPv4 | | | | - IPv4 | |
| | - IPv6 | | | | - IPv6 | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+
| Source | Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example: | sg-test[96a8a93f-XXX-d7872990c314] | | Source | Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. | sg-test[96a8a93f-XXX-d7872990c314] |
| | | | | | | |
| | - IP address: | | | | - IP address: | |
| | | | | | | |
@ -78,15 +80,14 @@ Procedure
| | - All IP addresses: 0.0.0.0/0 | | | | - All IP addresses: 0.0.0.0/0 | |
| | - IP address range: 192.168.1.0/24 | | | | - IP address range: 192.168.1.0/24 | |
| | | | | | | |
| | - **Security group**: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with **Action** set to **Allow** and **Source** set to security group B, access from instance B is allowed to instance A. | | | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | |
| | - **IP address group**: The source is an IP address group. An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way. | | +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. | sg-test[96a8a93f-XXX-d7872990c314] |
| Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example: | sg-test[96a8a93f-XXX-d7872990c314] | +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+
| Description | (Optional) Supplementary information about the security group rule. | ``-`` | | Description | (Optional) Supplementary information about the security group rule. | ``-`` |
| | | | | | | |
| | The route description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The route description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+
.. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image1| image:: /_static/images/en-us_image_0000001818982734.png
.. |image2| image:: /_static/images/en-us_image_0000001865582585.png .. |image2| image:: /_static/images/en-us_image_0000001865582585.png

43
umn/source/access_control/security_group/security_groups_and_security_group_rules.rst
View File

@ -26,7 +26,7 @@ Security Group Basics
.. important:: .. important::
After a persistent connection is disconnected, new connections will not be established immediately until the timeout period of connection tracking expires. For example, after an ICMP persistent connection is disconnected, a new connection will be established and a new rule will apply when the timeout period (30s) expires. After a persistent connection is disconnected, new connections will not be established immediately until the timeout period of connection tracking expires. For example, after an ICMP persistent connection is disconnected, a new connection will be established and a new rule will be applied when the timeout period (30s) expires.
- The timeout period of connection tracking varies by protocol. The timeout period of a TCP connection in the established state is 600s, and that of an ICMP connection is 30s. For other protocols, if packets are received in both inbound and outbound directions, the connection tracking timeout period is 180s. If packets are received only in one direction, the connection tracking timeout period is 30s. - The timeout period of connection tracking varies by protocol. The timeout period of a TCP connection in the established state is 600s, and that of an ICMP connection is 30s. For other protocols, if packets are received in both inbound and outbound directions, the connection tracking timeout period is 180s. If packets are received only in one direction, the connection tracking timeout period is 30s.
- The timeout period of TCP connections varies by connection status. The timeout period of a TCP connection in the established state is 600s, and that of a TCP connection in the FIN-WAIT state is 30s. - The timeout period of TCP connections varies by connection status. The timeout period of a TCP connection in the established state is 600s, and that of a TCP connection in the FIN-WAIT state is 30s.
@ -40,16 +40,16 @@ A security group has inbound and outbound rules to control traffic that's allowe
.. table:: **Table 1** Security group rule information .. table:: **Table 1** Security group rule information
+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Parameter | Description | | Parameter | Description |
+===================================+=====================================================================================================================================================================================================================================+ +===================================+========================================================================================================================================================================================================================+
| Protocol | The network protocol used to match traffic in a security group rule. Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | Protocol | The network protocol used to match traffic in a security group rule. Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. |
+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Port | Destination port used to match traffic in a security group rule. The value can be from 1 to 65535. | | Port | Destination port used to match traffic in a security group rule. The value can be from 1 to 65535. |
| | | | | |
| | - Inbound rules control incoming traffic over specific ports to instances in the security group. | | | - Inbound rules control incoming traffic over specific ports to instances in the security group. |
| | - Outbound rules control outgoing traffic over specific ports from instances in the security group. | | | - Outbound rules control outgoing traffic over specific ports from instances in the security group. |
+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Source (Inbound) | The source in an inbound rule is used to match the IP address or address range of an external request. The source can be: | | Source (Inbound) | The source in an inbound rule is used to match the IP address or address range of an external request. The source can be: |
| | | | | |
| | - IP address: | | | - IP address: |
@ -62,9 +62,7 @@ A security group has inbound and outbound rules to control traffic that's allowe
| | - Security group: You can select another security group in the same region under the current account as the source. | | | - Security group: You can select another security group in the same region under the current account as the source. |
| | | | | |
| | For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with **Source** set to security group B, access from instance B is allowed to instance A. | | | For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with **Source** set to security group B, access from instance B is allowed to instance A. |
| | | +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | - IP address group: If you have multiple IP address ranges and IP addresses with same security requirements, add them to an IP address group and select the group as the source to help you manage them in a more simple way. |
+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Destination (Outbound) | The destination in an outbound rule is used to match the IP address or address range of an internal request. The destination can be: | | Destination (Outbound) | The destination in an outbound rule is used to match the IP address or address range of an internal request. The destination can be: |
| | | | | |
| | - IP address: | | | - IP address: |
@ -77,9 +75,7 @@ A security group has inbound and outbound rules to control traffic that's allowe
| | - Security group: You can select another security group in the same region under the current account as the destination. | | | - Security group: You can select another security group in the same region under the current account as the destination. |
| | | | | |
| | For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with **Destination** set to security group B, access from instance A is allowed to instance B. | | | For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with **Destination** set to security group B, access from instance A is allowed to instance B. |
| | | +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| | - IP address group: If you have multiple IP address ranges and IP addresses with same security requirements, add them to an IP address group and select the group as the destination to help you manage them in a more simple way. |
+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Like whitelists, security group rules work as follows: Like whitelists, security group rules work as follows:
@ -130,6 +126,31 @@ Like whitelists, security group rules work as follows:
You can use :ref:`VPC peering connections <en-us_topic_0046655036>` to connect VPCs in different regions. You can use :ref:`VPC peering connections <en-us_topic_0046655036>` to connect VPCs in different regions.
Security Group Configuration Process
------------------------------------
.. figure:: /_static/images/en-us_image_0000001865662813.png
:alt: **Figure 1** Security group configuration process
**Figure 1** Security group configuration process
.. table:: **Table 3** Security group configuration process description
+-----------------+--------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+
| No. | Step | Description | Reference |
+=================+======================================+======================================================================================================================================================================================================================================================================+=================================================================================================+
| 1 | Create a security group. | When creating a security group, you can select a template, such **General-purpose web server** or **All ports open**. A template contains preset security group rules. For details, see :ref:`Security group templates <en-us_topic_0013748715__table117828131111>`. | :ref:`Creating a Security Group <en-us_topic_0013748715>` |
+-----------------+--------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+
| 2 | Configure security group rules. | After a security group is created, if its rules cannot meet your service requirements, you can add new rules to the security group or modify original rules. | :ref:`Adding a Security Group Rule <en-us_topic_0030969470>` |
| | | | |
| | | | :ref:`Fast-Adding Security Group Rules <securitygroup_0004>` |
+-----------------+--------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+
| 3 | Add instances to the security group. | When you create an instance, the system automatically adds the instance to a security group for protection. | :ref:`Adding an Instance to or Removing an Instance from a Security Group <securitygroup_0017>` |
| | | | |
| | | If one security group cannot meet your requirements, you can add an instance to multiple security groups. | |
+-----------------+--------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+
Security Group Constraints Security Group Constraints
-------------------------- --------------------------

226
umn/source/change_history.rst
View File

File diff suppressed because it is too large Load Diff

16
umn/source/elastic_ip/assigning_an_eip_and_binding_it_to_an_ecs.rst
View File

@ -81,9 +81,9 @@ Assigning an EIP
.. table:: **Table 2** EIP tag requirements .. table:: **Table 2** EIP tag requirements
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Parameter | Requirement | Example Value | | Parameter | Requirement | Example Value |
+=======================+=====================================================================+=======================+ +=======================+========================================================================+=======================+
| Key | - Cannot be left blank. | Ipv4_key1 | | Key | - Cannot be left blank. | Ipv4_key1 |
| | - The key value must be unique for the same EIP. | | | | - The key value must be unique for the same EIP. | |
| | - Can contain up to 36 characters. | | | | - Can contain up to 36 characters. | |
@ -92,16 +92,16 @@ Assigning an EIP
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Value | - Can contain up to 43 characters. | 3005eip | | Value | - Can contain up to 43 characters. | 3005eip |
| | - Can contain only the following character types: | | | | - Can contain only the following character types: | |
| | | | | | | |
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
#. Click **Create Now**. #. Click **Create Now**.
@ -122,7 +122,7 @@ Binding an EIP
#. Click **OK**. #. Click **OK**.
An IPv6 client on the Internet can access the ECS that has an EIP bound in a VPC. For details, see :ref:`How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? <vpc_faq_0076>` An IPv6 client on the internet can access the ECS that has an EIP bound in a VPC. For details, see `How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? <https://docs.otc.t-systems.com/virtual-private-cloud/umn/faq/connectivity/how_does_an_ipv6_client_on_the_internet_access_the_ecs_that_has_an_eip_bound_in_a_vpc.html#vpc-faq-0076>`__
Follow-Up Procedure Follow-Up Procedure
------------------- -------------------
@ -131,7 +131,7 @@ After an ECS with an EIP bound is created, the system generates a domain name in
You can use any of the following commands to obtain the domain name of an EIP: You can use any of the following commands to obtain the domain name of an EIP:
- ping -a *EIP* - ping -an *EIP*
- nslookup [-qt=ptr] *EIP* - nslookup [-qt=ptr] *EIP*
- dig -x *EIP* - dig -x *EIP*

12
umn/source/elastic_ip/managing_eip_tags.rst
View File

@ -16,9 +16,9 @@ A tag consists of a key and value pair. :ref:`Table 1 <en-us_topic_0068145818__t
.. table:: **Table 1** EIP tag requirements .. table:: **Table 1** EIP tag requirements
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Parameter | Requirement | Example Value | | Parameter | Requirement | Example Value |
+=======================+=====================================================================+=======================+ +=======================+========================================================================+=======================+
| Key | - Cannot be left blank. | Ipv4_key1 | | Key | - Cannot be left blank. | Ipv4_key1 |
| | - Must be unique for each EIP. | | | | - Must be unique for each EIP. | |
| | - Can contain a maximum of 36 characters. | | | | - Can contain a maximum of 36 characters. | |
@ -27,16 +27,16 @@ A tag consists of a key and value pair. :ref:`Table 1 <en-us_topic_0068145818__t
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Value | - Can contain a maximum of 43 characters. | 3005eip | | Value | - Can contain a maximum of 43 characters. | 3005eip |
| | - Can contain only the following character types: | | | | - Can contain only the following character types: | |
| | | | | | | |
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
Procedure Procedure
--------- ---------

8
umn/source/faq/routing/how_many_routes_can_a_route_table_contain.rst
View File

@ -1,8 +0,0 @@
:original_name: vpc_faq_0063.html
.. _vpc_faq_0063:
How Many Routes Can a Route Table Contain?
==========================================
Currently, a route table can contain 100 routes.

8
umn/source/faq/routing/how_many_routes_can_i_add_to_a_route_table.rst Normal file
View File

@ -0,0 +1,8 @@
:original_name: vpc_faq_0063.html
.. _vpc_faq_0063:
How Many Routes Can I Add to a Route Table?
===========================================
A maximum of 200 routes can be added to each route table.

4
umn/source/faq/routing/index.rst
View File

@ -5,7 +5,7 @@
Routing Routing
======= =======
- :ref:`How Many Routes Can a Route Table Contain? <vpc_faq_0063>` - :ref:`How Many Routes Can I Add to a Route Table? <vpc_faq_0063>`
- :ref:`Are There Any Restrictions on Using a Route Table? <vpc_faq_0064>` - :ref:`Are There Any Restrictions on Using a Route Table? <vpc_faq_0064>`
- :ref:`Do the Same Routing Priorities Apply to Direct Connect Connections and Custom Routes in the Same VPC? <vpc_faq_0066>` - :ref:`Do the Same Routing Priorities Apply to Direct Connect Connections and Custom Routes in the Same VPC? <vpc_faq_0066>`
- :ref:`Are There Different Routing Priorities of the VPN and Custom Routes in the Same VPC? <vpc_faq_00001>` - :ref:`Are There Different Routing Priorities of the VPN and Custom Routes in the Same VPC? <vpc_faq_00001>`
@ -14,7 +14,7 @@ Routing
:maxdepth: 1 :maxdepth: 1
:hidden: :hidden:
how_many_routes_can_a_route_table_contain how_many_routes_can_i_add_to_a_route_table
are_there_any_restrictions_on_using_a_route_table are_there_any_restrictions_on_using_a_route_table
do_the_same_routing_priorities_apply_to_direct_connect_connections_and_custom_routes_in_the_same_vpc do_the_same_routing_priorities_apply_to_direct_connect_connections_and_custom_routes_in_the_same_vpc
are_there_different_routing_priorities_of_the_vpn_and_custom_routes_in_the_same_vpc are_there_different_routing_priorities_of_the_vpn_and_custom_routes_in_the_same_vpc

135
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/index.rst
View File

File diff suppressed because it is too large Load Diff

22
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_1_create_a_vpc.rst
View File

@ -29,6 +29,12 @@ Procedure
A default subnet will be created together with a VPC and you can also click **Add Subnet** to create more subnets for the VPC. A default subnet will be created together with a VPC and you can also click **Add Subnet** to create more subnets for the VPC.
.. figure:: /_static/images/en-us_image_0000001865837676.png
:alt: **Figure 1** Create a VPC and subnet
**Figure 1** Create a VPC and subnet
.. table:: **Table 1** VPC parameter descriptions .. table:: **Table 1** VPC parameter descriptions
+-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
@ -108,7 +114,7 @@ Procedure
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | |
+-----------------------+------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Value | - Can contain a maximum of 43 characters. | vpc-01 | | Value | - Can contain a maximum of 43 characters. | vpc-01 |
| | - Can contain only the following character types: | | | | - Can contain only the following character types: | |
@ -116,16 +122,16 @@ Procedure
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | |
+-----------------------+------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
.. _vpc_qs_0009__en-us_topic_0013935842_table6536185812515: .. _vpc_qs_0009__en-us_topic_0013935842_table6536185812515:
.. table:: **Table 3** Subnet tag key and value requirements .. table:: **Table 3** Subnet tag key and value requirements
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Parameter | Requirements | Example Value | | Parameter | Requirements | Example Value |
+=======================+=====================================================================+=======================+ +=======================+========================================================================+=======================+
| Key | - Cannot be left blank. | subnet_key1 | | Key | - Cannot be left blank. | subnet_key1 |
| | - Must be unique for each subnet. | | | | - Must be unique for each subnet. | |
| | - Can contain a maximum of 36 characters. | | | | - Can contain a maximum of 36 characters. | |
@ -134,16 +140,16 @@ Procedure
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Value | - Can contain a maximum of 43 characters. | subnet-01 | | Value | - Can contain a maximum of 43 characters. | subnet-01 |
| | - Can contain only the following character types: | | | | - Can contain only the following character types: | |
| | | | | | | |
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
#. Click **Create Now**. #. Click **Create Now**.

12
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_2_create_a_subnet_for_the_vpc.rst
View File

@ -81,9 +81,9 @@ Procedure
.. table:: **Table 2** Subnet tag key and value requirements .. table:: **Table 2** Subnet tag key and value requirements
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Parameter | Requirements | Example Value | | Parameter | Requirements | Example Value |
+=======================+=====================================================================+=======================+ +=======================+========================================================================+=======================+
| Key | - Cannot be left blank. | subnet_key1 | | Key | - Cannot be left blank. | subnet_key1 |
| | - Must be unique for each subnet. | | | | - Must be unique for each subnet. | |
| | - Can contain a maximum of 36 characters. | | | | - Can contain a maximum of 36 characters. | |
@ -92,16 +92,16 @@ Procedure
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Value | - Can contain a maximum of 43 characters. | subnet-01 | | Value | - Can contain a maximum of 43 characters. | subnet-01 |
| | - Can contain only the following character types: | | | | - Can contain only the following character types: | |
| | | | | | | |
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
7. Click **OK**. 7. Click **OK**.

16
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_3_assign_an_eip_and_bind_it_to_an_ecs.rst
View File

@ -81,9 +81,9 @@ Assigning an EIP
.. table:: **Table 2** EIP tag requirements .. table:: **Table 2** EIP tag requirements
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Parameter | Requirement | Example Value | | Parameter | Requirement | Example Value |
+=======================+=====================================================================+=======================+ +=======================+========================================================================+=======================+
| Key | - Cannot be left blank. | Ipv4_key1 | | Key | - Cannot be left blank. | Ipv4_key1 |
| | - The key value must be unique for the same EIP. | | | | - The key value must be unique for the same EIP. | |
| | - Can contain up to 36 characters. | | | | - Can contain up to 36 characters. | |
@ -92,16 +92,16 @@ Assigning an EIP
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Value | - Can contain up to 43 characters. | 3005eip | | Value | - Can contain up to 43 characters. | 3005eip |
| | - Can contain only the following character types: | | | | - Can contain only the following character types: | |
| | | | | | | |
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
#. Click **Create Now**. #. Click **Create Now**.
@ -122,7 +122,7 @@ Binding an EIP
#. Click **OK**. #. Click **OK**.
An IPv6 client on the Internet can access the ECS that has an EIP bound in a VPC. For details, see :ref:`How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? <vpc_faq_0076>` An IPv6 client on the internet can access the ECS that has an EIP bound in a VPC. For details, see `How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? <https://docs.otc.t-systems.com/virtual-private-cloud/umn/faq/connectivity/how_does_an_ipv6_client_on_the_internet_access_the_ecs_that_has_an_eip_bound_in_a_vpc.html#vpc-faq-0076>`__
Follow-Up Procedure Follow-Up Procedure
------------------- -------------------
@ -131,7 +131,7 @@ After an ECS with an EIP bound is created, the system generates a domain name in
You can use any of the following commands to obtain the domain name of an EIP: You can use any of the following commands to obtain the domain name of an EIP:
- ping -a *EIP* - ping -an *EIP*
- nslookup [-qt=ptr] *EIP* - nslookup [-qt=ptr] *EIP*
- dig -x *EIP* - dig -x *EIP*

75
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_4_create_a_security_group.rst
View File

File diff suppressed because it is too large Load Diff

36
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_5_add_a_security_group_rule.rst
View File

@ -65,21 +65,21 @@ Procedure
.. table:: **Table 1** Inbound rule parameter description .. table:: **Table 1** Inbound rule parameter description
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+====================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+
| Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP |
| | | | | | | |
| | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Type | Source IP address version. You can select: | IPv4 | | Type | Source IP address version. You can select: | IPv4 |
| | | | | | | |
| | - IPv4 | | | | - IPv4 | |
| | - IPv6 | | | | - IPv6 | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Source | Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example: | 0.0.0.0/0 | | Source | Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. | 0.0.0.0/0 |
| | | | | | | |
| | - IP address: | | | | - IP address: | |
| | | | | | | |
@ -87,14 +87,14 @@ Procedure
| | - All IP addresses: 0.0.0.0/0 | | | | - All IP addresses: 0.0.0.0/0 | |
| | - IP address range: 192.168.1.0/24 | | | | - IP address range: 192.168.1.0/24 | |
| | | | | | | |
| | - **Security group**: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with **Action** set to **Allow** and **Source** set to security group B, access from instance B is allowed to instance A. | | | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | |
| | | | | | | |
| | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. Click **OK**. #. Click **OK**.
@ -116,21 +116,21 @@ Procedure
.. table:: **Table 2** Outbound rule parameter description .. table:: **Table 2** Outbound rule parameter description
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+============================================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+
| Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP |
| | | | | | | |
| | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Type | Source IP address version. You can select: | IPv4 | | Type | Source IP address version. You can select: | IPv4 |
| | | | | | | |
| | - IPv4 | | | | - IPv4 | |
| | - IPv6 | | | | - IPv6 | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example: | 0.0.0.0/0 | | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. | 0.0.0.0/0 |
| | | | | | | |
| | - IP address: | | | | - IP address: | |
| | | | | | | |
@ -138,12 +138,12 @@ Procedure
| | - All IP addresses: 0.0.0.0/0 | | | | - All IP addresses: 0.0.0.0/0 | |
| | - IP address range: 192.168.1.0/24 | | | | - IP address range: 192.168.1.0/24 | |
| | | | | | | |
| | - **Security group**: The destination is from another security group. You can select a security group in the same region under the current account from the drop-down list. For example, instance A is in security group A and instance B is in security group B. If security group A has an outbound rule with **Action** set to **Allow** and **Destination** set to security group B, access from instance A is allowed to instance B. | | | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. Click **OK**. #. Click **OK**.

22
umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_1_create_a_vpc.rst
View File

@ -29,6 +29,12 @@ Procedure
A default subnet will be created together with a VPC and you can also click **Add Subnet** to create more subnets for the VPC. A default subnet will be created together with a VPC and you can also click **Add Subnet** to create more subnets for the VPC.
.. figure:: /_static/images/en-us_image_0000001865837676.png
:alt: **Figure 1** Create a VPC and subnet
**Figure 1** Create a VPC and subnet
.. table:: **Table 1** VPC parameter descriptions .. table:: **Table 1** VPC parameter descriptions
+-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
@ -108,7 +114,7 @@ Procedure
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | |
+-----------------------+------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Value | - Can contain a maximum of 43 characters. | vpc-01 | | Value | - Can contain a maximum of 43 characters. | vpc-01 |
| | - Can contain only the following character types: | | | | - Can contain only the following character types: | |
@ -116,16 +122,16 @@ Procedure
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | |
+-----------------------+------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
.. _vpc_qs_0005__en-us_topic_0013935842_table6536185812515: .. _vpc_qs_0005__en-us_topic_0013935842_table6536185812515:
.. table:: **Table 3** Subnet tag key and value requirements .. table:: **Table 3** Subnet tag key and value requirements
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Parameter | Requirements | Example Value | | Parameter | Requirements | Example Value |
+=======================+=====================================================================+=======================+ +=======================+========================================================================+=======================+
| Key | - Cannot be left blank. | subnet_key1 | | Key | - Cannot be left blank. | subnet_key1 |
| | - Must be unique for each subnet. | | | | - Must be unique for each subnet. | |
| | - Can contain a maximum of 36 characters. | | | | - Can contain a maximum of 36 characters. | |
@ -134,16 +140,16 @@ Procedure
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Value | - Can contain a maximum of 43 characters. | subnet-01 | | Value | - Can contain a maximum of 43 characters. | subnet-01 |
| | - Can contain only the following character types: | | | | - Can contain only the following character types: | |
| | | | | | | |
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
#. Click **Create Now**. #. Click **Create Now**.

12
umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_2_create_a_subnet_for_the_vpc.rst
View File

@ -81,9 +81,9 @@ Procedure
.. table:: **Table 2** Subnet tag key and value requirements .. table:: **Table 2** Subnet tag key and value requirements
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Parameter | Requirements | Example Value | | Parameter | Requirements | Example Value |
+=======================+=====================================================================+=======================+ +=======================+========================================================================+=======================+
| Key | - Cannot be left blank. | subnet_key1 | | Key | - Cannot be left blank. | subnet_key1 |
| | - Must be unique for each subnet. | | | | - Must be unique for each subnet. | |
| | - Can contain a maximum of 36 characters. | | | | - Can contain a maximum of 36 characters. | |
@ -92,16 +92,16 @@ Procedure
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Value | - Can contain a maximum of 43 characters. | subnet-01 | | Value | - Can contain a maximum of 43 characters. | subnet-01 |
| | - Can contain only the following character types: | | | | - Can contain only the following character types: | |
| | | | | | | |
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
7. Click **OK**. 7. Click **OK**.

18
umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_3_create_a_security_group.rst
View File

@ -43,9 +43,9 @@ Procedure
.. table:: **Table 1** Parameter description .. table:: **Table 1** Parameter description
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+=======================================================================================================================================================================================================================================================================+============================+ +=======================+================================================================================================================================================================================================================================+============================+
| Name | Mandatory | sg-AB | | Name | Mandatory | sg-AB |
| | | | | | | |
| | Enter the security group name. | | | | Enter the security group name. | |
@ -55,27 +55,25 @@ Procedure
| | .. note:: | | | | .. note:: | |
| | | | | | | |
| | You can change the security group name after a security group is created. It is recommended that you give each security group a different name. | | | | You can change the security group name after a security group is created. It is recommended that you give each security group a different name. | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+
| Enterprise Project | Mandatory | default | | Enterprise Project | Mandatory | default |
| | | | | | | |
| | When creating a security group, you can add the security group to an enabled enterprise project. | | | | When creating a security group, you can add the security group to an enabled enterprise project. | |
| | | | | | | |
| | An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is **default**. | | | | An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is **default**. | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+
| Template | Mandatory | General-purpose web server | | Template | Mandatory | General-purpose web server |
| | | | | | | |
| | A template comes with default security group rules, helping you quickly create security groups. The following templates are provided: | | | | The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements. | |
| | | | | | | |
| | - **Custom**: This template allows you to create security groups with custom security group rules. | | | | :ref:`Table 1 <en-us_topic_0013748715__table117828131111>` describes the security group templates. | |
| | - **General-purpose web server** (default value): The security group that you create using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389. | | +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+
| | - **All ports open**: The security group that you create using this template includes default rules that allow inbound traffic on any port. Note that allowing inbound traffic on any port poses security risks. | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+
| Description | Optional | N/A | | Description | Optional | N/A |
| | | | | | | |
| | Supplementary information about the security group. This parameter is optional. | | | | Supplementary information about the security group. This parameter is optional. | |
| | | | | | | |
| | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+
#. Confirm the inbound and outbound rules of the template and click **OK**. #. Confirm the inbound and outbound rules of the template and click **OK**.

36
umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_4_add_a_security_group_rule.rst
View File

@ -65,21 +65,21 @@ Procedure
.. table:: **Table 1** Inbound rule parameter description .. table:: **Table 1** Inbound rule parameter description
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+====================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+
| Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP |
| | | | | | | |
| | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Type | Source IP address version. You can select: | IPv4 | | Type | Source IP address version. You can select: | IPv4 |
| | | | | | | |
| | - IPv4 | | | | - IPv4 | |
| | - IPv6 | | | | - IPv6 | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Source | Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example: | 0.0.0.0/0 | | Source | Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. | 0.0.0.0/0 |
| | | | | | | |
| | - IP address: | | | | - IP address: | |
| | | | | | | |
@ -87,14 +87,14 @@ Procedure
| | - All IP addresses: 0.0.0.0/0 | | | | - All IP addresses: 0.0.0.0/0 | |
| | - IP address range: 192.168.1.0/24 | | | | - IP address range: 192.168.1.0/24 | |
| | | | | | | |
| | - **Security group**: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with **Action** set to **Allow** and **Source** set to security group B, access from instance B is allowed to instance A. | | | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | |
| | | | | | | |
| | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. Click **OK**. #. Click **OK**.
@ -116,21 +116,21 @@ Procedure
.. table:: **Table 2** Outbound rule parameter description .. table:: **Table 2** Outbound rule parameter description
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+============================================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+
| Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP |
| | | | | | | |
| | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Type | Source IP address version. You can select: | IPv4 | | Type | Source IP address version. You can select: | IPv4 |
| | | | | | | |
| | - IPv4 | | | | - IPv4 | |
| | - IPv6 | | | | - IPv6 | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example: | 0.0.0.0/0 | | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. | 0.0.0.0/0 |
| | | | | | | |
| | - IP address: | | | | - IP address: | |
| | | | | | | |
@ -138,12 +138,12 @@ Procedure
| | - All IP addresses: 0.0.0.0/0 | | | | - All IP addresses: 0.0.0.0/0 | |
| | - IP address range: 192.168.1.0/24 | | | | - IP address range: 192.168.1.0/24 | |
| | | | | | | |
| | - **Security group**: The destination is from another security group. You can select a security group in the same region under the current account from the drop-down list. For example, instance A is in security group A and instance B is in security group B. If security group A has an outbound rule with **Action** set to **Allow** and **Destination** set to security group B, access from instance A is allowed to instance B. | | | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. Click **OK**. #. Click **OK**.

6
umn/source/monitoring/creating_an_alarm_rule.rst
View File

@ -23,6 +23,12 @@ Procedure
5. On the **Alarm Rules** page, click **Create Alarm Rule** and set required parameters, or modify an existing alarm rule. 5. On the **Alarm Rules** page, click **Create Alarm Rule** and set required parameters, or modify an existing alarm rule.
.. figure:: /_static/images/en-us_image_0000001865898552.png
:alt: **Figure 1** Create an alarm rule
**Figure 1** Create an alarm rule
6. After the parameters are set, click **Create**. 6. After the parameters are set, click **Create**.
After the alarm rule is created, the system automatically notifies you if an alarm is triggered for the VPC service. After the alarm rule is created, the system automatically notifies you if an alarm is triggered for the VPC service.

2
umn/source/route_tables/managing_route_tables/creating_a_custom_route_table.rst
View File

@ -31,7 +31,7 @@ Procedure
5. In the upper right corner, click **Create Route Table**. On the displayed page, configure parameters as prompted. 5. In the upper right corner, click **Create Route Table**. On the displayed page, configure parameters as prompted.
.. figure:: /_static/images/en-us_image_0000001818983038.png .. figure:: /_static/images/en-us_image_0000001865582789.png
:alt: **Figure 1** Create Route Table :alt: **Figure 1** Create Route Table
**Figure 1** Create Route Table **Figure 1** Create Route Table

13
umn/source/route_tables/managing_route_tables/viewing_route_table_information.rst
View File

@ -32,7 +32,20 @@ Procedure
The route table details page is displayed. The route table details page is displayed.
a. On the **Summary** tab page, view the basic information and routes of the route table. a. On the **Summary** tab page, view the basic information and routes of the route table.
.. figure:: /_static/images/en-us_image_0000001866063864.png
:alt: **Figure 1** View the basic information and routes of the route table
**Figure 1** View the basic information and routes of the route table
b. On the **Associated Subnets** tab page, view the subnets associated with the route table. b. On the **Associated Subnets** tab page, view the subnets associated with the route table.
.. figure:: /_static/images/en-us_image_0000001911853289.png
:alt: **Figure 2** View the subnets associated with the route table
**Figure 2** View the subnets associated with the route table
.. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image1| image:: /_static/images/en-us_image_0000001818982734.png
.. |image2| image:: /_static/images/en-us_image_0000001865582825.png .. |image2| image:: /_static/images/en-us_image_0000001865582825.png

12
umn/source/route_tables/managing_route_tables/viewing_the_route_table_associated_with_a_subnet.rst
View File

@ -31,9 +31,21 @@ Procedure
6. In the right of the subnet details page, view the route table associated with the subnet. 6. In the right of the subnet details page, view the route table associated with the subnet.
.. figure:: /_static/images/en-us_image_0000001911849797.png
:alt: **Figure 1** View the route table associated with a subnet
**Figure 1** View the route table associated with a subnet
7. Click the name of the route table. 7. Click the name of the route table.
The route table details page is displayed. You can further view the route information. The route table details page is displayed. You can further view the route information.
.. figure:: /_static/images/en-us_image_0000001911771617.png
:alt: **Figure 2** View the basic information and routes of the route table
**Figure 2** View the basic information and routes of the route table
.. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image1| image:: /_static/images/en-us_image_0000001818982734.png
.. |image2| image:: /_static/images/en-us_image_0000001865582701.png .. |image2| image:: /_static/images/en-us_image_0000001865582701.png

8
umn/source/route_tables/managing_routes/adding_a_custom_route.rst
View File

@ -35,7 +35,7 @@ Procedure
You can click **+** to add more routes. You can click **+** to add more routes.
.. figure:: /_static/images/en-us_image_0000001818823258.png .. figure:: /_static/images/en-us_image_0000001865582793.png
:alt: **Figure 1** Add Route :alt: **Figure 1** Add Route
**Figure 1** Add Route **Figure 1** Add Route
@ -45,6 +45,12 @@ Procedure
+-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+======================================================================================================================================================================+========================+ +=======================+======================================================================================================================================================================+========================+
| Destination Type | Mandatory | IP address |
| | | |
| | The destination can be: | |
| | | |
| | - IP address: single IP address or IP address range | |
+-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
| Destination | Mandatory | IPv4: 192.168.0.0/16 | | Destination | Mandatory | IPv4: 192.168.0.0/16 |
| | | | | | | |
| | Enter the destination of the route. You can enter a single IP address or an IP address range in CIDR notation. | | | | Enter the destination of the route. You can enter a single IP address or an IP address range in CIDR notation. | |

8
umn/source/route_tables/managing_routes/modifying_a_route.rst
View File

@ -40,7 +40,13 @@ Procedure
+-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Item | Description | Example Value | | Item | Description | Example Value |
+=======================+======================================================================================================================================================================+=======================+ +=======================+======================================================================================================================================================================+=======================+
| Destination | Mandatory | Pv4: 192.168.0.0/16 | | Destination Type | Mandatory | IP address |
| | | |
| | The destination can be: | |
| | | |
| | - **IP address**: Select this option if you want to enter an IP address or IP address range. | |
+-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | Mandatory | IPv4: 192.168.0.0/16 |
| | | | | | | |
| | Enter the destination of the route. You can enter a single IP address or an IP address range in CIDR notation. | | | | Enter the destination of the route. You can enter a single IP address or an IP address range in CIDR notation. | |
| | | | | | | |

6
umn/source/virtual_ip_address/assigning_a_virtual_ip_address.rst
View File

@ -27,6 +27,12 @@ Procedure
#. Click the **IP Addresses** tab and click **Assign Virtual IP Address**. #. Click the **IP Addresses** tab and click **Assign Virtual IP Address**.
.. figure:: /_static/images/en-us_image_0000001866046474.png
:alt: **Figure 1** Assign a virtual IP address
**Figure 1** Assign a virtual IP address
#. Select an IP address type. This parameter is available only in regions supporting IPv6. #. Select an IP address type. This parameter is available only in regions supporting IPv6.
- IPv4 - IPv4

12
umn/source/vpc_and_subnet/subnet/creating_a_subnet_for_the_vpc.rst
View File

@ -81,9 +81,9 @@ Procedure
.. table:: **Table 2** Subnet tag key and value requirements .. table:: **Table 2** Subnet tag key and value requirements
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Parameter | Requirements | Example Value | | Parameter | Requirements | Example Value |
+=======================+=====================================================================+=======================+ +=======================+========================================================================+=======================+
| Key | - Cannot be left blank. | subnet_key1 | | Key | - Cannot be left blank. | subnet_key1 |
| | - Must be unique for each subnet. | | | | - Must be unique for each subnet. | |
| | - Can contain a maximum of 36 characters. | | | | - Can contain a maximum of 36 characters. | |
@ -92,16 +92,16 @@ Procedure
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
| Value | - Can contain a maximum of 43 characters. | subnet-01 | | Value | - Can contain a maximum of 43 characters. | subnet-01 |
| | - Can contain only the following character types: | | | | - Can contain only the following character types: | |
| | | | | | | |
| | - Uppercase letters | | | | - Uppercase letters | |
| | - Lowercase letters | | | | - Lowercase letters | |
| | - Digits | | | | - Digits | |
| | - Special characters, including hyphens (-) and underscores (_) | | | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | |
+-----------------------+---------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------+-----------------------+
7. Click **OK**. 7. Click **OK**.

Some files were not shown because too many files have changed in this diff Show More