sgode/virtual-private-cloud
1
0
Fork 0
forked from docs/virtual-private-cloud
Code Pull Requests Activity

Compare commits

merge into: sgode:main
Branches Tags
sgode:main
sgode:propose-vpc_best-practice-1110
sgode:propose-vpc_api-ref-1118
sgode:propose-vpc_umn-1154
sgode:propose-vpc_umn-1005
sgode:propose-vpc_api-ref-556
sgode:zuul-tox-update
sgode:update_config_pdf
sgode:propose-vpc_umn-976
sgode:propose-vpc_umn-989
sgode:minify_sphinx_gitea
sgode:minify_sphinx_internal
sgode:propose-vpc_umn-820
sgode:propose-vpc_best-practice-911
sgode:confpy
sgode:propose-vpc_best-practice-928
sgode:propose-vpc_umn-834
sgode:propose-vpc_api-ref-834
sgode:propose-vpc_umn-833
sgode:propose-vpc_api-ref-833
sgode:constraints
sgode:propose-vpc_umn-807
sgode:propose-vpc_umn-555
sgode:propose-vpc_umn-769
sgode:propose-vpc_api-ref-769
sgode:propose-vpc_umn-773
sgode:propose-vpc_api-ref-773
sgode:service_based_view
sgode:tox4-cleanup
sgode:tox4
sgode:propose-vpc_umn-553
sgode:propose-vpc_api-ref-553
sgode:x4
sgode:propose-vpc_umn-451
sgode:x2
sgode:propose-vpc_umn-425
sgode:confpy-2
sgode:propose-vpc_umn-385
sgode:propose-vpc_api-ref-371
sgode:propose-vpc_umn-373
sgode:propose-vpc_api-ref-373
sgode:propose-vpc_umn-371
sgode:propose-vpc_api-ref-328
sgode:propose-vpc_api-ref-278
sgode:propose-vpc_umn-276
sgode:propose-vpc_umn-192
sgode:propose-vpc_api-ref-192
sgode:propose-vpc_umn-184
sgode:propose-vpc_api-ref-184
sgode:gtema-patch-1
...
pull from: sgode:propose-vpc_umn-553
Branches Tags
sgode:propose-vpc_best-practice-1110
sgode:propose-vpc_api-ref-1118
sgode:main
sgode:propose-vpc_umn-1154
sgode:propose-vpc_umn-1005
sgode:propose-vpc_api-ref-556
sgode:zuul-tox-update
sgode:update_config_pdf
sgode:propose-vpc_umn-976
sgode:propose-vpc_umn-989
sgode:minify_sphinx_gitea
sgode:minify_sphinx_internal
sgode:propose-vpc_umn-820
sgode:propose-vpc_best-practice-911
sgode:confpy
sgode:propose-vpc_best-practice-928
sgode:propose-vpc_umn-834
sgode:propose-vpc_api-ref-834
sgode:propose-vpc_umn-833
sgode:propose-vpc_api-ref-833
sgode:constraints
sgode:propose-vpc_umn-807
sgode:propose-vpc_umn-555
sgode:propose-vpc_umn-769
sgode:propose-vpc_api-ref-769
sgode:propose-vpc_umn-773
sgode:propose-vpc_api-ref-773
sgode:service_based_view
sgode:tox4-cleanup
sgode:tox4
sgode:propose-vpc_umn-553
sgode:propose-vpc_api-ref-553
sgode:x4
sgode:propose-vpc_umn-451
sgode:x2
sgode:propose-vpc_umn-425
sgode:confpy-2
sgode:propose-vpc_umn-385
sgode:propose-vpc_api-ref-371
sgode:propose-vpc_umn-373
sgode:propose-vpc_api-ref-373
sgode:propose-vpc_umn-371
sgode:propose-vpc_api-ref-328
sgode:propose-vpc_api-ref-278
sgode:propose-vpc_umn-276
sgode:propose-vpc_umn-192
sgode:propose-vpc_api-ref-192
sgode:propose-vpc_umn-184
sgode:propose-vpc_api-ref-184
sgode:gtema-patch-1

1 Commits
main ... propose-vp

Author SHA1 Message Date
OpenTelekomCloud Proposal Bot
1065e838a4 Update content 2023-01-05 12:09:43 +00:00
133 changed files with 1452 additions and 1089 deletions
Show Stats Expand all files Collapse all files

600
umn/source/change_history.rst
View File

File diff suppressed because it is too large Load Diff

4
umn/source/faqs/bandwidth/what_are_the_differences_between_a_dedicated_bandwidth_and_a_shared_bandwidth_can_a_dedicated_bandwidth_be_changed_to_a_shared_bandwidth_or_the_other_way_around.rst
View File

@ -5,9 +5,9 @@
What Are the Differences Between a Dedicated Bandwidth and a Shared Bandwidth? Can a Dedicated Bandwidth Be Changed to a Shared Bandwidth or the Other Way Around? What Are the Differences Between a Dedicated Bandwidth and a Shared Bandwidth? Can a Dedicated Bandwidth Be Changed to a Shared Bandwidth or the Other Way Around?
================================================================================================================================================================== ==================================================================================================================================================================
Dedicated bandwidth: The bandwidth can only be used by one EIP and the EIP can only be used by one cloud resource, such as an ECS, a NAT gateway, or a load balancer. A dedicated bandwidth can only be used by one EIP. An EIP can only be used by one cloud resource, such as an ECS, a NAT gateway, or a load balancer.
Shared bandwidth: The bandwidth can be shared by multiple EIPs. Adding an EIP to or removing an EIP from a shared bandwidth does not affect your workloads. A shared bandwidth can be shared by multiple EIPs. Adding an EIP to or removing an EIP from a shared bandwidth does not affect your workloads.
A dedicated bandwidth cannot be changed to a shared bandwidth or the other way around. You can purchase a shared bandwidth for your EIPs. A dedicated bandwidth cannot be changed to a shared bandwidth or the other way around. You can purchase a shared bandwidth for your EIPs.

2
umn/source/faqs/bandwidth/what_is_the_bandwidth_size_range.rst
View File

@ -5,4 +5,4 @@
What Is the Bandwidth Size Range? What Is the Bandwidth Size Range?
================================= =================================
The bandwidth range is from 1 Mbit/s to 1,000 Mbit/s. The bandwidth range is from 5 Mbit/s to 1000 Mbit/s.

8
umn/source/faqs/connectivity/are_there_any_constraints_on_using_vpc_peering_connections.rst
View File

@ -13,17 +13,17 @@ Are There Any Constraints on Using VPC Peering Connections?
- If there are three VPCs, A, B, and C, and VPC A is peered with both VPC B and VPC C, but VPC B and VPC C overlap with each other, you cannot configure routes with the same destinations for VPC A. - If there are three VPCs, A, B, and C, and VPC A is peered with both VPC B and VPC C, but VPC B and VPC C overlap with each other, you cannot configure routes with the same destinations for VPC A.
- You cannot have more than one VPC peering connection between the same two VPCs at the same time. - You can only have one VPC peering connection between two VPCs at the same time.
- A VPC peering connection between VPCs in different regions will not take effect. - A VPC peering connection cannot be established between VPCs in different regions.
- You cannot use the EIPs in a VPC to access resources in a peered VPC. For example, VPC A is peered with VPC B, and VPC B has EIPs that can be used to access the Internet, you cannot use EIPs in VPC B to access the Internet from VPC A. - You cannot use the EIPs in a VPC to access resources in a peered VPC. For example, VPC A is peered with VPC B, and VPC B has EIPs that can be used to access the Internet, you cannot use EIPs in VPC B to access the Internet from VPC A.
- If you request a VPC peering connection with a VPC of another account, the connection takes effect only after the peer account accept the request. If you request a VPC peering connection with a VPC of your own, the system automatically accepts the request and activates the connection. - If you request a VPC peering connection with a VPC of another account, the connection cannot be used until the peer account accept the request. If you request a VPC peering connection with a VPC of your own, the system automatically accepts the request and activates the connection.
- To ensure security, do not accept VPC peering connections from unknown accounts. - To ensure security, do not accept VPC peering connections from unknown accounts.
- The owner either of a VPC in a peering connection can delete the VPC peering connection at any time. If a VPC peering connection is deleted by one of its owners, all information about this connection will also be deleted immediately, including routes added for the VPC peering connection. - The owner of either VPC in a peering connection can delete the VPC peering connection at any time. Deleting a VPC peering connection will also all information about this connection, including routes added for the VPC peering connection.
- After a VPC peering connection is established, the local and peer accounts must add routes to the route tables of the local and peer VPCs to enable communication between the two VPCs. - After a VPC peering connection is established, the local and peer accounts must add routes to the route tables of the local and peer VPCs to enable communication between the two VPCs.

4
umn/source/faqs/connectivity/how_many_vpc_peering_connections_can_i_create.rst
View File

@ -7,8 +7,8 @@ How Many VPC Peering Connections Can I Create?
Each account can have a maximum of 50 VPC peering connections in each region by default. Each account can have a maximum of 50 VPC peering connections in each region by default.
- VPC peering connections between VPCs in one account: Each account can create a maximum of 50 VPC peering connections in one region. - VPC peering connections between VPCs from the same account: Each account can create a maximum of 50 VPC peering connections in one region.
- VPC peering connections between VPCs of different accounts: Accepted VPC peering connections use the quotas of both accounts. To-be-accepted VPC peering connections only use the quotas of accounts that request the connections. - VPC peering connections between VPCs from different accounts: Accepted VPC peering connections use the quotas of both accounts. To-be-accepted VPC peering connections only use the quotas of accounts that request the connections.
An account can create VPC peering connections with different accounts if the account has enough quota. An account can create VPC peering connections with different accounts if the account has enough quota.

2
umn/source/faqs/eip/can_i_bind_an_eip_to_multiple_ecss.rst
View File

@ -6,3 +6,5 @@ Can I Bind an EIP to Multiple ECSs?
=================================== ===================================
Each EIP can be bound to only one ECS at a time. Each EIP can be bound to only one ECS at a time.
Multiple ECSs cannot share the same EIP. An ECS and its bound EIP must be in the same region. If you want multiple ECSs in the same VPC to share an EIP, you have to use a NAT gateway. For more information, see *NAT Gateway User Guide*.

10
umn/source/faqs/eip/how_do_i_access_an_ecs_with_an_eip_bound_from_the_internet.rst
View File

@ -9,10 +9,10 @@ Each ECS is automatically added to a security group after being created to ensur
You can set **Protocol** to **TCP**, **UDP**, **ICMP**, or **All** as required on the page for creating a security group rule. You can set **Protocol** to **TCP**, **UDP**, **ICMP**, or **All** as required on the page for creating a security group rule.
- If the ECS needs to be accessible over the Internet and the IP address used to access the ECS over the Internet has been configured on the ECS, or the ECS does not need to be accessible over the Internet, set **Source** to the IP address range containing the IP address that is allowed to access the ECS over the Internet. - If your ECS needs to be accessible over the Internet and you know the IP address used to access the ECS, set **Source** to the IP address range containing the IP address.
- If the ECS needs to be accessible over the Internet and the IP address used to access the ECS over the Internet has not been configured on the ECS, it is recommended that you retain the default setting **0.0.0.0/0** for **Source**, and then set allowed ports to improve network security.
- Allocate ECSs that have different Internet access policies to different security groups.
.. note:: - If your ECS needs to be accessible over the Internet but you do not know the IP address used to access the ECS, retain the default setting 0.0.0.0/0 for **Source**, and then set allowed ports to improve network security.
The default source IP address **0.0.0.0/0** indicates that all IP addresses can access ECSs in the security group. The default source **0.0.0.0/0** indicates that all IP addresses can access ECSs in the security group.
- Allocate ECSs that have different Internet access requirements to different security groups.

4
umn/source/faqs/eip/index.rst
View File

@ -5,7 +5,7 @@
EIP EIP
=== ===
- :ref:`What Are EIPs? <vpc_faq_0013>` - :ref:`What Is an EIP? <vpc_faq_0013>`
- :ref:`Can I Bind an EIP to Multiple ECSs? <vpc_faq_0019>` - :ref:`Can I Bind an EIP to Multiple ECSs? <vpc_faq_0019>`
- :ref:`How Do I Access an ECS with an EIP Bound from the Internet? <vpc_faq_0020>` - :ref:`How Do I Access an ECS with an EIP Bound from the Internet? <vpc_faq_0020>`
@ -13,6 +13,6 @@ EIP
:maxdepth: 1 :maxdepth: 1
:hidden: :hidden:
what_are_eips what_is_an_eip
can_i_bind_an_eip_to_multiple_ecss can_i_bind_an_eip_to_multiple_ecss
how_do_i_access_an_ecs_with_an_eip_bound_from_the_internet how_do_i_access_an_ecs_with_an_eip_bound_from_the_internet

4
umn/source/faqs/eip/what_are_eips.rst → umn/source/faqs/eip/what_is_an_eip.rst
View File

@ -2,8 +2,8 @@
.. _vpc_faq_0013: .. _vpc_faq_0013:
What Are EIPs? What Is an EIP?
============== ===============
The Elastic IP (EIP) service enables your cloud resources to communicate with the Internet using static public IP addresses and scalable bandwidths. EIPs can be bound to or unbound from ECSs, BMSs, virtual IP addresses, NAT gateways, or load balancers. The Elastic IP (EIP) service enables your cloud resources to communicate with the Internet using static public IP addresses and scalable bandwidths. EIPs can be bound to or unbound from ECSs, BMSs, virtual IP addresses, NAT gateways, or load balancers.

4
umn/source/faqs/vpc_and_subnet/what_is_virtual_private_cloud.rst
View File

@ -5,9 +5,9 @@
What Is Virtual Private Cloud? What Is Virtual Private Cloud?
============================== ==============================
The Virtual Private Cloud (VPC) service enables you to provision logically isolated, configurable, and manageable virtual networks for Elastic Cloud Servers (ECSs), improving cloud resource security and simplifying network deployment. The Virtual Private Cloud (VPC) service enables you to provision logically isolated virtual networks for Elastic Cloud Servers (ECSs), improving cloud resource security and simplifying network deployment. You can configure and manage the virtual networks as required.
Within your own VPC, you can create security groups and VPNs, configure IP address ranges, specify bandwidth sizes, manage the networks in the VPC, and make changes to these networks as needed, quickly and securely. You can also define rules for communication between ECSs in the same security group or in different security groups. Within your own VPC, you can create security groups and VPNs, configure IP address ranges, specify bandwidth sizes, manage the networks in the VPC, and make changes to these networks as needed, quickly and securely. You can also define rules to control communications between ECSs in the same security group or in different security groups.
.. figure:: /_static/images/en-us_image_0209606948.png .. figure:: /_static/images/en-us_image_0209606948.png

114
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/index.rst
View File

File diff suppressed because it is too large Load Diff

54
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/overview.rst
View File

@ -20,30 +20,30 @@ If your ECSs need to access the Internet (for example, the ECSs functioning as t
.. table:: **Table 1** Configuration process description .. table:: **Table 1** Configuration process description
+--------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +--------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Task | Description | | Task | Description |
+======================================+===============================================================================================================================================================================================================================================================================================+ +======================================+=============================================================================================================================================================================================================================================================================================+
| Create a VPC. | This task is mandatory. | | Create a VPC. | This task is mandatory. |
| | | | | |
| | A created VPC comes with a default subnet you specified. | | | A created VPC comes with a default subnet you specified. |
| | | | | |
| | After the VPC is created, you can create other required network resources in the VPC based on your service requirements. | | | After the VPC is created, you can create other required network resources in the VPC based on your service requirements. |
+--------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +--------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Create another subnet for the VPC. | This task is optional. | | Create another subnet for the VPC. | This task is optional. |
| | | | | |
| | If the default subnet cannot meet your requirements, you can create one. | | | If the default subnet cannot meet your requirements, you can create one. |
| | | | | |
| | The new subnet is used to assign IP addresses to NICs added to the ECS. | | | The new subnet is used to assign IP addresses to NICs added to the ECS. |
+--------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +--------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Assign an EIP and bind it to an ECS. | This task is mandatory. | | Assign an EIP and bind it to an ECS. | This task is mandatory. |
| | | | | |
| | You can assign an EIP and bind it to an ECS so that the ECS can access the Internet. | | | You can assign an EIP and bind it to an ECS for Internet access. |
+--------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +--------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Create a security group. | This task is mandatory. | | Create a security group. | This task is mandatory. |
| | | | | |
| | You can create a security group and add ECSs in the VPC to the security group to improve ECS access security. After a security group is created, it has a default rule, which allows all outgoing data packets. ECSs in a security group can access each other without the need to add rules. | | | You can create a security group and add ECSs in the VPC to the security group to improve ECS access security. After a security group is created, it has default rules, which allow all outgoing data packets. ECSs in a security group can access each other without the need to add rules. |
+--------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +--------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Add a security group rule. | This task is optional. | | Add a security group rule. | This task is optional. |
| | | | | |
| | If the default rule does not meet your service requirements, you can add security group rules. | | | If the default rule does not meet your service requirements, you can add security group rules. |
+--------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +--------------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

4
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_2_create_a_subnet_for_the_vpc.rst
View File

@ -10,7 +10,7 @@ Scenarios
A VPC comes with a default subnet. If the default subnet cannot meet your requirements, you can create one. A VPC comes with a default subnet. If the default subnet cannot meet your requirements, you can create one.
The subnet is configured with DHCP by default. When an ECS in this subnet starts, the ECS automatically obtains an IP address using DHCP. A subnet is configured with DHCP by default. When an ECS in this subnet starts, the ECS automatically obtains an IP address using DHCP.
Procedure Procedure
--------- ---------
@ -21,6 +21,8 @@ Procedure
3. On the console homepage, under **Network**, click **Virtual Private Cloud**. 3. On the console homepage, under **Network**, click **Virtual Private Cloud**.
The **Virtual Private Cloud** page is displayed.
4. In the navigation pane on the left, click **Subnets**. 4. In the navigation pane on the left, click **Subnets**.
5. Click **Create Subnet**. 5. Click **Create Subnet**.

57
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_3_assign_an_eip_and_bind_it_to_an_ecs.rst
View File

@ -12,11 +12,16 @@ You can assign an EIP and bind it to an ECS so that the ECS can access the Inter
.. note:: .. note::
EIPs for dedicated load balancers: Note the following when you use EIPs of the Dedicated Load Balancer (**5_gray**) type:
- In the **eu-de** region, if you choose to assign an EIP when you create a dedicated load balancer on the management console or using APIs, EIPs for dedicated load balancers (**5_gray**) will be assigned. - In **eu-de**, EIPs of the Dedicated Load Balancer (5_gray) type cannot be created any more.
- Do not bind EIPs of this type to non-dedicated load balancers. - Existing EIPs of the Dedicated Load Balancer (**5_gray**) type can be bound to dedicated or shared load balancers.
- Do not add EIPs of the dedicated load balancer type and other types to the same shared bandwidth. Otherwise, the bandwidth limit policy will not take effect.
- The EIP console cannot be used to bind EIPs to or unbind them from dedicated load balancers.
- You can use APIs to bind EIPs to or unbind them from dedicated load balancers. For details, see "Binding an EIP" and "Unbinding an EIP" in "API V3" section in the *Elastic IP API Reference*.
- EIPs of this type can be bound to or unbound from shared load balancers using the EIP console or APIs.
- Do not add EIPs of the dedicated load balancer type (**5_gray**) and other types to the same shared bandwidth. Otherwise, the bandwidth limit policy will not take effect.
Assigning an EIP Assigning an EIP
---------------- ----------------
@ -39,26 +44,26 @@ Assigning an EIP
.. table:: **Table 1** Parameter descriptions .. table:: **Table 1** Parameter descriptions
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+=========================================================================================================================================================================================================================================================================================================+=========================+ +=======================+=======================================================================================================================================================================================================================================================================================================================================================================+=========================+
| Region | Regions are geographic areas that are physically isolated from each other. The networks inside different regions are not connected to each other, so resources cannot be shared across different regions. For lower network latency and faster access to your resources, select the region nearest you. | eu-de | | Region | Regions are geographic areas that are physically isolated from each other. The networks inside different regions are not connected to each other, so resources cannot be shared across different regions. For lower network latency and faster access to your resources, select the region nearest you. The region selected for the EIP is its geographical location. | eu-de |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| EIP Type | - **Dynamic BGP**: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails. | Dynamic BGP | | EIP Type | - **Dynamic BGP**: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails. | Dynamic BGP |
| | - **Mail BGP**: EIPs with port 25, 465, or 587 enabled are used. | | | | - **Mail BGP**: EIPs with port 25, 465, or 587 enabled are used for email services. | |
| | | | | | | |
| | The selected EIP type cannot be changed after the EIP is assigned. | | | | The selected EIP type cannot be changed after the EIP is assigned. | |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| Bandwidth | The bandwidth size in Mbit/s. | 100 | | Bandwidth | The bandwidth size in Mbit/s. | 100 |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| Bandwidth Name | The name of the bandwidth. | bandwidth | | Bandwidth Name | The name of the bandwidth. | bandwidth |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| Tag | The EIP tags. Each tag contains a key and value pair. | - Key: Ipv4_key1 | | Tag | The EIP tags. Each tag contains a key and value pair. | - Key: Ipv4_key1 |
| | | - Value: 192.168.12.10 | | | | - Value: 192.168.12.10 |
| | The tag key and value must meet the requirements listed in :ref:`Table 2 <vpc_qs_0011__en-us_topic_0118499041_en-us_topic_0118498850_table36606052153313>`. | | | | The tag key and value must meet the requirements listed in :ref:`Table 2 <vpc_qs_0011__en-us_topic_0118499041_en-us_topic_0118498850_table36606052153313>`. | |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| Quantity | The number of EIPs you want to purchase. | 1 | | Quantity | The number of EIPs you want to purchase. | 1 |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
.. _vpc_qs_0011__en-us_topic_0118499041_en-us_topic_0118498850_table36606052153313: .. _vpc_qs_0011__en-us_topic_0118499041_en-us_topic_0118498850_table36606052153313:
@ -95,7 +100,7 @@ Binding an EIP
#. On the **EIPs** page, locate the row that contains the target EIP, and click **Bind**. #. On the **EIPs** page, locate the row that contains the target EIP, and click **Bind**.
#. Select the instance to which you want to bind the EIP. #. Select the instance that you want to bind the EIP to.
.. figure:: /_static/images/en-us_image_0000001166028070.png .. figure:: /_static/images/en-us_image_0000001166028070.png
@ -105,7 +110,7 @@ Binding an EIP
#. Click **OK**. #. Click **OK**.
An IPv6 client on the Internet can access the ECS that has an EIP bound in a VPC. For details about the implementation and constraints, see :ref:`How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? <vpc_faq_0076>` An IPv6 client on the Internet can access the ECS that has an EIP bound in a VPC. For details, see :ref:`How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? <vpc_faq_0076>`
Follow-Up Procedure Follow-Up Procedure
------------------- -------------------

14
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_4_create_a_security_group.rst
View File

@ -8,22 +8,22 @@ Step 4: Create a Security Group
Scenarios Scenarios
--------- ---------
To improve ECS access security, you can create security groups, define security group rules, and add ECSs in a VPC to different security groups. We recommend that you allocate ECSs that have different Internet access policies to different security groups. To improve ECS access security, you can create security groups, define security group rules, and add ECSs in a VPC to different security groups. We recommend that you allocate ECSs that have different Internet access requirements to different security groups.
Procedure Procedure
--------- ---------
#. Log in to the management console. #. Log in to the management console.
2. Click |image1| in the upper left corner and select the desired region and project. #. Click |image1| in the upper left corner and select the desired region and project.
3. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
4. In the navigation pane on the left, choose **Access Control** > **Security Groups**. #. In the navigation pane on the left, choose **Access Control** > **Security Groups**.
5. On the **Security Groups** page, click **Create Security Group**. #. On the **Security Groups** page, click **Create Security Group**.
6. In the **Create Security Group** area, set the parameters as prompted. :ref:`Table 1 <vpc_qs_0012__en-us_topic_0118646265_en-us_topic_0118534004_table65377617111335>` lists the parameters to be configured. #. In the **Create Security Group** area, set the parameters as prompted. :ref:`Table 1 <vpc_qs_0012__en-us_topic_0118646265_en-us_topic_0118534004_table65377617111335>` lists the parameters to be configured.
.. figure:: /_static/images/en-us_image_0000001197426329.png .. figure:: /_static/images/en-us_image_0000001197426329.png
@ -51,6 +51,6 @@ Procedure
| | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
7. Click **OK**. #. Click **OK**.
.. |image1| image:: /_static/images/en-us_image_0141273034.png .. |image1| image:: /_static/images/en-us_image_0141273034.png

76
umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_5_add_a_security_group_rule.rst
View File

@ -42,26 +42,26 @@ Procedure
.. table:: **Table 1** Inbound rule parameter description .. table:: **Table 1** Inbound rule parameter description
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+======================================================================================================================================================================================+=======================+ +=======================+====================================================================================================================================================================================+=======================+
| Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP | | Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which the traffic can reach your ECS. The value ranges from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which the traffic can reach your ECS. The value ranges from 1 to 65535. | 22, or 22-30 |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Source | The source of the security group rule. The value can be a single IP address or a security group to allow access from the IP address or instances in the security group. For example: | 0.0.0.0/0 | | Source | The source of the security group rule. The value can be a single IP address or a security group to allow access from IP addresses or instances in the security group. For example: | 0.0.0.0/0 |
| | | | | | | |
| | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | |
| | - xxx.xxx.xxx.0/24 (IPv4 address range) | | | | - xxx.xxx.xxx.0/24 (IPv4 address range) | |
| | - 0.0.0.0/0 (all IPv4 addresses) | | | | - 0.0.0.0/0 (all IPv4 addresses) | |
| | - sg-abc (security group) | | | | - sg-abc (security group) | |
| | | | | | | |
| | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. On the **Outbound Rules** tab, click **Add Rule**. In the displayed dialog box, set required parameters to add an outbound rule. #. On the **Outbound Rules** tab, click **Add Rule**. In the displayed dialog box, set required parameters to add an outbound rule.
@ -75,24 +75,24 @@ Procedure
.. table:: **Table 2** Outbound rule parameter description .. table:: **Table 2** Outbound rule parameter description
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+=========================================================================================================================================================================================+=======================+ +=======================+=======================================================================================================================================================================================+=======================+
| Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP | | Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which the traffic can leave your ECS. The value ranges from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which the traffic can leave your ECS. The value ranges from 1 to 65535. | 22, or 22-30 |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | The destination of the security group rule. The value can be a single IP address or a security group to allow access to the IP address or instances in the security group. For example: | 0.0.0.0/0 | | Destination | The destination of the security group rule. The value can be a single IP address or a security group to allow access to IP addresses or instances in the security group. For example: | 0.0.0.0/0 |
| | | | | | | |
| | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | |
| | - xxx.xxx.xxx.0/24 (IPv4 address range) | | | | - xxx.xxx.xxx.0/24 (IPv4 address range) | |
| | - 0.0.0.0/0 (all IPv4 addresses) | | | | - 0.0.0.0/0 (all IPv4 addresses) | |
| | - sg-abc (security group) | | | | - sg-abc (security group) | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. Click **OK**. #. Click **OK**.

4
umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_2_create_a_subnet_for_the_vpc.rst
View File

@ -10,7 +10,7 @@ Scenarios
A VPC comes with a default subnet. If the default subnet cannot meet your requirements, you can create one. A VPC comes with a default subnet. If the default subnet cannot meet your requirements, you can create one.
The subnet is configured with DHCP by default. When an ECS in this subnet starts, the ECS automatically obtains an IP address using DHCP. A subnet is configured with DHCP by default. When an ECS in this subnet starts, the ECS automatically obtains an IP address using DHCP.
Procedure Procedure
--------- ---------
@ -21,6 +21,8 @@ Procedure
3. On the console homepage, under **Network**, click **Virtual Private Cloud**. 3. On the console homepage, under **Network**, click **Virtual Private Cloud**.
The **Virtual Private Cloud** page is displayed.
4. In the navigation pane on the left, click **Subnets**. 4. In the navigation pane on the left, click **Subnets**.
5. Click **Create Subnet**. 5. Click **Create Subnet**.

14
umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_3_create_a_security_group.rst
View File

@ -8,22 +8,22 @@ Step 3: Create a Security Group
Scenarios Scenarios
--------- ---------
To improve ECS access security, you can create security groups, define security group rules, and add ECSs in a VPC to different security groups. We recommend that you allocate ECSs that have different Internet access policies to different security groups. To improve ECS access security, you can create security groups, define security group rules, and add ECSs in a VPC to different security groups. We recommend that you allocate ECSs that have different Internet access requirements to different security groups.
Procedure Procedure
--------- ---------
#. Log in to the management console. #. Log in to the management console.
2. Click |image1| in the upper left corner and select the desired region and project. #. Click |image1| in the upper left corner and select the desired region and project.
3. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
4. In the navigation pane on the left, choose **Access Control** > **Security Groups**. #. In the navigation pane on the left, choose **Access Control** > **Security Groups**.
5. On the **Security Groups** page, click **Create Security Group**. #. On the **Security Groups** page, click **Create Security Group**.
6. In the **Create Security Group** area, set the parameters as prompted. :ref:`Table 1 <vpc_qs_0007__en-us_topic_0118646263_en-us_topic_0118534004_table65377617111335>` lists the parameters to be configured. #. In the **Create Security Group** area, set the parameters as prompted. :ref:`Table 1 <vpc_qs_0007__en-us_topic_0118646263_en-us_topic_0118534004_table65377617111335>` lists the parameters to be configured.
.. figure:: /_static/images/en-us_image_0000001197426329.png .. figure:: /_static/images/en-us_image_0000001197426329.png
@ -51,6 +51,6 @@ Procedure
| | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
7. Click **OK**. #. Click **OK**.
.. |image1| image:: /_static/images/en-us_image_0141273034.png .. |image1| image:: /_static/images/en-us_image_0141273034.png

76
umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_4_add_a_security_group_rule.rst
View File

@ -42,26 +42,26 @@ Procedure
.. table:: **Table 1** Inbound rule parameter description .. table:: **Table 1** Inbound rule parameter description
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+======================================================================================================================================================================================+=======================+ +=======================+====================================================================================================================================================================================+=======================+
| Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP | | Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which the traffic can reach your ECS. The value ranges from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which the traffic can reach your ECS. The value ranges from 1 to 65535. | 22, or 22-30 |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Source | The source of the security group rule. The value can be a single IP address or a security group to allow access from the IP address or instances in the security group. For example: | 0.0.0.0/0 | | Source | The source of the security group rule. The value can be a single IP address or a security group to allow access from IP addresses or instances in the security group. For example: | 0.0.0.0/0 |
| | | | | | | |
| | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | |
| | - xxx.xxx.xxx.0/24 (IPv4 address range) | | | | - xxx.xxx.xxx.0/24 (IPv4 address range) | |
| | - 0.0.0.0/0 (all IPv4 addresses) | | | | - 0.0.0.0/0 (all IPv4 addresses) | |
| | - sg-abc (security group) | | | | - sg-abc (security group) | |
| | | | | | | |
| | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. On the **Outbound Rules** tab, click **Add Rule**. In the displayed dialog box, set required parameters to add an outbound rule. #. On the **Outbound Rules** tab, click **Add Rule**. In the displayed dialog box, set required parameters to add an outbound rule.
@ -75,24 +75,24 @@ Procedure
.. table:: **Table 2** Outbound rule parameter description .. table:: **Table 2** Outbound rule parameter description
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+=========================================================================================================================================================================================+=======================+ +=======================+=======================================================================================================================================================================================+=======================+
| Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP | | Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which the traffic can leave your ECS. The value ranges from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which the traffic can leave your ECS. The value ranges from 1 to 65535. | 22, or 22-30 |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | The destination of the security group rule. The value can be a single IP address or a security group to allow access to the IP address or instances in the security group. For example: | 0.0.0.0/0 | | Destination | The destination of the security group rule. The value can be a single IP address or a security group to allow access to IP addresses or instances in the security group. For example: | 0.0.0.0/0 |
| | | | | | | |
| | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | |
| | - xxx.xxx.xxx.0/24 (IPv4 address range) | | | | - xxx.xxx.xxx.0/24 (IPv4 address range) | |
| | - 0.0.0.0/0 (all IPv4 addresses) | | | | - 0.0.0.0/0 (all IPv4 addresses) | |
| | - sg-abc (security group) | | | | - sg-abc (security group) | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. Click **OK**. #. Click **OK**.

57
umn/source/operation_guide_new_console_edition/eip/assigning_an_eip_and_binding_it_to_an_ecs.rst → umn/source/operation_guide_new_console_edition/elastic_ip/assigning_an_eip_and_binding_it_to_an_ecs.rst
View File

@ -12,11 +12,16 @@ You can assign an EIP and bind it to an ECS so that the ECS can access the Inter
.. note:: .. note::
EIPs for dedicated load balancers: Note the following when you use EIPs of the Dedicated Load Balancer (**5_gray**) type:
- In the **eu-de** region, if you choose to assign an EIP when you create a dedicated load balancer on the management console or using APIs, EIPs for dedicated load balancers (**5_gray**) will be assigned. - In **eu-de**, EIPs of the Dedicated Load Balancer (5_gray) type cannot be created any more.
- Do not bind EIPs of this type to non-dedicated load balancers. - Existing EIPs of the Dedicated Load Balancer (**5_gray**) type can be bound to dedicated or shared load balancers.
- Do not add EIPs of the dedicated load balancer type and other types to the same shared bandwidth. Otherwise, the bandwidth limit policy will not take effect.
- The EIP console cannot be used to bind EIPs to or unbind them from dedicated load balancers.
- You can use APIs to bind EIPs to or unbind them from dedicated load balancers. For details, see "Binding an EIP" and "Unbinding an EIP" in "API V3" section in the *Elastic IP API Reference*.
- EIPs of this type can be bound to or unbound from shared load balancers using the EIP console or APIs.
- Do not add EIPs of the dedicated load balancer type (**5_gray**) and other types to the same shared bandwidth. Otherwise, the bandwidth limit policy will not take effect.
Assigning an EIP Assigning an EIP
---------------- ----------------
@ -39,26 +44,26 @@ Assigning an EIP
.. table:: **Table 1** Parameter descriptions .. table:: **Table 1** Parameter descriptions
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+=========================================================================================================================================================================================================================================================================================================+=========================+ +=======================+=======================================================================================================================================================================================================================================================================================================================================================================+=========================+
| Region | Regions are geographic areas that are physically isolated from each other. The networks inside different regions are not connected to each other, so resources cannot be shared across different regions. For lower network latency and faster access to your resources, select the region nearest you. | eu-de | | Region | Regions are geographic areas that are physically isolated from each other. The networks inside different regions are not connected to each other, so resources cannot be shared across different regions. For lower network latency and faster access to your resources, select the region nearest you. The region selected for the EIP is its geographical location. | eu-de |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| EIP Type | - **Dynamic BGP**: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails. | Dynamic BGP | | EIP Type | - **Dynamic BGP**: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails. | Dynamic BGP |
| | - **Mail BGP**: EIPs with port 25, 465, or 587 enabled are used. | | | | - **Mail BGP**: EIPs with port 25, 465, or 587 enabled are used for email services. | |
| | | | | | | |
| | The selected EIP type cannot be changed after the EIP is assigned. | | | | The selected EIP type cannot be changed after the EIP is assigned. | |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| Bandwidth | The bandwidth size in Mbit/s. | 100 | | Bandwidth | The bandwidth size in Mbit/s. | 100 |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| Bandwidth Name | The name of the bandwidth. | bandwidth | | Bandwidth Name | The name of the bandwidth. | bandwidth |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| Tag | The EIP tags. Each tag contains a key and value pair. | - Key: Ipv4_key1 | | Tag | The EIP tags. Each tag contains a key and value pair. | - Key: Ipv4_key1 |
| | | - Value: 192.168.12.10 | | | | - Value: 192.168.12.10 |
| | The tag key and value must meet the requirements listed in :ref:`Table 2 <en-us_topic_0013748738__en-us_topic_0118498850_table36606052153313>`. | | | | The tag key and value must meet the requirements listed in :ref:`Table 2 <en-us_topic_0013748738__en-us_topic_0118498850_table36606052153313>`. | |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
| Quantity | The number of EIPs you want to purchase. | 1 | | Quantity | The number of EIPs you want to purchase. | 1 |
+-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+ +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------+
.. _en-us_topic_0013748738__en-us_topic_0118498850_table36606052153313: .. _en-us_topic_0013748738__en-us_topic_0118498850_table36606052153313:
@ -95,7 +100,7 @@ Binding an EIP
#. On the **EIPs** page, locate the row that contains the target EIP, and click **Bind**. #. On the **EIPs** page, locate the row that contains the target EIP, and click **Bind**.
#. Select the instance to which you want to bind the EIP. #. Select the instance that you want to bind the EIP to.
.. figure:: /_static/images/en-us_image_0000001166028070.png .. figure:: /_static/images/en-us_image_0000001166028070.png
@ -105,7 +110,7 @@ Binding an EIP
#. Click **OK**. #. Click **OK**.
An IPv6 client on the Internet can access the ECS that has an EIP bound in a VPC. For details about the implementation and constraints, see :ref:`How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? <vpc_faq_0076>` An IPv6 client on the Internet can access the ECS that has an EIP bound in a VPC. For details, see :ref:`How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? <vpc_faq_0076>`
Follow-Up Procedure Follow-Up Procedure
------------------- -------------------

4
umn/source/operation_guide_new_console_edition/eip/index.rst → umn/source/operation_guide_new_console_edition/elastic_ip/index.rst
View File

@ -2,8 +2,8 @@
.. _vpc_eip_0000: .. _vpc_eip_0000:
EIP Elastic IP
=== ==========
- :ref:`Assigning an EIP and Binding It to an ECS <en-us_topic_0013748738>` - :ref:`Assigning an EIP and Binding It to an ECS <en-us_topic_0013748738>`
- :ref:`Unbinding an EIP from an ECS and Releasing the EIP <vpc_eip_0001>` - :ref:`Unbinding an EIP from an ECS and Releasing the EIP <vpc_eip_0001>`

0
umn/source/operation_guide_new_console_edition/eip/managing_eip_tags.rst → umn/source/operation_guide_new_console_edition/elastic_ip/managing_eip_tags.rst
View File

0
umn/source/operation_guide_new_console_edition/eip/modifying_an_eip_bandwidth.rst → umn/source/operation_guide_new_console_edition/elastic_ip/modifying_an_eip_bandwidth.rst
View File

18
umn/source/operation_guide_new_console_edition/eip/unbinding_an_eip_from_an_ecs_and_releasing_the_eip.rst → umn/source/operation_guide_new_console_edition/elastic_ip/unbinding_an_eip_from_an_ecs_and_releasing_the_eip.rst
View File

@ -13,7 +13,14 @@ If you no longer need an EIP, unbind it from the ECS and release the EIP to avoi
Notes and Constraints Notes and Constraints
--------------------- ---------------------
- EIP assigned together with your load balancers will also be displayed in the EIP list on the VPC console. On the EIP console or using EIP APIs, you cannot bind EIPs to or unbind them from dedicated load balancers, but you can bind EIPs to or unbind them from shared load balancers. - In **eu-de**, EIPs of the Dedicated Load Balancer (5_gray) type cannot be created any more.
- Existing EIPs of the Dedicated Load Balancer (**5_gray**) type can be bound to dedicated or shared load balancers.
- The EIP console cannot be used to bind EIPs to or unbind them from dedicated load balancers.
- You can use APIs to bind EIPs to or unbind them from dedicated load balancers. For details, see "Binding an EIP" and "Unbinding an EIP" in "API V3" section in the *Elastic IP API Reference*.
- EIPs of this type can be bound to or unbound from shared load balancers using the EIP console or APIs.
- EIP assigned together with your load balancers will also be displayed in the EIP list.
- You can only release EIPs that are not bound to any resources. - You can only release EIPs that are not bound to any resources.
Procedure Procedure
@ -30,11 +37,10 @@ Procedure
**Releasing a single EIP** **Releasing a single EIP**
#. Log in to the management console. #. Log in to the management console.
#. Click |image2| in the upper left corner and select the desired region and project.
2. Click |image2| in the upper left corner and select the desired region and project. #. On the console homepage, under **Network**, click **Elastic IP**.
3. On the console homepage, under **Network**, click **Elastic IP**. #. On the displayed page, locate the row that contains the target EIP, click **More** and then **Release** in the **Operation** column.
4. On the displayed page, locate the row that contains the target EIP, click **More** and then **Release** in the **Operation** column. #. Click **Yes** in the displayed dialog box.
5. Click **Yes** in the displayed dialog box.
**Unbinding multiple EIPs at once** **Unbinding multiple EIPs at once**

4
umn/source/operation_guide_new_console_edition/index.rst
View File

@ -7,7 +7,7 @@ Operation Guide (New Console Edition)
- :ref:`VPC and Subnet <en-us_topic_0030969460>` - :ref:`VPC and Subnet <en-us_topic_0030969460>`
- :ref:`Security <vpc_securitygroup_0000>` - :ref:`Security <vpc_securitygroup_0000>`
- :ref:`EIP <vpc_eip_0000>` - :ref:`Elastic IP <vpc_eip_0000>`
- :ref:`Shared Bandwidth <vpc010003>` - :ref:`Shared Bandwidth <vpc010003>`
- :ref:`Route Table <vpc_route_0000>` - :ref:`Route Table <vpc_route_0000>`
- :ref:`VPC Peering Connection <vpc_peering_0000>` - :ref:`VPC Peering Connection <vpc_peering_0000>`
@ -22,7 +22,7 @@ Operation Guide (New Console Edition)
vpc_and_subnet/index vpc_and_subnet/index
security/index security/index
eip/index elastic_ip/index
shared_bandwidth/index shared_bandwidth/index
route_table/index route_table/index
vpc_peering_connection/index vpc_peering_connection/index

2
umn/source/operation_guide_new_console_edition/monitoring/creating_an_alarm_rule.rst
View File

@ -17,7 +17,7 @@ Procedure
2. Click |image1| in the upper left corner and select the desired region and project. 2. Click |image1| in the upper left corner and select the desired region and project.
3. Hover on the upper left corner to display **Service List** and choose **Management & Governance** > **Cloud Eye**. 3. Hover on the upper left corner to display **Service List** and choose **Management & Deployment** > **Cloud Eye**.
4. In the left navigation pane on the left, choose **Alarm Management** > **Alarm Rules**. 4. In the left navigation pane on the left, choose **Alarm Management** > **Alarm Rules**.

38
umn/source/operation_guide_new_console_edition/monitoring/supported_metrics.rst
View File

@ -20,25 +20,25 @@ Monitoring Metrics
.. table:: **Table 1** EIP and bandwidth metrics .. table:: **Table 1** EIP and bandwidth metrics
+----------------------+--------------------+-------------------------------------------------+-------------+------------------+--------------------------------+ +----------------------+--------------------+-------------------------------------------------------------+-------------+------------------+--------------------------------+
| ID | Name | Description | Value Range | Monitored Object | Monitoring Interval (Raw Data) | | ID | Name | Description | Value Range | Monitored Object | Monitoring Interval (Raw Data) |
+======================+====================+=================================================+=============+==================+================================+ +======================+====================+=============================================================+=============+==================+================================+
| upstream_bandwidth | Outbound Bandwidth | Network rate of outbound traffic | >= 0 bit/s | Bandwidth or EIP | 1 minute | | upstream_bandwidth | Outbound Bandwidth | Network rate of outbound traffic | >= 0 bit/s | Bandwidth or EIP | 1 minute |
| | | | | | | | | | | | | |
| | | Unit: bit/s | | | | | | | Unit: bit/s | | | |
+----------------------+--------------------+-------------------------------------------------+-------------+------------------+--------------------------------+ +----------------------+--------------------+-------------------------------------------------------------+-------------+------------------+--------------------------------+
| downstream_bandwidth | Inbound Bandwidth | Network rate of inbound traffic | >= 0 bit/s | Bandwidth or EIP | 1 minute | | downstream_bandwidth | Inbound Bandwidth | Network rate of inbound traffic | >= 0 bit/s | Bandwidth or EIP | 1 minute |
| | | | | | | | | | | | | |
| | | Unit: bit/s | | | | | | | Unit: bit/s | | | |
+----------------------+--------------------+-------------------------------------------------+-------------+------------------+--------------------------------+ +----------------------+--------------------+-------------------------------------------------------------+-------------+------------------+--------------------------------+
| up_stream | Outbound Traffic | Network traffic going out of the cloud platform | >= 0 bytes | Bandwidth or EIP | 1 minute | | up_stream | Outbound Traffic | Network traffic going out of the cloud platform in a minute | >= 0 bytes | Bandwidth or EIP | 1 minute |
| | | | | | | | | | | | | |
| | | Unit: byte | | | | | | | Unit: byte/s | | | |
+----------------------+--------------------+-------------------------------------------------+-------------+------------------+--------------------------------+ +----------------------+--------------------+-------------------------------------------------------------+-------------+------------------+--------------------------------+
| down_stream | Inbound Traffic | Network traffic going into the cloud platform | >= 0 bytes | Bandwidth or EIP | 1 minute | | down_stream | Inbound Traffic | Network traffic going into the cloud platform in a minute | >= 0 bytes | Bandwidth or EIP | 1 minute |
| | | | | | | | | | | | | |
| | | Unit: byte | | | | | | | Unit: byte/s | | | |
+----------------------+--------------------+-------------------------------------------------+-------------+------------------+--------------------------------+ +----------------------+--------------------+-------------------------------------------------------------+-------------+------------------+--------------------------------+
Dimensions Dimensions
---------- ----------

2
umn/source/operation_guide_new_console_edition/monitoring/viewing_metrics.rst
View File

@ -16,7 +16,7 @@ Procedure
#. Log in to the management console. #. Log in to the management console.
2. Click |image1| in the upper left corner and select the desired region and project. 2. Click |image1| in the upper left corner and select the desired region and project.
3. Hover on the upper left corner to display **Service List** and choose **Management & Governance** > **Cloud Eye**. 3. Hover on the upper left corner to display **Service List** and choose **Management & Deployment** > **Cloud Eye**.
4. Click **Cloud Service Monitoring** on the left of the page, and choose **Elastic IP and Bandwidth**. 4. Click **Cloud Service Monitoring** on the left of the page, and choose **Elastic IP and Bandwidth**.
5. Locate the row that contains the target bandwidth or EIP and click **View Metric** in the **Operation** column to check the bandwidth or EIP monitoring information. 5. Locate the row that contains the target bandwidth or EIP and click **View Metric** in the **Operation** column to check the bandwidth or EIP monitoring information.

2
umn/source/operation_guide_new_console_edition/route_table/associating_a_subnet_with_a_route_table.rst
View File

@ -24,8 +24,6 @@ Procedure
#. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
#. In the navigation pane on the left, choose **Route Tables**.
#. In the route table list, locate the row that contains the target route table and click **Associate Subnet** in the **Operation** column. #. In the route table list, locate the row that contains the target route table and click **Associate Subnet** in the **Operation** column.
#. Select the subnet to be associated. #. Select the subnet to be associated.

2
umn/source/operation_guide_new_console_edition/route_table/changing_the_route_table_associated_with_a_subnet.rst
View File

@ -19,8 +19,6 @@ Procedure
#. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
#. In the navigation pane on the left, choose **Route Tables**.
#. In the route table list, click the name of the target route table. #. In the route table list, click the name of the target route table.
#. On the **Associated Subnets** tab page, click **Change Route Table** in the **Operation** column and select a new route table as prompted. #. On the **Associated Subnets** tab page, click **Change Route Table** in the **Operation** column and select a new route table as prompted.

34
umn/source/operation_guide_new_console_edition/route_table/configuring_an_snat_server.rst
View File

File diff suppressed because it is too large Load Diff

2
umn/source/operation_guide_new_console_edition/route_table/creating_a_custom_route_table.rst
View File

@ -19,8 +19,6 @@ Procedure
#. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
#. In the navigation pane on the left, choose **Route Tables**.
#. In the upper right corner, click **Create Route Table**. On the displayed page, configure parameters as prompted. #. In the upper right corner, click **Create Route Table**. On the displayed page, configure parameters as prompted.

2
umn/source/operation_guide_new_console_edition/route_table/deleting_a_route.rst
View File

@ -8,7 +8,7 @@ Deleting a Route
Scenarios Scenarios
--------- ---------
Delete a route if it is no longer required. This section describes how to delete a custom route from a route table.
Procedure Procedure
--------- ---------

1
umn/source/operation_guide_new_console_edition/route_table/deleting_a_route_table.rst
View File

@ -21,7 +21,6 @@ Procedure
#. Log in to the management console. #. Log in to the management console.
#. Click |image1| in the upper left corner and select the desired region and project. #. Click |image1| in the upper left corner and select the desired region and project.
#. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
#. In the navigation pane on the left, choose **Route Tables**.
#. In the route table list, locate the row that contains the route table to be deleted and click **Delete** in the **Operation** column. #. In the route table list, locate the row that contains the route table to be deleted and click **Delete** in the **Operation** column.
#. Click **Yes**. #. Click **Yes**.

2
umn/source/operation_guide_new_console_edition/route_table/exporting_route_table_information.rst
View File

@ -19,8 +19,6 @@ Procedure
#. Under **Network**, click **Virtual Private Cloud**. #. Under **Network**, click **Virtual Private Cloud**.
#. In the navigation pane on the left, choose **Route Tables**.
#. On the displayed page, click |image2| in the upper right of the route table list. #. On the displayed page, click |image2| in the upper right of the route table list.
The system will automatically export information about all route tables under your account in the current region as an Excel file to a local directory. The system will automatically export information about all route tables under your account in the current region as an Excel file to a local directory.

2
umn/source/operation_guide_new_console_edition/route_table/replicating_a_route.rst
View File

@ -26,8 +26,6 @@ Procedure
#. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
#. In the navigation pane on the left, choose **Route Tables**.
#. In the route table list, locate the row that contains the target route table and click **Replicate Route** in the **Operation** column. #. In the route table list, locate the row that contains the target route table and click **Replicate Route** in the **Operation** column.
#. Select the target route table and then the route to be replicated as prompted. #. Select the target route table and then the route to be replicated as prompted.

47
umn/source/operation_guide_new_console_edition/route_table/route_table_overview.rst
View File

@ -55,28 +55,31 @@ A route is configured with the destination, next hop type, and next hop to deter
.. table:: **Table 1** Next hop type .. table:: **Table 1** Next hop type
+------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ +--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
| Next Hop Type | Description | Supported Route Table | | Next Hop Type | Description | Supported Route Table |
+========================+==============================================================================================================================================================+========================+ +==========================+==============================================================================================================================================================+========================+
| Server | Traffic intended for the destination is forwarded to an ECS in the VPC. | - Default route table | | Server | Traffic intended for the destination is forwarded to an ECS in the VPC. | - Default route table |
| | | - Custom route table | | | | - Custom route table |
+------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ +--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
| Extension NIC | Traffic intended for the destination is forwarded to the extension NIC of an ECS in the VPC. | - Default route table | | Extension NIC | Traffic intended for the destination is forwarded to the extension NIC of an ECS in the VPC. | - Default route table |
| | | - Custom route table | | | | - Custom route table |
+------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ +--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
| VPN connection | Traffic intended for the destination is forwarded to a VPN gateway. | Custom route table | | BMS user-defined network | Traffic intended for the destination is forwarded to a BMS user-defined network. | - Default route table |
+------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ | | | - Custom route table |
| Direct Connect gateway | Traffic intended for the destination is forwarded to a Direct Connect gateway. | Custom route table | +--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
+------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ | VPN connection | Traffic intended for the destination is forwarded to a VPN gateway. | Custom route table |
| NAT gateway | Traffic intended for the destination is forwarded to a NAT gateway. | - Default route table | +--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
| | | - Custom route table | | Direct Connect gateway | Traffic intended for the destination is forwarded to a Direct Connect gateway. | Custom route table |
+------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ +--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
| VPC peering connection | Traffic intended for the destination is forwarded to a VPC peering connection. | - Default route table | | NAT gateway | Traffic intended for the destination is forwarded to a NAT gateway. | - Default route table |
| | | - Custom route table | | | | - Custom route table |
+------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ +--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
| Virtual IP address | Traffic intended for the destination is forwarded to a virtual IP address and then sent to active and standby ECSs to which the virtual IP address is bound. | - Default route table | | VPC peering connection | Traffic intended for the destination is forwarded to a VPC peering connection. | - Default route table |
| | | - Custom route table | | | | - Custom route table |
+------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ +--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
| Virtual IP address | Traffic intended for the destination is forwarded to a virtual IP address and then sent to active and standby ECSs to which the virtual IP address is bound. | - Default route table |
| | | - Custom route table |
+--------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+
.. note:: .. note::

2
umn/source/operation_guide_new_console_edition/security/differences_between_security_groups_and_firewalls.rst
View File

@ -30,7 +30,7 @@ For details, see :ref:`Figure 1 <en-us_topic_0052003963__en-us_topic_0118534001_
+==========+================================================================================================================================================+=============================================================================================================================================================================================================================================================================================================================+ +==========+================================================================================================================================================+=============================================================================================================================================================================================================================================================================================================================+
| Targets | Operates at the ECS level. | Operates at the subnet level. | | Targets | Operates at the ECS level. | Operates at the subnet level. |
+----------+------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +----------+------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Rules | Supports both **Allow** and **Deny** rules. | Supports both **Allow** and **Deny** rules. | | Rules | Does not support **Allow** or **Deny** rules. | Supports both **Allow** and **Deny** rules. |
+----------+------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +----------+------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Priority | If there are conflicting rules, they are combined and applied together. | If rules conflict, the rule with the highest priority takes effect. | | Priority | If there are conflicting rules, they are combined and applied together. | If rules conflict, the rule with the highest priority takes effect. |
+----------+------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +----------+------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

2
umn/source/operation_guide_new_console_edition/security/firewall/adding_a_firewall_rule.rst
View File

@ -57,7 +57,7 @@ Procedure
| | | | | | | |
| | You must specify this parameter if **TCP** or **UDP** is selected for **Protocol**. | | | | You must specify this parameter if **TCP** or **UDP** is selected for **Protocol**. | |
+------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | The destination to which the traffic is allowed. The destination can be an IP address or IP address range. | 0.0.0.0/0 | | Destination | The destination to which the traffic is allowed. The source can be an IP address or IP address range. | 0.0.0.0/0 |
| | | | | | | |
| | The default value is **0.0.0.0/0**, which indicates that traffic to all IP addresses is allowed. | | | | The default value is **0.0.0.0/0**, which indicates that traffic to all IP addresses is allowed. | |
| | | | | | | |

2
umn/source/operation_guide_new_console_edition/security/firewall/deleting_a_firewall_rule.rst
View File

@ -22,7 +22,7 @@ Procedure
6. On the **Inbound Rules** or **Outbound Rules** tab, locate the row that contains the target rule and click **Delete** in the **Operation** column. 6. On the **Inbound Rules** or **Outbound Rules** tab, locate the row that contains the target rule and click **Delete** in the **Operation** column.
7. Click **Yes** in the displayed dialog box. 7. Click **Yes** in the displayed dialog box.
**Deleting multiple Firewall rules at a time** **Deleting Multiple Firewall Rules at a Time**
You can also select multiple firewall rules and click **Delete** above the firewall rule list to delete multiple rules at a time. You can also select multiple firewall rules and click **Delete** above the firewall rule list to delete multiple rules at a time.

2
umn/source/operation_guide_new_console_edition/security/firewall/enabling_or_disabling_a_firewall.rst
View File

@ -10,7 +10,7 @@ Scenarios
After a firewall is created, you may need to enable it based on network security requirements. You can also disable an enabled firewall if need. Before enabling a firewall, ensure that subnets have been associated with the firewall and that inbound and outbound rules have been added to the firewall. After a firewall is created, you may need to enable it based on network security requirements. You can also disable an enabled firewall if need. Before enabling a firewall, ensure that subnets have been associated with the firewall and that inbound and outbound rules have been added to the firewall.
When a firewall is disabled, custom rules will become invalid. Disabling a firewall may interrupt network traffic. For information about the default firewall rules, see :ref:`Default Firewall Rules <acl_0001__en-us_topic_0144643910_section99541345213>`. When a firewall is disabled, custom rules will become invalid while default rules still take effect. Disabling a firewall may interrupt network traffic. For information about the default firewall rules, see :ref:`Default Firewall Rules <acl_0001__en-us_topic_0144643910_section99541345213>`.
Procedure Procedure
--------- ---------

2
umn/source/operation_guide_new_console_edition/security/firewall/firewall_configuration_examples.rst
View File

@ -43,7 +43,7 @@ Firewall Configuration
Allowing Access from Specific Ports and Protocols Allowing Access from Specific Ports and Protocols
------------------------------------------------- -------------------------------------------------
In this example, an ECS in a subnet is used as the web server, and you need to allow inbound traffic from HTTP port 80 and HTTPS port 443 and allow all outbound traffic regardless of the port. You need to configure both the firewall rules and security group rules to allow the traffic. In this example, an ECS in a subnet is used as the web server, and you need to allow inbound traffic from HTTP port 80 and HTTPS port 443 and allow all outbound traffic. You need to configure both the firewall rules and security group rules to allow the traffic.
Firewall Configuration Firewall Configuration

2
umn/source/operation_guide_new_console_edition/security/firewall/modifying_a_firewall_rule.rst
View File

@ -56,7 +56,7 @@ Procedure
| | | | | | | |
| | You must specify this parameter if **TCP** or **UDP** is selected for **Protocol**. | | | | You must specify this parameter if **TCP** or **UDP** is selected for **Protocol**. | |
+------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | The destination to which the traffic is allowed. The destination can be an IP address or IP address range. | 0.0.0.0/0 | | Destination | The destination to which the traffic is allowed. The source can be an IP address or IP address range. | 0.0.0.0/0 |
| | | | | | | |
| | The default value is **0.0.0.0/0**, which indicates that traffic to all IP addresses is allowed. | | | | The default value is **0.0.0.0/0**, which indicates that traffic to all IP addresses is allowed. | |
| | | | | | | |

76
umn/source/operation_guide_new_console_edition/security/security_group/adding_a_security_group_rule.rst
View File

@ -42,26 +42,26 @@ Procedure
.. table:: **Table 1** Inbound rule parameter description .. table:: **Table 1** Inbound rule parameter description
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+======================================================================================================================================================================================+=======================+ +=======================+====================================================================================================================================================================================+=======================+
| Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP | | Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which the traffic can reach your ECS. The value ranges from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which the traffic can reach your ECS. The value ranges from 1 to 65535. | 22, or 22-30 |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Source | The source of the security group rule. The value can be a single IP address or a security group to allow access from the IP address or instances in the security group. For example: | 0.0.0.0/0 | | Source | The source of the security group rule. The value can be a single IP address or a security group to allow access from IP addresses or instances in the security group. For example: | 0.0.0.0/0 |
| | | | | | | |
| | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | |
| | - xxx.xxx.xxx.0/24 (IPv4 address range) | | | | - xxx.xxx.xxx.0/24 (IPv4 address range) | |
| | - 0.0.0.0/0 (all IPv4 addresses) | | | | - 0.0.0.0/0 (all IPv4 addresses) | |
| | - sg-abc (security group) | | | | - sg-abc (security group) | |
| | | | | | | |
| | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. On the **Outbound Rules** tab, click **Add Rule**. In the displayed dialog box, set required parameters to add an outbound rule. #. On the **Outbound Rules** tab, click **Add Rule**. In the displayed dialog box, set required parameters to add an outbound rule.
@ -75,24 +75,24 @@ Procedure
.. table:: **Table 2** Outbound rule parameter description .. table:: **Table 2** Outbound rule parameter description
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+=========================================================================================================================================================================================+=======================+ +=======================+=======================================================================================================================================================================================+=======================+
| Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP | | Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which the traffic can leave your ECS. The value ranges from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which the traffic can leave your ECS. The value ranges from 1 to 65535. | 22, or 22-30 |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | The destination of the security group rule. The value can be a single IP address or a security group to allow access to the IP address or instances in the security group. For example: | 0.0.0.0/0 | | Destination | The destination of the security group rule. The value can be a single IP address or a security group to allow access to IP addresses or instances in the security group. For example: | 0.0.0.0/0 |
| | | | | | | |
| | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | |
| | - xxx.xxx.xxx.0/24 (IPv4 address range) | | | | - xxx.xxx.xxx.0/24 (IPv4 address range) | |
| | - 0.0.0.0/0 (all IPv4 addresses) | | | | - 0.0.0.0/0 (all IPv4 addresses) | |
| | - sg-abc (security group) | | | | - sg-abc (security group) | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | N/A | | Description | Supplementary information about the security group rule. This parameter is optional. | N/A |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. Click **OK**. #. Click **OK**.

30
umn/source/operation_guide_new_console_edition/security/security_group/adding_instances_to_and_removing_them_from_a_security_group.rst
View File

@ -16,27 +16,25 @@ Adding Instances to a Security Group
------------------------------------ ------------------------------------
#. Log in to the management console. #. Log in to the management console.
#. Click |image1| in the upper left corner and select the desired region and project.
2. Click |image1| in the upper left corner and select the desired region and project. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
3. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. In the navigation pane on the left, choose **Access Control** > **Security Groups**.
4. In the navigation pane on the left, choose **Access Control** > **Security Groups**. #. On the **Security Groups** page, click **Manage Instance** in the **Operation** column.
5. On the **Security Groups** page, click **Manage Instance** in the **Operation** column. #. On the **Servers** tab, click **Add** and add one or more servers to the current security group.
6. On the **Servers** tab, click **Add** and add one or more servers to the current security group. #. On the **Extension NICs** tab, click **Add** and add one or more extension NICs to the current security group.
7. On the **Extension NICs** tab, click **Add** and add one or more extension NICs to the current security group. #. Click **OK**.
8. Click **OK**.
Removing Instances from a Security Group Removing Instances from a Security Group
---------------------------------------- ----------------------------------------
#. Log in to the management console. #. Log in to the management console.
#. Click |image2| in the upper left corner and select the desired region and project.
2. Click |image2| in the upper left corner and select the desired region and project. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
3. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. In the navigation pane on the left, choose **Access Control** > **Security Groups**.
4. In the navigation pane on the left, choose **Access Control** > **Security Groups**. #. On the **Security Groups** page, click **Manage Instance** in the **Operation** column.
5. On the **Security Groups** page, click **Manage Instance** in the **Operation** column. #. On the **Servers** tab, locate the target server and click **Remove** in the **Operation** column to remove the server from current security group.
6. On the **Servers** tab, locate the target server and click **Remove** in the **Operation** column to remove the server from current security group. #. On the **Extension NICs** tab, locate the target extension NIC and click **Remove** in the **Operation** column to remove the NIC from the current security group.
7. On the **Extension NICs** tab, locate the target extension NIC and click **Remove** in the **Operation** column to remove the NIC from the current security group. #. Click **Yes**.
8. Click **Yes**.
**Removing multiple instances from a security group** **Removing multiple instances from a security group**

14
umn/source/operation_guide_new_console_edition/security/security_group/creating_a_security_group.rst
View File

@ -8,22 +8,22 @@ Creating a Security Group
Scenarios Scenarios
--------- ---------
To improve ECS access security, you can create security groups, define security group rules, and add ECSs in a VPC to different security groups. We recommend that you allocate ECSs that have different Internet access policies to different security groups. To improve ECS access security, you can create security groups, define security group rules, and add ECSs in a VPC to different security groups. We recommend that you allocate ECSs that have different Internet access requirements to different security groups.
Procedure Procedure
--------- ---------
#. Log in to the management console. #. Log in to the management console.
2. Click |image1| in the upper left corner and select the desired region and project. #. Click |image1| in the upper left corner and select the desired region and project.
3. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
4. In the navigation pane on the left, choose **Access Control** > **Security Groups**. #. In the navigation pane on the left, choose **Access Control** > **Security Groups**.
5. On the **Security Groups** page, click **Create Security Group**. #. On the **Security Groups** page, click **Create Security Group**.
6. In the **Create Security Group** area, set the parameters as prompted. :ref:`Table 1 <en-us_topic_0013748715__en-us_topic_0118534004_table65377617111335>` lists the parameters to be configured. #. In the **Create Security Group** area, set the parameters as prompted. :ref:`Table 1 <en-us_topic_0013748715__en-us_topic_0118534004_table65377617111335>` lists the parameters to be configured.
.. figure:: /_static/images/en-us_image_0000001197426329.png .. figure:: /_static/images/en-us_image_0000001197426329.png
@ -51,6 +51,6 @@ Procedure
| | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
7. Click **OK**. #. Click **OK**.
.. |image1| image:: /_static/images/en-us_image_0141273034.png .. |image1| image:: /_static/images/en-us_image_0141273034.png

8
umn/source/operation_guide_new_console_edition/security/security_group/default_security_groups_and_security_group_rules.rst
View File

@ -5,18 +5,18 @@
Default Security Groups and Security Group Rules Default Security Groups and Security Group Rules
================================================ ================================================
Your account automatically comes with a default security group. The default security group allows all outbound traffic, denies all inbound traffic, and allows all traffic between cloud resources in the group. Your cloud resources in this security group can communicate with each other already without adding additional rules. The system creates a default security group for each account. By default, the default security group rules:
:ref:`Figure 1 <securitygroup_0003__en-us_topic_0118534003_fig997718156161>` shows the default security group rules. The following uses access between ECSs as an example. - Allow all outbound packets: Instances in the default security group can send requests to and receive responses from instances in other security groups.
- Deny all inbound packets: Requests from instances in other security groups will be denied by the default security group.
.. _securitygroup_0003__en-us_topic_0118534003_fig997718156161:
.. figure:: /_static/images/en-us_image_0000001230120807.png .. figure:: /_static/images/en-us_image_0000001230120807.png
:alt: **Figure 1** Default security group :alt: **Figure 1** Default security group
**Figure 1** Default security group **Figure 1** Default security group
:ref:`Table 1 <securitygroup_0003__en-us_topic_0118534003_table493045171919>` describes the default rules for the default security group. :ref:`Table 1 <securitygroup_0003__en-us_topic_0118534003_table493045171919>` describes the default rules in the default security group.
.. _securitygroup_0003__en-us_topic_0118534003_table493045171919: .. _securitygroup_0003__en-us_topic_0118534003_table493045171919:

35
umn/source/operation_guide_new_console_edition/security/security_group/deleting_a_security_group.rst
View File

@ -8,23 +8,42 @@ Deleting a Security Group
Scenarios Scenarios
--------- ---------
This section describes how to delete security groups that you are no longer required. This section describes how to delete security groups.
Notes and Constraints Notes and Constraints
--------------------- ---------------------
- The default security group cannot be deleted. - The default security group is named **default** and cannot be deleted.
- If a security group is associated with resources other than servers and extension NICs, the security group cannot be deleted.
- A security group cannot be deleted if it is being used by instances, such as cloud servers, containers, and databases.
If want to delete such a security group, delete the instances or change the security group used by the instance first.
- A security group cannot be deleted if it is used as the source of a rule in another security group.
:ref:`Delete <vpc_securitygroup_0006>` or :ref:`modify <vpc_securitygroup_0005>` the rule and delete the security group again.
For example, if the source of a rule in security group **sg-B** is set to **sg-A**, you need to delete or modify the rule in **sg-B** before deleting **sg-A**.
Procedure Procedure
--------- ---------
#. Log in to the management console. #. Log in to the management console.
2. Click |image1| in the upper left corner and select the desired region and project. #. Click |image1| in the upper left corner and select the desired region and project.
3. On the console homepage, under **Network**, click **Virtual Private Cloud**.
4. In the navigation pane on the left, choose **Access Control** > **Security Groups**. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
5. On the **Security Groups** page, locate the row that contains the target security group, click **More** in the **Operation** column, and click **Delete**.
6. Click **Yes** in the displayed dialog box. The **Virtual Private Cloud** page is displayed.
#. In the navigation pane on the left, choose **Access Control** > **Security Groups**.
The security group list is displayed.
#. Locate the row that contains the target security group, click **More** in the **Operation** column, and click **Delete**.
A confirmation dialog box is displayed.
#. Confirm the information and click **Yes**.
.. |image1| image:: /_static/images/en-us_image_0141273034.png .. |image1| image:: /_static/images/en-us_image_0141273034.png

75
umn/source/operation_guide_new_console_edition/security/security_group/importing_and_exporting_security_group_rules.rst
View File

@ -21,12 +21,11 @@ Procedure
--------- ---------
#. Log in to the management console. #. Log in to the management console.
#. Click |image1| in the upper left corner and select the desired region and project.
2. Click |image1| in the upper left corner and select the desired region and project. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
3. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. In the navigation pane on the left, choose **Access Control** > **Security Groups**.
4. In the navigation pane on the left, choose **Access Control** > **Security Groups**. #. On the **Security Groups** page, click the security group name.
5. On the **Security Groups** page, click the security group name. #. Export and import security group rules.
6. Export and import security group rules.
- Click |image2| to export all rules of the current security group to an Excel file. - Click |image2| to export all rules of the current security group to an Excel file.
@ -38,38 +37,38 @@ Procedure
.. table:: **Table 1** Template parameters .. table:: **Table 1** Template parameters
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+=========================================================================================================================================================================================+=======================+ +=======================+=======================================================================================================================================================================================+=======================+
| Direction | The direction in which the security group rule takes effect. | Inbound | | Direction | The direction in which the security group rule takes effect. | Inbound |
| | | | | | | |
| | - Inbound rules control incoming traffic to cloud resources in the security group. | | | | - Inbound rules control incoming traffic to cloud resources in the security group. | |
| | - Outbound rules control outgoing traffic from cloud resources in the security group. | | | | - Outbound rules control outgoing traffic from cloud resources in the security group. | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP | | Protocol & Port | **Protocol**: The network protocol. Currently, the value can be **All**, **TCP**, **UDP**, **ICMP**, **GRE**, or others. | TCP |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| | **Port**: The port or port range over which the traffic can reach your ECS. The value ranges from 1 to 65535. | 22, or 22-30 | | | **Port**: The port or port range over which the traffic can reach your ECS. The value ranges from 1 to 65535. | 22, or 22-30 |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Source | The source of the security group rule. The value can be a single IP address or a security group to allow access from the IP address or instances in the security group. For example: | 0.0.0.0/0 | | Source | The source of the security group rule. The value can be a single IP address or a security group to allow access from IP addresses or instances in the security group. For example: | 0.0.0.0/0 |
| | | | | | | |
| | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | |
| | - xxx.xxx.xxx.0/24 (IPv4 address range) | | | | - xxx.xxx.xxx.0/24 (IPv4 address range) | |
| | - 0.0.0.0/0 (all IPv4 addresses) | | | | - 0.0.0.0/0 (all IPv4 addresses) | |
| | - sg-abc (security group) | | | | - sg-abc (security group) | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Destination | The destination of the security group rule. The value can be a single IP address or a security group to allow access to the IP address or instances in the security group. For example: | 0.0.0.0/0 | | Destination | The destination of the security group rule. The value can be a single IP address or a security group to allow access to IP addresses or instances in the security group. For example: | 0.0.0.0/0 |
| | | | | | | |
| | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | |
| | - xxx.xxx.xxx.0/24 (IPv4 address range) | | | | - xxx.xxx.xxx.0/24 (IPv4 address range) | |
| | - 0.0.0.0/0 (all IPv4 addresses) | | | | - 0.0.0.0/0 (all IPv4 addresses) | |
| | - sg-abc (security group) | | | | - sg-abc (security group) | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Description | Supplementary information about the security group rule. This parameter is optional. | ``-`` | | Description | Supplementary information about the security group rule. This parameter is optional. | ``-`` |
| | | | | | | |
| | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Last Modified | The time when the security group was modified. | ``-`` | | Last Modified | The time when the security group was modified. | ``-`` |
+-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+
.. |image1| image:: /_static/images/en-us_image_0141273034.png .. |image1| image:: /_static/images/en-us_image_0141273034.png
.. |image2| image:: /_static/images/en-us_image_0142360062.png .. |image2| image:: /_static/images/en-us_image_0142360062.png

13
umn/source/operation_guide_new_console_edition/security/security_group/modifying_a_security_group_rule.rst
View File

@ -14,12 +14,11 @@ Procedure
--------- ---------
#. Log in to the management console. #. Log in to the management console.
#. Click |image1| in the upper left corner and select the desired region and project.
2. Click |image1| in the upper left corner and select the desired region and project. #. On the console homepage, under **Network**, click **Virtual Private Cloud**.
3. On the console homepage, under **Network**, click **Virtual Private Cloud**. #. In the navigation pane on the left, choose **Access Control** > **Security Groups**.
4. In the navigation pane on the left, choose **Access Control** > **Security Groups**. #. On the **Security Groups** page, click the security group name.
5. On the **Security Groups** page, click the security group name. #. On the displayed page, locate the row that contains the security group rule to be modified, and click **Modify** in the **Operation** column.
6. On the displayed page, locate the row that contains the security group rule to be modified, and click **Modify** in the **Operation** column. #. Modify the rule and click **Confirm**.
7. Modify the rule and click **Confirm**.
.. |image1| image:: /_static/images/en-us_image_0141273034.png .. |image1| image:: /_static/images/en-us_image_0141273034.png

Some files were not shown because too many files have changed in this diff Show More