diff --git a/docs/vpc/umn/ALL_META.TXT.json b/docs/vpc/umn/ALL_META.TXT.json index 1392b369..6c2de4a9 100644 --- a/docs/vpc/umn/ALL_META.TXT.json +++ b/docs/vpc/umn/ALL_META.TXT.json @@ -2496,7 +2496,7 @@ "node_id":"vpc_peering_0002.xml", "product_code":"vpc", "code":"132", - "des":"This section describes how to modify the name of a VPC peering connection.Either owner of a VPC in a peering connection can modify the VPC peering connection in any state", + "des":"This section describes how to modify the basic information about a VPC peering connection, including its name and description.Either owner of a VPC in a peering connectio", "doc_type":"usermanual", "kw":"Modifying a VPC Peering Connection,VPC Peering Connection,User Guide", "search_title":"", @@ -3750,9 +3750,9 @@ "node_id":"vpc_faq_0063.xml", "product_code":"vpc", "code":"198", - "des":"Currently, a route table can contain 100 routes.", + "des":"A maximum of 200 routes can be added to each route table.", "doc_type":"usermanual", - "kw":"How Many Routes Can a Route Table Contain?,Routing,User Guide", + "kw":"How Many Routes Can I Add to a Route Table?,Routing,User Guide", "search_title":"", "metedata":[ { @@ -3761,7 +3761,7 @@ "opensource":"false" } ], - "title":"How Many Routes Can a Route Table Contain?", + "title":"How Many Routes Can I Add to a Route Table?", "githuburl":"" }, { diff --git a/docs/vpc/umn/CLASS.TXT.json b/docs/vpc/umn/CLASS.TXT.json index fa32acd5..a594cf2b 100644 --- a/docs/vpc/umn/CLASS.TXT.json +++ b/docs/vpc/umn/CLASS.TXT.json @@ -1179,7 +1179,7 @@ "code":"131" }, { - "desc":"This section describes how to modify the name of a VPC peering connection.Either owner of a VPC in a peering connection can modify the VPC peering connection in any state", + "desc":"This section describes how to modify the basic information about a VPC peering connection, including its name and description.Either owner of a VPC in a peering connectio", "product_code":"vpc", "title":"Modifying a VPC Peering Connection", "uri":"vpc_peering_0002.html", @@ -1773,9 +1773,9 @@ "code":"197" }, { - "desc":"Currently, a route table can contain 100 routes.", + "desc":"A maximum of 200 routes can be added to each route table.", "product_code":"vpc", - "title":"How Many Routes Can a Route Table Contain?", + "title":"How Many Routes Can I Add to a Route Table?", "uri":"vpc_faq_0063.html", "doc_type":"usermanual", "p_code":"197", diff --git a/docs/vpc/umn/SecurityGroup_0004.html b/docs/vpc/umn/SecurityGroup_0004.html index 056b4160..a1966be4 100644 --- a/docs/vpc/umn/SecurityGroup_0004.html +++ b/docs/vpc/umn/SecurityGroup_0004.html @@ -35,7 +35,7 @@

Source

-
Source of the security group rule. The value can be an IP address, an IP address group, or a security group to allow access from IP addresses or instances in the security group. You can specify: +
Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. You can specify:

If the source is a security group, this rule will apply to all instances associated with the selected security group.

@@ -84,7 +84,7 @@

Destination

-
Destination of the security group rule. The value can be an IP address, an IP address group, or a security group to allow access to IP addresses or instances in the security group. You can specify: +
Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. You can specify:
  • xxx.xxx.xxx.xxx/32 (IPv4 address)
  • xxx.xxx.xxx.0/24 (IPv4 address range)
  • 0.0.0.0/0 (all IPv4 addresses)
  • sg-abc (security group)

0.0.0.0/0

diff --git a/docs/vpc/umn/en-us_image_0000001818823258.png b/docs/vpc/umn/en-us_image_0000001818823258.png deleted file mode 100644 index a3ec979c..00000000 Binary files a/docs/vpc/umn/en-us_image_0000001818823258.png and /dev/null differ diff --git a/docs/vpc/umn/en-us_image_0000001818983038.png b/docs/vpc/umn/en-us_image_0000001818983038.png deleted file mode 100644 index d6154bac..00000000 Binary files a/docs/vpc/umn/en-us_image_0000001818983038.png and /dev/null differ diff --git a/docs/vpc/umn/en-us_image_0000001865582789.png b/docs/vpc/umn/en-us_image_0000001865582789.png new file mode 100644 index 00000000..92cd5049 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001865582789.png differ diff --git a/docs/vpc/umn/en-us_image_0000001865582793.png b/docs/vpc/umn/en-us_image_0000001865582793.png new file mode 100644 index 00000000..0587b67e Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001865582793.png differ diff --git a/docs/vpc/umn/en-us_image_0000001865662813.png b/docs/vpc/umn/en-us_image_0000001865662813.png new file mode 100644 index 00000000..9c324820 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001865662813.png differ diff --git a/docs/vpc/umn/en-us_image_0000001865674836.png b/docs/vpc/umn/en-us_image_0000001865674836.png new file mode 100644 index 00000000..73149eb0 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001865674836.png differ diff --git a/docs/vpc/umn/en-us_image_0000001865684752.png b/docs/vpc/umn/en-us_image_0000001865684752.png new file mode 100644 index 00000000..fed32d8a Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001865684752.png differ diff --git a/docs/vpc/umn/en-us_image_0000001865828728.png b/docs/vpc/umn/en-us_image_0000001865828728.png new file mode 100644 index 00000000..e308d674 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001865828728.png differ diff --git a/docs/vpc/umn/en-us_image_0000001865833004.png b/docs/vpc/umn/en-us_image_0000001865833004.png new file mode 100644 index 00000000..d67dfd86 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001865833004.png differ diff --git a/docs/vpc/umn/en-us_image_0000001865837676.png b/docs/vpc/umn/en-us_image_0000001865837676.png new file mode 100644 index 00000000..267f2dee Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001865837676.png differ diff --git a/docs/vpc/umn/en-us_image_0000001865884494.png b/docs/vpc/umn/en-us_image_0000001865884494.png new file mode 100644 index 00000000..eaa03022 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001865884494.png differ diff --git a/docs/vpc/umn/en-us_image_0000001865898552.png b/docs/vpc/umn/en-us_image_0000001865898552.png new file mode 100644 index 00000000..5aa7f83f Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001865898552.png differ diff --git a/docs/vpc/umn/en-us_image_0000001866046474.png b/docs/vpc/umn/en-us_image_0000001866046474.png new file mode 100644 index 00000000..8bbd5148 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001866046474.png differ diff --git a/docs/vpc/umn/en-us_image_0000001866063864.png b/docs/vpc/umn/en-us_image_0000001866063864.png new file mode 100644 index 00000000..51d37f50 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001866063864.png differ diff --git a/docs/vpc/umn/en-us_image_0000001911771617.png b/docs/vpc/umn/en-us_image_0000001911771617.png new file mode 100644 index 00000000..51d37f50 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001911771617.png differ diff --git a/docs/vpc/umn/en-us_image_0000001911842313.png b/docs/vpc/umn/en-us_image_0000001911842313.png new file mode 100644 index 00000000..a93b49ab Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001911842313.png differ diff --git a/docs/vpc/umn/en-us_image_0000001911849797.png b/docs/vpc/umn/en-us_image_0000001911849797.png new file mode 100644 index 00000000..53e6dfa1 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001911849797.png differ diff --git a/docs/vpc/umn/en-us_image_0000001911853289.png b/docs/vpc/umn/en-us_image_0000001911853289.png new file mode 100644 index 00000000..e2ad7809 Binary files /dev/null and b/docs/vpc/umn/en-us_image_0000001911853289.png differ diff --git a/docs/vpc/umn/en-us_topic_0013748715.html b/docs/vpc/umn/en-us_topic_0013748715.html index 8b5fc2b9..d4614945 100644 --- a/docs/vpc/umn/en-us_topic_0013748715.html +++ b/docs/vpc/umn/en-us_topic_0013748715.html @@ -5,6 +5,150 @@

If your instances have different Internet access requirements, you can allocate them to different security groups when creating them.

Each ECS must be associated with at least one security group. If you do not have a security group when creating an ECS, the system provides a default security group.

+

Security Group Templates

The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements. Table 1 describes the security group templates. +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 1 Security group templates

Template

+

Direction

+

Protocol/Port/Type

+

Source/Destination

+

Description

+

Application Scenario

+

General-purpose web server

+

Inbound

+

TCP: 22 (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over port 22 (SSH) for remotely logging in to Linux ECSs.

+
  • Remotely log in to ECSs.
  • Use the ping command to test ECS connectivity.
  • ECSs functioning as web servers provide website access services.
+

TCP: 3389 (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over port 3389 (RDP) for remotely logging in to Windows ECSs.

+

TCP: 80 (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over port 80 (HTTP) for visiting websites.

+

TCP: 443 (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over port 443 (HTTPS) for visiting websites.

+

ICMP: All (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over any port for using the ping command to test ECS connectivity.

+

All (IPv4)

+

All (IPv6)

+

sg-xxx

+

Allows ECSs in the security group to communicate with each other.

+

Outbound

+

All (IPv4)

+

All (IPv6)

+

0.0.0.0/0

+

Allows access from ECSs in the security group to any IP address over any port.

+

All ports open

+

Inbound

+

All (IPv4)

+

All (IPv6)

+

sg-xxx

+

Allows ECSs in the security group to communicate with each other.

+

Opening all ECS ports in a security group poses security risks.

+

All (IPv4)

+

All (IPv6)

+

0.0.0.0/0

+

Allows all IP addresses to access ECSs in the security group over any port.

+

Outbound

+

All (IPv4)

+

All (IPv6)

+

0.0.0.0/0

+

Allows access from ECSs in the security group to any IP address over any port.

+

Fast-add rule

+

Inbound

+

All (IPv4)

+

All (IPv6)

+

sg-xxx

+

Allows ECSs in the security group to communicate with each other.

+

You can select protocols and ports that the inbound rule will apply to.

+

If you do not select any protocols and ports, no protocols and ports will be opened. After the security group is created, add required rules by referring to Adding a Security Group Rule.

+

Custom port and protocol

+

0.0.0.0/0

+

Allows all IP addresses to access ECSs in a security group over specified ports (TCP or ICMP) for different purposes.

+

Outbound

+

All (IPv4)

+

All (IPv6)

+

0.0.0.0/0

+

::/0

+

Allows access from ECSs in the security group to any IP address over any port.

+
+
+
+

Notes and Constraints

If you have not created any security groups yet, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) when you create it.

The default security group name is default. For details, see Default Security Group and Its Rules.

@@ -13,50 +157,50 @@
  • In the upper right corner, click Create Security Group.

    The Create Security Group page is displayed.

  • Configure the parameters as prompted.
    Figure 1 Create Security Group
    -
    Table 1 Parameter description

    Parameter

    +
    - - - - - - - - - - - - - - diff --git a/docs/vpc/umn/en-us_topic_0013748726.html b/docs/vpc/umn/en-us_topic_0013748726.html index 1644b73b..414a37cc 100644 --- a/docs/vpc/umn/en-us_topic_0013748726.html +++ b/docs/vpc/umn/en-us_topic_0013748726.html @@ -109,7 +109,7 @@ - - - @@ -98,7 +98,7 @@ - -
    Table 2 Parameter description

    Parameter

    Description

    +

    Description

    Example Value

    +

    Example Value

    Name

    +

    Name

    Mandatory

    +

    Mandatory

    Enter the security group name.

    The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

    NOTE:

    You can change the security group name after a security group is created. It is recommended that you give each security group a different name.

    sg-AB

    +

    sg-AB

    Enterprise Project

    +

    Enterprise Project

    Mandatory

    +

    Mandatory

    When creating a security group, you can add the security group to an enabled enterprise project.

    An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

    default

    +

    default

    Template

    +

    Template

    Mandatory

    -

    A template comes with default security group rules, helping you quickly create security groups. The following templates are provided:

    -
    • Custom: This template allows you to create security groups with custom security group rules.
    • General-purpose web server (default value): The security group that you create using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389.
    • All ports open: The security group that you create using this template includes default rules that allow inbound traffic on any port. Note that allowing inbound traffic on any port poses security risks.
    +

    Mandatory

    +

    The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements.

    +

    Table 1 describes the security group templates.

    General-purpose web server

    +

    General-purpose web server

    Description

    +

    Description

    Optional

    +

    Optional

    Supplementary information about the security group. This parameter is optional.

    The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    N/A

    +

    N/A

    Key

    • Cannot be left blank.
    • Must be unique for each subnet.
    • Can contain a maximum of 36 characters.
    • Can contain only the following character types:
      • Uppercase letters
      • Lowercase letters
      • Digits
      • Special characters, including hyphens (-) and underscores (_)
      +
    • Cannot be left blank.
    • Must be unique for each subnet.
    • Can contain a maximum of 36 characters.
    • Can contain only the following character types:
      • Uppercase letters
      • Lowercase letters
      • Digits
      • Only hyphens (-), underscores (_), and at signs (@) are allowed.

    subnet_key1

    @@ -117,7 +117,7 @@

    Value

    • Can contain a maximum of 43 characters.
    • Can contain only the following character types:
      • Uppercase letters
      • Lowercase letters
      • Digits
      • Special characters, including hyphens (-) and underscores (_)
      +
    • Can contain a maximum of 43 characters.
    • Can contain only the following character types:
      • Uppercase letters
      • Lowercase letters
      • Digits
      • Only underscores (_), hyphens (-), and at signs (@) are allowed.

    subnet-01

    diff --git a/docs/vpc/umn/en-us_topic_0013748738.html b/docs/vpc/umn/en-us_topic_0013748738.html index 58db3f01..24e9a602 100644 --- a/docs/vpc/umn/en-us_topic_0013748738.html +++ b/docs/vpc/umn/en-us_topic_0013748738.html @@ -26,7 +26,7 @@

    EIP Type

    • Dynamic BGP: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails.
    • Mail BGP: EIPs with port 25, 465, or 587 enabled are used for email services.
    +
    • Dynamic BGP: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails.
    • Mail BGP: EIPs with port 25, 465, or 587 enabled are used for email services.

    The selected EIP type cannot be changed after the EIP is assigned.

    Dynamic BGP

    @@ -35,7 +35,7 @@

    Billed By

    Two options are available:

    -
    • Dedicated: The bandwidth can be used by only one EIP.
    • Shared: The bandwidth can be shared by multiple EIPs.
    +
    • Dedicated: The bandwidth can be used by only one EIP.
    • Shared: The bandwidth can be shared by multiple EIPs.

    Dedicated

    Key

    • Cannot be left blank.
    • The key value must be unique for the same EIP.
    • Can contain up to 36 characters.
    • Can contain only the following character types:
      • Uppercase letters
      • Lowercase letters
      • Digits
      • Special characters, including hyphens (-) and underscores (_)
      +
    • Cannot be left blank.
    • The key value must be unique for the same EIP.
    • Can contain up to 36 characters.
    • Can contain only the following character types:
      • Uppercase letters
      • Lowercase letters
      • Digits
      • Only hyphens (-), underscores (_), and at signs (@) are allowed.

    Ipv4_key1

    @@ -106,7 +106,7 @@

    Value

    • Can contain up to 43 characters.
    • Can contain only the following character types:
      • Uppercase letters
      • Lowercase letters
      • Digits
      • Special characters, including hyphens (-) and underscores (_)
      +
    • Can contain up to 43 characters.
    • Can contain only the following character types:
      • Uppercase letters
      • Lowercase letters
      • Digits
      • Only underscores (_), hyphens (-), and at signs (@) are allowed.

    3005eip

    @@ -120,10 +120,10 @@

    Binding an EIP

    1. On the EIPs page, locate the row that contains the target EIP, and click Bind.
    2. Select the instance that you want to bind the EIP to.
      Figure 2 Bind EIP
    3. Click OK.
    -

    An IPv6 client on the Internet can access the ECS that has an EIP bound in a VPC. For details, see How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC?

    +

    An IPv6 client on the internet can access the ECS that has an EIP bound in a VPC. For details, see How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC?

    Follow-Up Procedure

    After an ECS with an EIP bound is created, the system generates a domain name in the format of ecs-xx-xx-xx-xx.compute.xxx.com for the EIP by default. xx-xx-xx-xx indicates the EIP, and xxx indicates the domain name of the cloud service provider. You can use the domain name to access the ECS.

    -
    You can use any of the following commands to obtain the domain name of an EIP:
    • ping -a EIP
    • nslookup [-qt=ptr] EIP
    • dig -x EIP
    +
    You can use any of the following commands to obtain the domain name of an EIP:
    • ping -an EIP
    • nslookup [-qt=ptr] EIP
    • dig -x EIP
    diff --git a/docs/vpc/umn/en-us_topic_0013935842.html b/docs/vpc/umn/en-us_topic_0013935842.html index a79e633d..fe70c248 100644 --- a/docs/vpc/umn/en-us_topic_0013935842.html +++ b/docs/vpc/umn/en-us_topic_0013935842.html @@ -6,220 +6,221 @@

    Procedure

    1. Log in to the management console.
    2. Click in the upper left corner and select the desired region and project.
    3. Click in the upper left corner and choose Network > Virtual Private Cloud.

      The Virtual Private Cloud page is displayed.

    4. Click Create VPC.
    5. On the Create VPC page, set parameters as prompted.

      A default subnet will be created together with a VPC and you can also click Add Subnet to create more subnets for the VPC.

      +
      Figure 1 Create a VPC and subnet
      -
      Table 1 VPC parameter descriptions

      Category

      +
      - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Table 1 VPC parameter descriptions

      Category

      Parameter

      +

      Parameter

      Description

      +

      Description

      Example Value

      +

      Example Value

      Basic Information

      +

      Basic Information

      Region

      +

      Region

      Select the region nearest to you to ensure the lowest latency possible.

      +

      Select the region nearest to you to ensure the lowest latency possible.

      eu-de

      +

      eu-de

      Basic Information

      +

      Basic Information

      Name

      +

      Name

      The VPC name.

      +

      The VPC name.

      The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

      VPC-001

      +

      VPC-001

      Basic Information

      +

      Basic Information

      IPv4 CIDR Block

      +

      IPv4 CIDR Block

      The CIDR block of the VPC. The CIDR block of a subnet can be the same as the CIDR block for the VPC (for a single subnet in the VPC) or a subset of the CIDR block for the VPC (for multiple subnets in the VPC).

      +

      The CIDR block of the VPC. The CIDR block of a subnet can be the same as the CIDR block for the VPC (for a single subnet in the VPC) or a subset of the CIDR block for the VPC (for multiple subnets in the VPC).

      The following CIDR blocks are supported:

      10.0.0.0/8-24

      172.16.0.0/12-24

      192.168.0.0/16-24

      192.168.0.0/16

      +

      192.168.0.0/16

      Basic Information

      +

      Basic Information

      Enterprise Project

      +

      Enterprise Project

      The enterprise project to which the VPC belongs.

      +

      The enterprise project to which the VPC belongs.

      An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

      default

      +

      default

      Basic Information/Advanced Settings

      +

      Basic Information/Advanced Settings

      Tag

      +

      Tag

      The VPC tag, which consists of a key and value pair. You can add a maximum of 20 tags to each VPC.

      +

      The VPC tag, which consists of a key and value pair. You can add a maximum of 20 tags to each VPC.

      The tag key and value must meet the requirements listed in Table 2.

      • Key: vpc_key1
      • Value: vpc-01
      +
      • Key: vpc_key1
      • Value: vpc-01

      Basic Information/Advanced Settings

      +

      Basic Information/Advanced Settings

      Description

      +

      Description

      Supplementary information about the VPC. This parameter is optional.

      +

      Supplementary information about the VPC. This parameter is optional.

      The VPC description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

      N/A

      +

      N/A

      Default Subnet

      +

      Default Subnet

      Name

      +

      Name

      The subnet name.

      +

      The subnet name.

      The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

      Subnet

      +

      Subnet

      Default Subnet

      +

      Default Subnet

      IPv4 CIDR Block

      +

      IPv4 CIDR Block

      The CIDR block for the subnet. This value must be within the VPC CIDR block.

      +

      The CIDR block for the subnet. This value must be within the VPC CIDR block.

      192.168.0.0/24

      +

      192.168.0.0/24

      Default Subnet

      +

      Default Subnet

      IPv6 CIDR Block

      +

      IPv6 CIDR Block

      Specifies whether to set IPv6 CIDR Block to Enable.

      +

      Specifies whether to set IPv6 CIDR Block to Enable.

      After the IPv6 function is enabled, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

      -

      +

      -

      Default Subnet

      +

      Default Subnet

      Associated Route Table

      +

      Associated Route Table

      The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

      +

      The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

      Default

      +

      Default

      Default Subnet/Advanced Settings

      +

      Default Subnet/Advanced Settings

      Gateway

      +

      Gateway

      The gateway address of the subnet.

      +

      The gateway address of the subnet.

      192.168.0.1

      +

      192.168.0.1

      Default Subnet/Advanced Settings

      +

      Default Subnet/Advanced Settings

      DNS Server Address

      +

      DNS Server Address

      By default, two DNS server addresses are configured. You can change them as required. A maximum of five DNS server addresses can be configured. Multiple IP addresses must be separated using commas (,).

      +

      By default, two DNS server addresses are configured. You can change them as required. A maximum of five DNS server addresses can be configured. Multiple IP addresses must be separated using commas (,).

      100.125.x.x

      +

      100.125.x.x

      Default Subnet/Advanced Settings

      +

      Default Subnet/Advanced Settings

      NTP Server Address

      +

      NTP Server Address

      The IP address of the NTP server. This parameter is optional.

      +

      The IP address of the NTP server. This parameter is optional.

      You can configure the NTP server IP addresses to be added to the subnet as required. The IP addresses are added in addition to the default NTP server addresses. If you do not specify this parameter, no additional NTP server IP addresses will be added.

      A maximum of four IP addresses can be configured. Multiple IP addresses must be separated using commas (,).

      192.168.2.1

      +

      192.168.2.1

      Default Subnet/Advanced Settings

      +

      Default Subnet/Advanced Settings

      Tag

      +

      Tag

      The subnet tag, which consists of a key and value pair. You can add a maximum of 20 tags to each subnet.

      +

      The subnet tag, which consists of a key and value pair. You can add a maximum of 20 tags to each subnet.

      The tag key and value must meet the requirements listed in Table 3.

      • Key: subnet_key1
      • Value: subnet-01
      +
      • Key: subnet_key1
      • Value: subnet-01

      Default Subnet/Advanced Settings

      +

      Default Subnet/Advanced Settings

      Description

      +

      Description

      Supplementary information about the subnet. This parameter is optional.

      +

      Supplementary information about the subnet. This parameter is optional.

      The subnet description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

      N/A

      +

      N/A
      -
      Table 2 VPC tag key and value requirements

      Parameter

      +
      - - - - - - - -
      Table 2 VPC tag key and value requirements

      Parameter

      Requirements

      +

      Requirements

      Example Value

      +

      Example Value

      Key

      +

      Key

      • Cannot be left blank.
      • Must be unique for each VPC and can be the same for different VPCs.
      • Can contain a maximum of 36 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Special characters, including hyphens (-) and underscores (_)
        +
      • Cannot be left blank.
      • Must be unique for each VPC and can be the same for different VPCs.
      • Can contain a maximum of 36 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Only hyphens (-), underscores (_), and at signs (@) are allowed.

      vpc_key1

      +

      vpc_key1

      Value

      +

      Value

      • Can contain a maximum of 43 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Special characters, including hyphens (-) and underscores (_)
        +
      • Can contain a maximum of 43 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Only underscores (_), hyphens (-), and at signs (@) are allowed.

      vpc-01

      +

      vpc-01
      -
      - @@ -76,9 +76,9 @@
    6. Configure required parameters.

      You can click + to add more outbound rules.

      Figure 2 Add Outbound Rule
      -
      7. Table 3 Subnet tag key and value requirements

      Parameter

      +
      - - - - - - - - diff --git a/docs/vpc/umn/en-us_topic_0017816228.html b/docs/vpc/umn/en-us_topic_0017816228.html index e80ce702..a2538b09 100644 --- a/docs/vpc/umn/en-us_topic_0017816228.html +++ b/docs/vpc/umn/en-us_topic_0017816228.html @@ -1,230 +1,7 @@

      Configuring a VPC for ECSs That Access the Internet Using EIPs

      -
      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Click in the upper left corner and choose Network > Virtual Private Cloud.

        The Virtual Private Cloud page is displayed.

        -
      4. Click Create VPC.
      5. On the Create VPC page, set parameters as prompted.

        A default subnet will be created together with a VPC and you can also click Add Subnet to create more subnets for the VPC.

        - -
      Table 3 Subnet tag key and value requirements

      Parameter

      Requirements

      +

      Requirements

      Example Value

      +

      Example Value

      Key

      +

      Key

      • Cannot be left blank.
      • Must be unique for each subnet.
      • Can contain a maximum of 36 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Special characters, including hyphens (-) and underscores (_)
        +
      • Cannot be left blank.
      • Must be unique for each subnet.
      • Can contain a maximum of 36 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Only hyphens (-), underscores (_), and at signs (@) are allowed.

      subnet_key1

      +

      subnet_key1

      Value

      +

      Value

      • Can contain a maximum of 43 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Special characters, including hyphens (-) and underscores (_)
        +
      • Can contain a maximum of 43 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Only underscores (_), hyphens (-), and at signs (@) are allowed.

      subnet-01

      +

      subnet-01
      - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
      Table 1 VPC parameter descriptions

      Category

      -

      Parameter

      -

      Description

      -

      Example Value

      -

      Basic Information

      -

      Region

      -

      Select the region nearest to you to ensure the lowest latency possible.

      -

      eu-de

      -

      Basic Information

      -

      Name

      -

      The VPC name.

      -

      The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

      -

      VPC-001

      -

      Basic Information

      -

      IPv4 CIDR Block

      -

      The CIDR block of the VPC. The CIDR block of a subnet can be the same as the CIDR block for the VPC (for a single subnet in the VPC) or a subset of the CIDR block for the VPC (for multiple subnets in the VPC).

      -

      The following CIDR blocks are supported:

      -

      10.0.0.0/8-24

      -

      172.16.0.0/12-24

      -

      192.168.0.0/16-24

      -

      192.168.0.0/16

      -

      Basic Information

      -

      Enterprise Project

      -

      The enterprise project to which the VPC belongs.

      -

      An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

      -

      default

      -

      Basic Information/Advanced Settings

      -

      Tag

      -

      The VPC tag, which consists of a key and value pair. You can add a maximum of 20 tags to each VPC.

      -

      The tag key and value must meet the requirements listed in Table 2.

      -
      • Key: vpc_key1
      • Value: vpc-01
      -

      Basic Information/Advanced Settings

      -

      Description

      -

      Supplementary information about the VPC. This parameter is optional.

      -

      The VPC description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

      -

      N/A

      -

      Default Subnet

      -

      Name

      -

      The subnet name.

      -

      The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

      -

      Subnet

      -

      Default Subnet

      -

      IPv4 CIDR Block

      -

      The CIDR block for the subnet. This value must be within the VPC CIDR block.

      -

      192.168.0.0/24

      -

      Default Subnet

      -

      IPv6 CIDR Block

      -

      Specifies whether to set IPv6 CIDR Block to Enable.

      -

      After the IPv6 function is enabled, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

      -

      -

      -

      Default Subnet

      -

      Associated Route Table

      -

      The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

      -

      Default

      -

      Default Subnet/Advanced Settings

      -

      Gateway

      -

      The gateway address of the subnet.

      -

      192.168.0.1

      -

      Default Subnet/Advanced Settings

      -

      DNS Server Address

      -

      By default, two DNS server addresses are configured. You can change them as required. A maximum of five DNS server addresses can be configured. Multiple IP addresses must be separated using commas (,).

      -

      100.125.x.x

      -

      Default Subnet/Advanced Settings

      -

      NTP Server Address

      -

      The IP address of the NTP server. This parameter is optional.

      -

      You can configure the NTP server IP addresses to be added to the subnet as required. The IP addresses are added in addition to the default NTP server addresses. If you do not specify this parameter, no additional NTP server IP addresses will be added.

      -

      A maximum of four IP addresses can be configured. Multiple IP addresses must be separated using commas (,).

      -

      192.168.2.1

      -

      Default Subnet/Advanced Settings

      -

      Tag

      -

      The subnet tag, which consists of a key and value pair. You can add a maximum of 20 tags to each subnet.

      -

      The tag key and value must meet the requirements listed in Table 3.

      -
      • Key: subnet_key1
      • Value: subnet-01
      -

      Default Subnet/Advanced Settings

      -

      Description

      -

      Supplementary information about the subnet. This parameter is optional.

      -

      The subnet description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

      -

      N/A

      -
      -
      - -
      - - - - - - - - - - - - - -
      Table 2 VPC tag key and value requirements

      Parameter

      -

      Requirements

      -

      Example Value

      -

      Key

      -
      • Cannot be left blank.
      • Must be unique for each VPC and can be the same for different VPCs.
      • Can contain a maximum of 36 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Special characters, including hyphens (-) and underscores (_)
        -
      -

      vpc_key1

      -

      Value

      -
      • Can contain a maximum of 43 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Special characters, including hyphens (-) and underscores (_)
        -
      -

      vpc-01

      -
      -
      - -
      - - - - - - - - - - - - - -
      Table 3 Subnet tag key and value requirements

      Parameter

      -

      Requirements

      -

      Example Value

      -

      Key

      -
      • Cannot be left blank.
      • Must be unique for each subnet.
      • Can contain a maximum of 36 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Special characters, including hyphens (-) and underscores (_)
        -
      -

      subnet_key1

      -

      Value

      -
      • Can contain a maximum of 43 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Special characters, including hyphens (-) and underscores (_)
        -
      -

      subnet-01

      -
      -
      -
    7. Click Create Now.
      8. - - +
      • Overview
        diff --git a/docs/vpc/umn/en-us_topic_0030969470.html b/docs/vpc/umn/en-us_topic_0030969470.html index 43caf081..c9189818 100644 --- a/docs/vpc/umn/en-us_topic_0030969470.html +++ b/docs/vpc/umn/en-us_topic_0030969470.html @@ -52,8 +52,8 @@

      Source

      Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example:
      • IP address:
        • Single IP address: 192.168.10.10/32
        • All IP addresses: 0.0.0.0/0
        • IP address range: 192.168.1.0/24
        -
      • Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
      +
      Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group.
      • IP address:
        • Single IP address: 192.168.10.10/32
        • All IP addresses: 0.0.0.0/0
        • IP address range: 192.168.1.0/24
        +
      • Security group: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A.

      If the source is a security group, this rule will apply to all instances associated with the selected security group.

      - - diff --git a/docs/vpc/umn/vpc_SecurityGroup_0011.html b/docs/vpc/umn/vpc_SecurityGroup_0011.html index b461908a..789f4008 100644 --- a/docs/vpc/umn/vpc_SecurityGroup_0011.html +++ b/docs/vpc/umn/vpc_SecurityGroup_0011.html @@ -6,6 +6,7 @@

      Procedure

      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. In the upper left corner of the page, click . In the service list, choose Computing > Elastic Cloud Server.

        The ECS list is displayed.

      4. On the Elastic Cloud Server page, click the name of the target ECS.

        The page providing details about the ECS is displayed.

      5. Click the Security Groups tab and view information about the security group used by the ECS.

        You can view the security groups associated with the ECS and the inbound and outbound rules.

        +
        Figure 1 View the security group of an ECS
      diff --git a/docs/vpc/umn/vpc_acl_0009.html b/docs/vpc/umn/vpc_acl_0009.html index a54d7261..7ca7ce3e 100644 --- a/docs/vpc/umn/vpc_acl_0009.html +++ b/docs/vpc/umn/vpc_acl_0009.html @@ -4,7 +4,8 @@

      Scenarios

      View details about a firewall.

      Procedure

      1. Log in to the management console.
      1. Click in the upper left corner and select the desired region and project.
      2. Click in the upper left corner and choose Network > Virtual Private Cloud.

        The Virtual Private Cloud page is displayed.

        -
      3. In the navigation pane on the left, choose Access Control > Firewalls.
      4. Locate the target firewall and click its name to switch to the page showing details of that particular firewall.
      5. On the displayed page, click the Inbound Rules, Outbound Rules, and Associated Subnets tabs one by one to view details about inbound rules, outbound rules, and subnet associations.
      +
    8. In the navigation pane on the left, choose Access Control > Firewalls.
    9. Locate the target firewall and click its name to switch to the page showing details of that particular firewall.
    10. On the displayed page, click the Inbound Rules, Outbound Rules, and Associated Subnets tabs one by one to view details about inbound rules, outbound rules, and subnet associations.
      Figure 1 Viewing a firewall
      +
      11. diff --git a/docs/vpc/umn/vpc_faq_0063.html b/docs/vpc/umn/vpc_faq_0063.html index 4c8742ab..6a72902f 100644 --- a/docs/vpc/umn/vpc_faq_0063.html +++ b/docs/vpc/umn/vpc_faq_0063.html @@ -1,7 +1,7 @@ -

      How Many Routes Can a Route Table Contain?

      -

      Currently, a route table can contain 100 routes.

      +

      How Many Routes Can I Add to a Route Table?

      +

      A maximum of 200 routes can be added to each route table.

      diff --git a/docs/vpc/umn/vpc_faq_0103.html b/docs/vpc/umn/vpc_faq_0103.html index c613696d..9172f959 100644 --- a/docs/vpc/umn/vpc_faq_0103.html +++ b/docs/vpc/umn/vpc_faq_0103.html @@ -2,13 +2,37 @@

      Change History

      -
      Table 2 Outbound rule parameter description

      Parameter

      +
      - @@ -108,9 +108,9 @@ - diff --git a/docs/vpc/umn/en-us_topic_0068145818.html b/docs/vpc/umn/en-us_topic_0068145818.html index 4cfd7af2..f37084e9 100644 --- a/docs/vpc/umn/en-us_topic_0068145818.html +++ b/docs/vpc/umn/en-us_topic_0068145818.html @@ -15,7 +15,7 @@ - - @@ -43,7 +43,7 @@
      • IP address:
        • Example IPv4 address: 192.168.10.10/32
        • Example IPv6 address: 2002:50::44/128
        • Example IPv4 address range: 192.168.52.0/24 All IPv4 addresses: 0.0.0.0/0
        • Example IPv6 address range: 2407:c080:802:469::/64 All IPv6 addresses: ::/0
      • Security group: You can select another security group in the same region under the current account as the destination.

        For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with Destination set to security group B, access from instance A is allowed to instance B.

        -
      • IP address group: If you have multiple IP address ranges and IP addresses with same security requirements, add them to an IP address group and select the group as the destination to help you manage them in a more simple way.
      + @@ -145,6 +145,51 @@ +

      Security Group Configuration Process

      Figure 1 Security group configuration process
      + +
      Table 2 Outbound rule parameter description

      Parameter

      Description

      +

      Description

      Example Value

      Destination

      Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

      +

      Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group.

      • IP address:
        • Single IP address: 192.168.10.10/32
        • All IP addresses: 0.0.0.0/0
        • IP address range: 192.168.1.0/24
        -
      • Security group: The destination is from another security group. You can select a security group in the same region under the current account from the drop-down list. For example, instance A is in security group A and instance B is in security group B. If security group A has an outbound rule with Action set to Allow and Destination set to security group B, access from instance A is allowed to instance B.
      +
    11. Security group: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A.
      		12.

      0.0.0.0/0

      Key

      • Cannot be left blank.
      • Must be unique for each EIP.
      • Can contain a maximum of 36 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Special characters, including hyphens (-) and underscores (_)
        +
      • Cannot be left blank.
      • Must be unique for each EIP.
      • Can contain a maximum of 36 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Only hyphens (-), underscores (_), and at signs (@) are allowed.

      Ipv4_key1

      @@ -23,7 +23,7 @@

      Value

      • Can contain a maximum of 43 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Special characters, including hyphens (-) and underscores (_)
        +
      • Can contain a maximum of 43 characters.
      • Can contain only the following character types:
        • Uppercase letters
        • Lowercase letters
        • Digits
        • Only underscores (_), hyphens (-), and at signs (@) are allowed.

      3005eip

      @@ -37,7 +37,7 @@

      You can add multiple tag keys and values to refine your search results. If you add more than one tag to search for EIPs, the system will display only the EIPs that match all of the tags you specified.

      -
      Adding, deleting, editing, and viewing tags on the Tags tab of an EIP
      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Click in the upper left corner, and choose Network > Elastic IP.
      4. On the displayed page, locate the EIP whose tags you want to manage, and click the EIP name.
      5. On the page showing EIP details, click the Tags tab and perform desired operations on tags.
        • View tags.

          On the Tags tab, you can view details about tags added to the current EIP, including the number of tags and the key and value of each tag.

          +
          Adding, deleting, editing, and viewing tags on the Tags tab of an EIP
          1. Log in to the management console.
          2. Click in the upper left corner and select the desired region and project.
          3. Click in the upper left corner, and choose Network > Elastic IP.
          4. On the displayed page, locate the EIP whose tags you want to manage, and click the EIP name.
          5. On the page showing EIP details, click the Tags tab and perform desired operations on tags.
            • View tags.

              On the Tags tab, you can view details about tags added to the current EIP, including the number of tags and the key and value of each tag.

            • Add a tag.

              Click Add Tag in the upper left corner. In the displayed Add Tag dialog box, enter the tag key and value, and click OK.

            • Edit a tag.

              Locate the row that contains the tag you want to edit, and click Edit in the Operation column. Enter the new tag value, and click OK.

              The tag key cannot be modified.

              diff --git a/docs/vpc/umn/en-us_topic_0073379079.html b/docs/vpc/umn/en-us_topic_0073379079.html index a500fff8..400ce3fc 100644 --- a/docs/vpc/umn/en-us_topic_0073379079.html +++ b/docs/vpc/umn/en-us_topic_0073379079.html @@ -7,7 +7,7 @@

              Security Group Basics

              • Security groups are stateful. If you send a request from your instance and the outbound traffic is allowed, the response traffic for that request is allowed to flow in regardless of inbound security group rules. Similarly, if inbound traffic is allowed, responses to allowed inbound traffic are allowed to flow out, regardless of outbound rules.
              • Security groups use connection tracking to track traffic to and from instances. If an inbound rule is modified, the modified rule immediately takes effect for the existing traffic. Changes to outbound security group rules do not affect existing persistent connections and take effect only for new connections.

                If you add, modify, or delete a security group rule, or add or remove an instance to or from a security group, the inbound connections of all instances in the security group will be automatically cleared.

                • The existing inbound persistent connections will be disconnected. All the new connections will match the new rules.
                • The existing outbound persistent connections will not be disconnected, and the original rule will still be applied. All the new connections will match the new rules.
              -

              After a persistent connection is disconnected, new connections will not be established immediately until the timeout period of connection tracking expires. For example, after an ICMP persistent connection is disconnected, a new connection will be established and a new rule will apply when the timeout period (30s) expires.

              +

              After a persistent connection is disconnected, new connections will not be established immediately until the timeout period of connection tracking expires. For example, after an ICMP persistent connection is disconnected, a new connection will be established and a new rule will be applied when the timeout period (30s) expires.

              • The timeout period of connection tracking varies by protocol. The timeout period of a TCP connection in the established state is 600s, and that of an ICMP connection is 30s. For other protocols, if packets are received in both inbound and outbound directions, the connection tracking timeout period is 180s. If packets are received only in one direction, the connection tracking timeout period is 30s.
              • The timeout period of TCP connections varies by connection status. The timeout period of a TCP connection in the established state is 600s, and that of a TCP connection in the FIN-WAIT state is 30s.
              @@ -33,7 +33,7 @@
      The source in an inbound rule is used to match the IP address or address range of an external request. The source can be:
      • IP address:
        • Example IPv4 address: 192.168.10.10/32
        • Example IPv6 address: 2002:50::44/128
        • Example IPv4 address range: 192.168.52.0/24 All IPv4 addresses: 0.0.0.0/0
        • Example IPv6 address range: 2407:c080:802:469::/64 All IPv6 addresses: ::/0
      • Security group: You can select another security group in the same region under the current account as the source.

        For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with Source set to security group B, access from instance B is allowed to instance A.

        -
      • IP address group: If you have multiple IP address ranges and IP addresses with same security requirements, add them to an IP address group and select the group as the source to help you manage them in a more simple way.
      +
      + + + + + + + + + + + + + + + + + + + + + +
      Table 3 Security group configuration process description

      No.

      +

      Step

      +

      Description

      +

      Reference

      +

      1

      +

      Create a security group.

      +

      When creating a security group, you can select a template, such General-purpose web server or All ports open. A template contains preset security group rules. For details, see Security group templates.

      +

      Creating a Security Group

      +

      2

      +

      Configure security group rules.

      +

      After a security group is created, if its rules cannot meet your service requirements, you can add new rules to the security group or modify original rules.

      +

      Adding a Security Group Rule

      +

      Fast-Adding Security Group Rules

      +

      3

      +

      Add instances to the security group.

      +

      When you create an instance, the system automatically adds the instance to a security group for protection.

      +

      If one security group cannot meet your requirements, you can add an instance to multiple security groups.

      +

      Adding an Instance to or Removing an Instance from a Security Group

      +
      +
      +

      Security Group Constraints

      • By default, you can create a maximum of 100 security groups in your cloud account.
      • By default, you can add up to 50 security group rules to a security group.
      diff --git a/docs/vpc/umn/faq_route.html b/docs/vpc/umn/faq_route.html index 70d332b7..2aae67d6 100644 --- a/docs/vpc/umn/faq_route.html +++ b/docs/vpc/umn/faq_route.html @@ -4,7 +4,7 @@
        -
      • How Many Routes Can a Route Table Contain?
        +
      • How Many Routes Can I Add to a Route Table?
      • Are There Any Restrictions on Using a Route Table?
        • diff --git a/docs/vpc/umn/vpc010014.html b/docs/vpc/umn/vpc010014.html index b161026f..c149c8a6 100644 --- a/docs/vpc/umn/vpc010014.html +++ b/docs/vpc/umn/vpc010014.html @@ -3,7 +3,8 @@

        Creating an Alarm Rule

        Scenarios

        You can configure alarm rules to customize the monitored objects and notification policies. You can learn your resource statuses at any time.

        -

        Procedure

        1. Log in to the management console.
        1. Click in the upper left corner and select the desired region and project.
        2. In the upper left corner of the page, click to open the service list and choose Management & Deployment > Cloud Eye.
        3. In the left navigation pane on the left, choose Alarm Management > Alarm Rules.
        4. On the Alarm Rules page, click Create Alarm Rule and set required parameters, or modify an existing alarm rule.
        5. After the parameters are set, click Create.

          After the alarm rule is created, the system automatically notifies you if an alarm is triggered for the VPC service.

          +

          Procedure

          1. Log in to the management console.
          1. Click in the upper left corner and select the desired region and project.
          2. In the upper left corner of the page, click to open the service list and choose Management & Deployment > Cloud Eye.
          3. In the left navigation pane on the left, choose Alarm Management > Alarm Rules.
          4. On the Alarm Rules page, click Create Alarm Rule and set required parameters, or modify an existing alarm rule.
            Figure 1 Create an alarm rule
            +
          5. After the parameters are set, click Create.

            After the alarm rule is created, the system automatically notifies you if an alarm is triggered for the VPC service.

            For more information about alarm rules, see Cloud Eye User Guide.

          diff --git a/docs/vpc/umn/vpc_SecurityGroup_0006.html b/docs/vpc/umn/vpc_SecurityGroup_0006.html index 279fbc03..50c0bb48 100644 --- a/docs/vpc/umn/vpc_SecurityGroup_0006.html +++ b/docs/vpc/umn/vpc_SecurityGroup_0006.html @@ -3,8 +3,7 @@

          Deleting a Security Group Rule

          Scenarios

          If your security group rule is no longer required, you can delete it.

          -

          Notes and Constraints

          Security group rules use whitelists. Deleting a security group rule may result in ECS access failures. Security group rules work as follows:
          • Inbound rule: If an inbound request matches the source in an inbound security group rule with Action set to Allow, the request is allowed.
          • Outbound rule: If the destination of an outbound security group rule with Action set to Allow is 0.0.0.0/0, all outbound requests are allowed.
          -
          +

          Notes and Constraints

          Security group rules use whitelists. Deleting a security group rule may result in ECS access failures.

          Procedure

          1. Log in to the management console.
          1. Click in the upper left corner and select the desired region and project.
          2. Click in the upper left corner and choose Network > Virtual Private Cloud.

            The Virtual Private Cloud page is displayed.

          3. In the navigation pane on the left, choose Access Control > Security Groups.

            The security group list is displayed.

            diff --git a/docs/vpc/umn/vpc_SecurityGroup_0007.html b/docs/vpc/umn/vpc_SecurityGroup_0007.html index ce44489b..eecefd93 100644 --- a/docs/vpc/umn/vpc_SecurityGroup_0007.html +++ b/docs/vpc/umn/vpc_SecurityGroup_0007.html @@ -4,7 +4,7 @@

            Scenarios

            You can configure security group rules in an Excel file and import the rules to the security group. You can also export security group rules to an Excel file. You are advised to use this function in the following scenarios:

            • If you want to quickly create or restore a security group rule, you can import your exported security group rule file to the security group.
            • If you want to back up security group rules locally, you can export the rules to an Excel file.
            • If you want to quickly apply the rules of one security group to another, or if you want to modify multiple rules of the current security group at once, you can import or export existing rules.
            -

            Notes and Constraints

            • The security group rules to be imported must be configured based on the template. Do not add parameters or change existing parameters. Otherwise, the import will fail.
            • Duplicate rules are not allowed, you can delete the rule and try again.
            +

            Notes and Constraints

            • The security group rules to be imported must be configured based on the template. Do not add parameters or change existing parameters. Otherwise, the import will fail.
            • Duplicate rules are not allowed, you can delete the rule and try again.
            • If you want to import rules of the security group in one region to another under one account, only rules with both Source and Destination set to IP address can be applied.
            • If you want to import rules of the security group in one account to the security group in another account, only rules with both Source and Destination set to IP address can be applied.

            Procedure

            1. Log in to the management console.
            2. Click in the upper left corner and select the desired region and project.
            3. Click in the upper left corner and choose Network > Virtual Private Cloud.

              The Virtual Private Cloud page is displayed.

            4. In the navigation pane on the left, choose Access Control > Security Groups.

              The security group list is displayed.

              @@ -49,8 +49,8 @@

      Source

      Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example:
      • IP address:
        • Single IP address: 192.168.10.10/32
        • All IP addresses: 0.0.0.0/0
        • IP address range: 192.168.1.0/24
        -
      • Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
      • IP address group: The source is an IP address group. An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.
      +
      Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group.
      • IP address:
        • Single IP address: 192.168.10.10/32
        • All IP addresses: 0.0.0.0/0
        • IP address range: 192.168.1.0/24
        +
      • Security group: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A.

      sg-test[96a8a93f-XXX-d7872990c314]

      @@ -58,7 +58,7 @@

      Destination

      Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

      +

      Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group.

      sg-test[96a8a93f-XXX-d7872990c314]

      Released On

      +
      - + + + + + + + + + + + +

      Released On

      Description

      2024-04-16

      +

      2024-05-06

      +

      This release incorporates the following changes:

      +

      Removed step links in Configuring a VPC for ECSs That Do Not Require Internet Access and Configuring a VPC for ECSs That Access the Internet Using EIPs.

      +

      2024-04-25

      +

      This release incorporates the following changes:

      + +

      2024-04-22

      +

      This release incorporates the following changes:

      + +

      2024-04-18

      +

      This release incorporates the following changes:

      +

      Modified the maximum number of custom routes that can be added to a route table in How Many Routes Can I Add to a Route Table?.

      +

      2024-04-16
      This release incorporates the following changes:
      @@ -272,7 +296,7 @@

      2020-03-06

      Modified the following content:

      - +

      2019-12-13

      diff --git a/docs/vpc/umn/vpc_peering_0001.html b/docs/vpc/umn/vpc_peering_0001.html index b68cfc14..f4760721 100644 --- a/docs/vpc/umn/vpc_peering_0001.html +++ b/docs/vpc/umn/vpc_peering_0001.html @@ -7,6 +7,7 @@

      Procedure

      1. Log in to the management console.
      1. Click in the upper left corner and select the desired region and project.
      2. Click in the upper left corner and choose Network > Virtual Private Cloud.

        The Virtual Private Cloud page is displayed.

      3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

        The VPC peering connection list is displayed.

      4. In the VPC peering connection list, click the name of the target VPC peering connection.

        On the displayed page, view details about the VPC peering connection.

        +
        Figure 1 View VPC peering connections
      diff --git a/docs/vpc/umn/vpc_peering_0002.html b/docs/vpc/umn/vpc_peering_0002.html index 8ee1098a..cae6d3ea 100644 --- a/docs/vpc/umn/vpc_peering_0002.html +++ b/docs/vpc/umn/vpc_peering_0002.html @@ -1,7 +1,7 @@

      Modifying a VPC Peering Connection

      -

      Scenarios

      This section describes how to modify the name of a VPC peering connection.

      +

      Scenarios

      This section describes how to modify the basic information about a VPC peering connection, including its name and description.

      Either owner of a VPC in a peering connection can modify the VPC peering connection in any state.

      Procedure

      1. Log in to the management console.
      1. Click in the upper left corner and select the desired region and project.
      2. Click in the upper left corner and choose Network > Virtual Private Cloud.

        The Virtual Private Cloud page is displayed.

        diff --git a/docs/vpc/umn/vpc_peering_0004.html b/docs/vpc/umn/vpc_peering_0004.html index 5a137418..8eb36178 100644 --- a/docs/vpc/umn/vpc_peering_0004.html +++ b/docs/vpc/umn/vpc_peering_0004.html @@ -8,15 +8,19 @@

        Viewing Routes of a VPC Peering Connection Between VPCs in the Same Account

        1. Log in to the management console.
        1. Click in the upper left corner and select the desired region and project.
        2. Click in the upper left corner and choose Network > Virtual Private Cloud.

          The Virtual Private Cloud page is displayed.

        3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

        4. In the VPC peering connection list, click the name of the target VPC peering connection.

          The page showing the VPC peering connection details is displayed.

          -
        5. View the routes added for the VPC peering connection:
          1. Click the Local Routes tab to view the local route added for the VPC peering connection.
          2. Click the Peer Routes tab to view the peer route added for the VPC peering connection.
          +
        6. In the route list, view the route information.

          You can view the route destination, VPC, next hop, route table, and more.

          +
          Figure 1 View routes of a VPC peering connection between VPCs in the same account

        Viewing Routes of a VPC Peering Connection Between VPCs in Different Accounts

        Only the account owner of a VPC in a VPC peering connection can view the routes added for the connection.

        1. Log in to the management console using the account of the local VPC and view the route of the local VPC:
          1. Click in the upper left corner and select the desired region and project.
          2. Click in the upper left corner and choose Network > Virtual Private Cloud.

            The Virtual Private Cloud page is displayed.

            -
          3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

            The VPC peering connection list is displayed.

            +
          4. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

            The VPC peering connection list is displayed.

          5. In the VPC peering connection list, click the name of the target VPC peering connection.

            The page showing the VPC peering connection details is displayed.

            -
          6. Click the Local Routes tab to view the local route added for the VPC peering connection.
          -
        2. Log in to the management console using the account of the peer VPC and view the route of the peer VPC by referring to 1.
        +
      3. In the route list, view the route information.

        You can view the route destination, VPC, next hop, route table, and more.

        +
        Figure 2 View the local routes of a VPC peering connection between VPCs in different accounts
        +
      +
    12. Log in to the management console using the account of the peer VPC and view the route of the peer VPC by referring to 1.
      Figure 3 View the peer routes of a VPC peering connection between VPCs in different accounts
      +
      13. diff --git a/docs/vpc/umn/vpc_peering_0006.html b/docs/vpc/umn/vpc_peering_0006.html index 07dd6fb4..ef31795a 100644 --- a/docs/vpc/umn/vpc_peering_0006.html +++ b/docs/vpc/umn/vpc_peering_0006.html @@ -4,25 +4,18 @@

      Scenarios

      This section describes how to delete routes from the route tables of the local and peer VPCs connected by a VPC peering connection.
      -

      Deleting Routes of a VPC Peering Connection Between VPCs in the Same Account

      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Click in the upper left corner and choose Network > Virtual Private Cloud.

        The Virtual Private Cloud page is displayed.

        +

        Deleting Routes of a VPC Peering Connection Between VPCs in the Same Account

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Click in the upper left corner and choose Network > Virtual Private Cloud.

          The Virtual Private Cloud page is displayed.

        4. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

        5. In the VPC peering connection list, click the name of the target VPC peering connection.

          The page showing the VPC peering connection details is displayed.

          -
        6. Delete the route added to the route table of the local VPC:
          1. Click the Local Routes tab and then click the Route Tables hyperlink.

            The Summary tab of the default route table for the local VPC is displayed.

            -
          2. Locate the row that contains the route to be deleted and click Delete in the Operation column.

            A confirmation dialog box is displayed.

            -
          3. Click Yes.
          -
        7. Delete the route added to the route table of the peer VPC:
          1. Click the Peer Routes tab and then click the Route Tables hyperlink.

            The Summary tab of the default route table for the peer VPC is displayed.

            -
          2. Locate the row that contains the route to be deleted and click Delete in the Operation column.

            A confirmation dialog box is displayed.

            -
          3. Click Yes.
          -
        +
      4. In the route list, locate the route and click Delete in the Operation column.

        A confirmation dialog box is displayed.

        +
      5. Confirm the information and click OK.

      Deleting Routes of a VPC Peering Connection Between VPCs in Different Accounts

      Only the account owner of a VPC in a VPC peering connection can delete the routes added for the connection.

      -
      1. Log in to the management console using the account of the local VPC and delete the route of the local VPC:
        1. Click in the upper left corner and select the desired region and project.
        2. Click in the upper left corner and choose Network > Virtual Private Cloud.

          The Virtual Private Cloud page is displayed.

          -
        3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

          +
          1. Log in to the management console using the account of the local VPC and delete the route of the local VPC:
            1. Click in the upper left corner and select the desired region and project.
            2. Click in the upper left corner and choose Network > Virtual Private Cloud.

              The Virtual Private Cloud page is displayed.

              +
            3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

              The VPC peering connection list is displayed.

            4. In the VPC peering connection list, click the name of the target VPC peering connection.

              The page showing the VPC peering connection details is displayed.

              -
            5. Delete the route added to the route table of the local VPC:
              1. Click the Local Routes tab and then click the Route Tables hyperlink.

                The Summary tab of the default route table for the local VPC is displayed.

                -
              2. Locate the row that contains the route to be deleted and click Delete in the Operation column.

                A confirmation dialog box is displayed.

                -
              3. Click Yes.
              -
            +
          2. In the route list, locate the route and click Delete in the Operation column.

            A confirmation dialog box is displayed.

            +
          3. Confirm the information and click OK.
        4. Log in to the management console using the account of the peer VPC and delete the route of the peer VPC by referring to 1.
      diff --git a/docs/vpc/umn/vpc_peering_0007.html b/docs/vpc/umn/vpc_peering_0007.html index b382ebde..0c5cfba1 100644 --- a/docs/vpc/umn/vpc_peering_0007.html +++ b/docs/vpc/umn/vpc_peering_0007.html @@ -5,25 +5,18 @@

      You can follow the instructions provided in this section to modify routes based on your requirements.

      -

      Modifying Routes of a VPC Peering Connection Between VPCs in the Same Account

      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Click in the upper left corner and choose Network > Virtual Private Cloud.

        The Virtual Private Cloud page is displayed.

        +

        Modifying Routes of a VPC Peering Connection Between VPCs in the Same Account

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Click in the upper left corner and choose Network > Virtual Private Cloud.

          The Virtual Private Cloud page is displayed.

        4. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

        5. In the VPC peering connection list, click the name of the target VPC peering connection.

          The page showing the VPC peering connection details is displayed.

          -
        6. Modify the route added to the route table of the local VPC:
          1. Click the Local Routes tab and then click the Route Tables hyperlink.

            The Summary tab of the default route table for the local VPC is displayed.

            -
          2. Locate the row that contains the route to be modified and click Modify in the Operation column.

            The Modify Route dialog box is displayed.

            -
          3. Modify the route and click OK.
          -
        7. Modify the route added to the route table of the peer VPC:
          1. Click the Peer Routes tab and then click the Route Tables hyperlink.

            The Summary tab of the default route table for the peer VPC is displayed.

            -
          2. Locate the row that contains the route to be modified and click Modify in the Operation column.

            The Modify Route dialog box is displayed.

            -
          3. Modify the route and click OK.
          -
        +
      4. In the route list, click the route table hyperlink of the route.

        The route table details page is displayed.

        +
      5. In the route list, locate the route and click Modify in the Operation column.
      6. Modify the route and click OK.

      Modifying Routes of a VPC Peering Connection Between VPCs in Different Accounts

      Only the account owner of a VPC can modify the routes added for the connection.

      -
      1. Log in to the management console using the account of the local VPC and modify the route of the local VPC:
        1. Click in the upper left corner and select the desired region and project.
        2. Click in the upper left corner and choose Network > Virtual Private Cloud.

          The Virtual Private Cloud page is displayed.

          -
        3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

          +
          1. Log in to the management console using the account of the local VPC and modify the route of the local VPC:
            1. Click in the upper left corner and select the desired region and project.
            2. Click in the upper left corner and choose Network > Virtual Private Cloud.

              The Virtual Private Cloud page is displayed.

              +
            3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

              The VPC peering connection list is displayed.

            4. In the VPC peering connection list, click the name of the target VPC peering connection.

              The page showing the VPC peering connection details is displayed.

              -
            5. Modify the route added to the route table of the local VPC:
              1. Click the Local Routes tab and then click the Route Tables hyperlink.

                The Summary tab of the default route table for the local VPC is displayed.

                -
              2. Locate the row that contains the route to be modified and click Modify in the Operation column.

                The Modify Route dialog box is displayed.

                -
              3. Modify the route and click OK.
              -
            +
          2. In the route list, click the route table hyperlink of the route.

            The route table details page is displayed.

            +
          3. In the route list, locate the route and click Modify in the Operation column.
          4. Modify the route and click OK.
        4. Log in to the management console using the account of the peer VPC and modify the route of the peer VPC by referring to 1.
      diff --git a/docs/vpc/umn/vpc_qs_0005.html b/docs/vpc/umn/vpc_qs_0005.html index e6d1df35..fe0184ec 100644 --- a/docs/vpc/umn/vpc_qs_0005.html +++ b/docs/vpc/umn/vpc_qs_0005.html @@ -6,220 +6,221 @@

      Procedure

      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Click in the upper left corner and choose Network > Virtual Private Cloud.

        The Virtual Private Cloud page is displayed.

      4. Click Create VPC.
      5. On the Create VPC page, set parameters as prompted.

        A default subnet will be created together with a VPC and you can also click Add Subnet to create more subnets for the VPC.

        +
        Figure 1 Create a VPC and subnet
        -
        Table 1 VPC parameter descriptions

        Category

        +
        - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
        Table 1 VPC parameter descriptions

        Category

        Parameter

        +

        Parameter

        Description

        +

        Description

        Example Value

        +

        Example Value

        Basic Information

        +

        Basic Information

        Region

        +

        Region

        Select the region nearest to you to ensure the lowest latency possible.

        +

        Select the region nearest to you to ensure the lowest latency possible.

        eu-de

        +

        eu-de

        Basic Information

        +

        Basic Information

        Name

        +

        Name

        The VPC name.

        +

        The VPC name.

        The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

        VPC-001

        +

        VPC-001

        Basic Information

        +

        Basic Information

        IPv4 CIDR Block

        +

        IPv4 CIDR Block

        The CIDR block of the VPC. The CIDR block of a subnet can be the same as the CIDR block for the VPC (for a single subnet in the VPC) or a subset of the CIDR block for the VPC (for multiple subnets in the VPC).

        +

        The CIDR block of the VPC. The CIDR block of a subnet can be the same as the CIDR block for the VPC (for a single subnet in the VPC) or a subset of the CIDR block for the VPC (for multiple subnets in the VPC).

        The following CIDR blocks are supported:

        10.0.0.0/8-24

        172.16.0.0/12-24

        192.168.0.0/16-24

        192.168.0.0/16

        +

        192.168.0.0/16

        Basic Information

        +

        Basic Information

        Enterprise Project

        +

        Enterprise Project

        The enterprise project to which the VPC belongs.

        +

        The enterprise project to which the VPC belongs.

        An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

        default

        +

        default

        Basic Information/Advanced Settings

        +

        Basic Information/Advanced Settings

        Tag

        +

        Tag

        The VPC tag, which consists of a key and value pair. You can add a maximum of 20 tags to each VPC.

        +

        The VPC tag, which consists of a key and value pair. You can add a maximum of 20 tags to each VPC.

        The tag key and value must meet the requirements listed in Table 2.

        • Key: vpc_key1
        • Value: vpc-01
        +
        • Key: vpc_key1
        • Value: vpc-01

        Basic Information/Advanced Settings

        +

        Basic Information/Advanced Settings

        Description

        +

        Description

        Supplementary information about the VPC. This parameter is optional.

        +

        Supplementary information about the VPC. This parameter is optional.

        The VPC description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

        N/A

        +

        N/A

        Default Subnet

        +

        Default Subnet

        Name

        +

        Name

        The subnet name.

        +

        The subnet name.

        The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

        Subnet

        +

        Subnet

        Default Subnet

        +

        Default Subnet

        IPv4 CIDR Block

        +

        IPv4 CIDR Block

        The CIDR block for the subnet. This value must be within the VPC CIDR block.

        +

        The CIDR block for the subnet. This value must be within the VPC CIDR block.

        192.168.0.0/24

        +

        192.168.0.0/24

        Default Subnet

        +

        Default Subnet

        IPv6 CIDR Block

        +

        IPv6 CIDR Block

        Specifies whether to set IPv6 CIDR Block to Enable.

        +

        Specifies whether to set IPv6 CIDR Block to Enable.

        After the IPv6 function is enabled, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

        -

        +

        -

        Default Subnet

        +

        Default Subnet

        Associated Route Table

        +

        Associated Route Table

        The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

        +

        The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

        Default

        +

        Default

        Default Subnet/Advanced Settings

        +

        Default Subnet/Advanced Settings

        Gateway

        +

        Gateway

        The gateway address of the subnet.

        +

        The gateway address of the subnet.

        192.168.0.1

        +

        192.168.0.1

        Default Subnet/Advanced Settings

        +

        Default Subnet/Advanced Settings

        DNS Server Address

        +

        DNS Server Address

        By default, two DNS server addresses are configured. You can change them as required. A maximum of five DNS server addresses can be configured. Multiple IP addresses must be separated using commas (,).

        +

        By default, two DNS server addresses are configured. You can change them as required. A maximum of five DNS server addresses can be configured. Multiple IP addresses must be separated using commas (,).

        100.125.x.x

        +

        100.125.x.x

        Default Subnet/Advanced Settings

        +

        Default Subnet/Advanced Settings

        NTP Server Address

        +

        NTP Server Address

        The IP address of the NTP server. This parameter is optional.

        +

        The IP address of the NTP server. This parameter is optional.

        You can configure the NTP server IP addresses to be added to the subnet as required. The IP addresses are added in addition to the default NTP server addresses. If you do not specify this parameter, no additional NTP server IP addresses will be added.

        A maximum of four IP addresses can be configured. Multiple IP addresses must be separated using commas (,).

        192.168.2.1

        +

        192.168.2.1

        Default Subnet/Advanced Settings

        +

        Default Subnet/Advanced Settings

        Tag

        +

        Tag

        The subnet tag, which consists of a key and value pair. You can add a maximum of 20 tags to each subnet.

        +

        The subnet tag, which consists of a key and value pair. You can add a maximum of 20 tags to each subnet.

        The tag key and value must meet the requirements listed in Table 3.

        • Key: subnet_key1
        • Value: subnet-01
        +
        • Key: subnet_key1
        • Value: subnet-01

        Default Subnet/Advanced Settings

        +

        Default Subnet/Advanced Settings

        Description

        +

        Description

        Supplementary information about the subnet. This parameter is optional.

        +

        Supplementary information about the subnet. This parameter is optional.

        The subnet description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

        N/A

        +

        N/A
        -
        Table 2 VPC tag key and value requirements

        Parameter

        +
        - - - - - - - -
        Table 2 VPC tag key and value requirements

        Parameter

        Requirements

        +

        Requirements

        Example Value

        +

        Example Value

        Key

        +

        Key

        • Cannot be left blank.
        • Must be unique for each VPC and can be the same for different VPCs.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Cannot be left blank.
        • Must be unique for each VPC and can be the same for different VPCs.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only hyphens (-), underscores (_), and at signs (@) are allowed.

        vpc_key1

        +

        vpc_key1

        Value

        +

        Value

        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only underscores (_), hyphens (-), and at signs (@) are allowed.

        vpc-01

        +

        vpc-01
        -
        Table 3 Subnet tag key and value requirements

        Parameter

        +
        - - - - - - - - diff --git a/docs/vpc/umn/vpc_qs_0006.html b/docs/vpc/umn/vpc_qs_0006.html index 5927d12d..096340fd 100644 --- a/docs/vpc/umn/vpc_qs_0006.html +++ b/docs/vpc/umn/vpc_qs_0006.html @@ -109,7 +109,7 @@ - - - - - - @@ -74,9 +74,9 @@
      6. Configure required parameters.

        You can click + to add more outbound rules.

        Figure 2 Add Outbound Rule
        -
        7. Table 3 Subnet tag key and value requirements

        Parameter

        Requirements

        +

        Requirements

        Example Value

        +

        Example Value

        Key

        +

        Key

        • Cannot be left blank.
        • Must be unique for each subnet.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Cannot be left blank.
        • Must be unique for each subnet.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only hyphens (-), underscores (_), and at signs (@) are allowed.

        subnet_key1

        +

        subnet_key1

        Value

        +

        Value

        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only underscores (_), hyphens (-), and at signs (@) are allowed.

        subnet-01

        +

        subnet-01

        Key

        • Cannot be left blank.
        • Must be unique for each subnet.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Cannot be left blank.
        • Must be unique for each subnet.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only hyphens (-), underscores (_), and at signs (@) are allowed.

        subnet_key1

        @@ -117,7 +117,7 @@

        Value

        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only underscores (_), hyphens (-), and at signs (@) are allowed.

        subnet-01

        diff --git a/docs/vpc/umn/vpc_qs_0007.html b/docs/vpc/umn/vpc_qs_0007.html index e4124c34..3423a429 100644 --- a/docs/vpc/umn/vpc_qs_0007.html +++ b/docs/vpc/umn/vpc_qs_0007.html @@ -38,13 +38,13 @@

        default

        Template

        +

        Template

        Mandatory

        -

        A template comes with default security group rules, helping you quickly create security groups. The following templates are provided:

        -
        • Custom: This template allows you to create security groups with custom security group rules.
        • General-purpose web server (default value): The security group that you create using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389.
        • All ports open: The security group that you create using this template includes default rules that allow inbound traffic on any port. Note that allowing inbound traffic on any port poses security risks.
        +

        Mandatory

        +

        The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements.

        +

        Table 1 describes the security group templates.

        General-purpose web server

        +

        General-purpose web server

        Description

        diff --git a/docs/vpc/umn/vpc_qs_0008.html b/docs/vpc/umn/vpc_qs_0008.html index 5c4b7b58..20647166 100644 --- a/docs/vpc/umn/vpc_qs_0008.html +++ b/docs/vpc/umn/vpc_qs_0008.html @@ -50,8 +50,8 @@

        Source

        Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example:
        • IP address:
          • Single IP address: 192.168.10.10/32
          • All IP addresses: 0.0.0.0/0
          • IP address range: 192.168.1.0/24
          -
        • Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
        +
        Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group.
        • IP address:
          • Single IP address: 192.168.10.10/32
          • All IP addresses: 0.0.0.0/0
          • IP address range: 192.168.1.0/24
          +
        • Security group: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A.

        If the source is a security group, this rule will apply to all instances associated with the selected security group.

        Table 2 Outbound rule parameter description

        Parameter

        +
        - @@ -106,9 +106,9 @@ - diff --git a/docs/vpc/umn/vpc_qs_0009.html b/docs/vpc/umn/vpc_qs_0009.html index 508c9d0b..c840787f 100644 --- a/docs/vpc/umn/vpc_qs_0009.html +++ b/docs/vpc/umn/vpc_qs_0009.html @@ -6,220 +6,221 @@

        Procedure

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Click in the upper left corner and choose Network > Virtual Private Cloud.

          The Virtual Private Cloud page is displayed.

        4. Click Create VPC.
        5. On the Create VPC page, set parameters as prompted.

          A default subnet will be created together with a VPC and you can also click Add Subnet to create more subnets for the VPC.

          +
          Figure 1 Create a VPC and subnet
          -
        Table 2 Outbound rule parameter description

        Parameter

        Description

        +

        Description

        Example Value

        Destination

        Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

        +

        Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group.

        • IP address:
          • Single IP address: 192.168.10.10/32
          • All IP addresses: 0.0.0.0/0
          • IP address range: 192.168.1.0/24
          -
        • Security group: The destination is from another security group. You can select a security group in the same region under the current account from the drop-down list. For example, instance A is in security group A and instance B is in security group B. If security group A has an outbound rule with Action set to Allow and Destination set to security group B, access from instance A is allowed to instance B.
        +
      7. Security group: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A.
        		8.

        0.0.0.0/0
        Table 1 VPC parameter descriptions

        Category

        +
        - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
        Table 1 VPC parameter descriptions

        Category

        Parameter

        +

        Parameter

        Description

        +

        Description

        Example Value

        +

        Example Value

        Basic Information

        +

        Basic Information

        Region

        +

        Region

        Select the region nearest to you to ensure the lowest latency possible.

        +

        Select the region nearest to you to ensure the lowest latency possible.

        eu-de

        +

        eu-de

        Basic Information

        +

        Basic Information

        Name

        +

        Name

        The VPC name.

        +

        The VPC name.

        The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

        VPC-001

        +

        VPC-001

        Basic Information

        +

        Basic Information

        IPv4 CIDR Block

        +

        IPv4 CIDR Block

        The CIDR block of the VPC. The CIDR block of a subnet can be the same as the CIDR block for the VPC (for a single subnet in the VPC) or a subset of the CIDR block for the VPC (for multiple subnets in the VPC).

        +

        The CIDR block of the VPC. The CIDR block of a subnet can be the same as the CIDR block for the VPC (for a single subnet in the VPC) or a subset of the CIDR block for the VPC (for multiple subnets in the VPC).

        The following CIDR blocks are supported:

        10.0.0.0/8-24

        172.16.0.0/12-24

        192.168.0.0/16-24

        192.168.0.0/16

        +

        192.168.0.0/16

        Basic Information

        +

        Basic Information

        Enterprise Project

        +

        Enterprise Project

        The enterprise project to which the VPC belongs.

        +

        The enterprise project to which the VPC belongs.

        An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

        default

        +

        default

        Basic Information/Advanced Settings

        +

        Basic Information/Advanced Settings

        Tag

        +

        Tag

        The VPC tag, which consists of a key and value pair. You can add a maximum of 20 tags to each VPC.

        +

        The VPC tag, which consists of a key and value pair. You can add a maximum of 20 tags to each VPC.

        The tag key and value must meet the requirements listed in Table 2.

        • Key: vpc_key1
        • Value: vpc-01
        +
        • Key: vpc_key1
        • Value: vpc-01

        Basic Information/Advanced Settings

        +

        Basic Information/Advanced Settings

        Description

        +

        Description

        Supplementary information about the VPC. This parameter is optional.

        +

        Supplementary information about the VPC. This parameter is optional.

        The VPC description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

        N/A

        +

        N/A

        Default Subnet

        +

        Default Subnet

        Name

        +

        Name

        The subnet name.

        +

        The subnet name.

        The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

        Subnet

        +

        Subnet

        Default Subnet

        +

        Default Subnet

        IPv4 CIDR Block

        +

        IPv4 CIDR Block

        The CIDR block for the subnet. This value must be within the VPC CIDR block.

        +

        The CIDR block for the subnet. This value must be within the VPC CIDR block.

        192.168.0.0/24

        +

        192.168.0.0/24

        Default Subnet

        +

        Default Subnet

        IPv6 CIDR Block

        +

        IPv6 CIDR Block

        Specifies whether to set IPv6 CIDR Block to Enable.

        +

        Specifies whether to set IPv6 CIDR Block to Enable.

        After the IPv6 function is enabled, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

        -

        +

        -

        Default Subnet

        +

        Default Subnet

        Associated Route Table

        +

        Associated Route Table

        The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

        +

        The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

        Default

        +

        Default

        Default Subnet/Advanced Settings

        +

        Default Subnet/Advanced Settings

        Gateway

        +

        Gateway

        The gateway address of the subnet.

        +

        The gateway address of the subnet.

        192.168.0.1

        +

        192.168.0.1

        Default Subnet/Advanced Settings

        +

        Default Subnet/Advanced Settings

        DNS Server Address

        +

        DNS Server Address

        By default, two DNS server addresses are configured. You can change them as required. A maximum of five DNS server addresses can be configured. Multiple IP addresses must be separated using commas (,).

        +

        By default, two DNS server addresses are configured. You can change them as required. A maximum of five DNS server addresses can be configured. Multiple IP addresses must be separated using commas (,).

        100.125.x.x

        +

        100.125.x.x

        Default Subnet/Advanced Settings

        +

        Default Subnet/Advanced Settings

        NTP Server Address

        +

        NTP Server Address

        The IP address of the NTP server. This parameter is optional.

        +

        The IP address of the NTP server. This parameter is optional.

        You can configure the NTP server IP addresses to be added to the subnet as required. The IP addresses are added in addition to the default NTP server addresses. If you do not specify this parameter, no additional NTP server IP addresses will be added.

        A maximum of four IP addresses can be configured. Multiple IP addresses must be separated using commas (,).

        192.168.2.1

        +

        192.168.2.1

        Default Subnet/Advanced Settings

        +

        Default Subnet/Advanced Settings

        Tag

        +

        Tag

        The subnet tag, which consists of a key and value pair. You can add a maximum of 20 tags to each subnet.

        +

        The subnet tag, which consists of a key and value pair. You can add a maximum of 20 tags to each subnet.

        The tag key and value must meet the requirements listed in Table 3.

        • Key: subnet_key1
        • Value: subnet-01
        +
        • Key: subnet_key1
        • Value: subnet-01

        Default Subnet/Advanced Settings

        +

        Default Subnet/Advanced Settings

        Description

        +

        Description

        Supplementary information about the subnet. This parameter is optional.

        +

        Supplementary information about the subnet. This parameter is optional.

        The subnet description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

        N/A

        +

        N/A
        -
        Table 2 VPC tag key and value requirements

        Parameter

        +
        - - - - - - - -
        Table 2 VPC tag key and value requirements

        Parameter

        Requirements

        +

        Requirements

        Example Value

        +

        Example Value

        Key

        +

        Key

        • Cannot be left blank.
        • Must be unique for each VPC and can be the same for different VPCs.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Cannot be left blank.
        • Must be unique for each VPC and can be the same for different VPCs.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only hyphens (-), underscores (_), and at signs (@) are allowed.

        vpc_key1

        +

        vpc_key1

        Value

        +

        Value

        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only underscores (_), hyphens (-), and at signs (@) are allowed.

        vpc-01

        +

        vpc-01
        -
        Table 3 Subnet tag key and value requirements

        Parameter

        +
        - - - - - - - - diff --git a/docs/vpc/umn/vpc_qs_0010.html b/docs/vpc/umn/vpc_qs_0010.html index 92969b6a..abfd2915 100644 --- a/docs/vpc/umn/vpc_qs_0010.html +++ b/docs/vpc/umn/vpc_qs_0010.html @@ -109,7 +109,7 @@ - - - @@ -98,7 +98,7 @@ - -
        Table 3 Subnet tag key and value requirements

        Parameter

        Requirements

        +

        Requirements

        Example Value

        +

        Example Value

        Key

        +

        Key

        • Cannot be left blank.
        • Must be unique for each subnet.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Cannot be left blank.
        • Must be unique for each subnet.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only hyphens (-), underscores (_), and at signs (@) are allowed.

        subnet_key1

        +

        subnet_key1

        Value

        +

        Value

        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only underscores (_), hyphens (-), and at signs (@) are allowed.

        subnet-01

        +

        subnet-01

        Key

        • Cannot be left blank.
        • Must be unique for each subnet.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Cannot be left blank.
        • Must be unique for each subnet.
        • Can contain a maximum of 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only hyphens (-), underscores (_), and at signs (@) are allowed.

        subnet_key1

        @@ -117,7 +117,7 @@

        Value

        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Can contain a maximum of 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only underscores (_), hyphens (-), and at signs (@) are allowed.

        subnet-01

        diff --git a/docs/vpc/umn/vpc_qs_0011.html b/docs/vpc/umn/vpc_qs_0011.html index f905af6c..efb089e8 100644 --- a/docs/vpc/umn/vpc_qs_0011.html +++ b/docs/vpc/umn/vpc_qs_0011.html @@ -26,7 +26,7 @@

        EIP Type

        • Dynamic BGP: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails.
        • Mail BGP: EIPs with port 25, 465, or 587 enabled are used for email services.
        +
        • Dynamic BGP: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails.
        • Mail BGP: EIPs with port 25, 465, or 587 enabled are used for email services.

        The selected EIP type cannot be changed after the EIP is assigned.

        Dynamic BGP

        @@ -35,7 +35,7 @@

        Billed By

        Two options are available:

        -
        • Dedicated: The bandwidth can be used by only one EIP.
        • Shared: The bandwidth can be shared by multiple EIPs.
        +
        • Dedicated: The bandwidth can be used by only one EIP.
        • Shared: The bandwidth can be shared by multiple EIPs.

        Dedicated

        Key

        • Cannot be left blank.
        • The key value must be unique for the same EIP.
        • Can contain up to 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Cannot be left blank.
        • The key value must be unique for the same EIP.
        • Can contain up to 36 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only hyphens (-), underscores (_), and at signs (@) are allowed.

        Ipv4_key1

        @@ -106,7 +106,7 @@

        Value

        • Can contain up to 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Special characters, including hyphens (-) and underscores (_)
          +
        • Can contain up to 43 characters.
        • Can contain only the following character types:
          • Uppercase letters
          • Lowercase letters
          • Digits
          • Only underscores (_), hyphens (-), and at signs (@) are allowed.

        3005eip

        @@ -120,10 +120,10 @@

        Binding an EIP

        1. On the EIPs page, locate the row that contains the target EIP, and click Bind.
        2. Select the instance that you want to bind the EIP to.
          Figure 2 Bind EIP
        3. Click OK.
        -

        An IPv6 client on the Internet can access the ECS that has an EIP bound in a VPC. For details, see How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC?

        +

        An IPv6 client on the internet can access the ECS that has an EIP bound in a VPC. For details, see How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC?

        Follow-Up Procedure

        After an ECS with an EIP bound is created, the system generates a domain name in the format of ecs-xx-xx-xx-xx.compute.xxx.com for the EIP by default. xx-xx-xx-xx indicates the EIP, and xxx indicates the domain name of the cloud service provider. You can use the domain name to access the ECS.

        -
        You can use any of the following commands to obtain the domain name of an EIP:
        • ping -a EIP
        • nslookup [-qt=ptr] EIP
        • dig -x EIP
        +
        You can use any of the following commands to obtain the domain name of an EIP:
        • ping -an EIP
        • nslookup [-qt=ptr] EIP
        • dig -x EIP
        diff --git a/docs/vpc/umn/vpc_qs_0012.html b/docs/vpc/umn/vpc_qs_0012.html index f46aa4bc..1864ec44 100644 --- a/docs/vpc/umn/vpc_qs_0012.html +++ b/docs/vpc/umn/vpc_qs_0012.html @@ -5,55 +5,199 @@

        If your instances have different Internet access requirements, you can allocate them to different security groups when creating them.

        Each ECS must be associated with at least one security group. If you do not have a security group when creating an ECS, the system provides a default security group.

        +

        Security Group Templates

        The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements. Table 1 describes the security group templates. +
        + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
        Table 1 Security group templates

        Template

        +

        Direction

        +

        Protocol/Port/Type

        +

        Source/Destination

        +

        Description

        +

        Application Scenario

        +

        General-purpose web server

        +

        Inbound

        +

        TCP: 22 (IPv4)

        +

        0.0.0.0/0

        +

        Allows all IPv4 addresses to access ECSs in the security group over port 22 (SSH) for remotely logging in to Linux ECSs.

        +
        • Remotely log in to ECSs.
        • Use the ping command to test ECS connectivity.
        • ECSs functioning as web servers provide website access services.
        +

        TCP: 3389 (IPv4)

        +

        0.0.0.0/0

        +

        Allows all IPv4 addresses to access ECSs in the security group over port 3389 (RDP) for remotely logging in to Windows ECSs.

        +

        TCP: 80 (IPv4)

        +

        0.0.0.0/0

        +

        Allows all IPv4 addresses to access ECSs in the security group over port 80 (HTTP) for visiting websites.

        +

        TCP: 443 (IPv4)

        +

        0.0.0.0/0

        +

        Allows all IPv4 addresses to access ECSs in the security group over port 443 (HTTPS) for visiting websites.

        +

        ICMP: All (IPv4)

        +

        0.0.0.0/0

        +

        Allows all IPv4 addresses to access ECSs in the security group over any port for using the ping command to test ECS connectivity.

        +

        All (IPv4)

        +

        All (IPv6)

        +

        sg-xxx

        +

        Allows ECSs in the security group to communicate with each other.

        +

        Outbound

        +

        All (IPv4)

        +

        All (IPv6)

        +

        0.0.0.0/0

        +

        Allows access from ECSs in the security group to any IP address over any port.

        +

        All ports open

        +

        Inbound

        +

        All (IPv4)

        +

        All (IPv6)

        +

        sg-xxx

        +

        Allows ECSs in the security group to communicate with each other.

        +

        Opening all ECS ports in a security group poses security risks.

        +

        All (IPv4)

        +

        All (IPv6)

        +

        0.0.0.0/0

        +

        Allows all IP addresses to access ECSs in the security group over any port.

        +

        Outbound

        +

        All (IPv4)

        +

        All (IPv6)

        +

        0.0.0.0/0

        +

        Allows access from ECSs in the security group to any IP address over any port.

        +

        Fast-add rule

        +

        Inbound

        +

        All (IPv4)

        +

        All (IPv6)

        +

        sg-xxx

        +

        Allows ECSs in the security group to communicate with each other.

        +

        You can select protocols and ports that the inbound rule will apply to.

        +

        If you do not select any protocols and ports, no protocols and ports will be opened. After the security group is created, add required rules by referring to Adding a Security Group Rule.

        +

        Custom port and protocol

        +

        0.0.0.0/0

        +

        Allows all IP addresses to access ECSs in a security group over specified ports (TCP or ICMP) for different purposes.

        +

        Outbound

        +

        All (IPv4)

        +

        All (IPv6)

        +

        0.0.0.0/0

        +

        ::/0

        +

        Allows access from ECSs in the security group to any IP address over any port.

        +
        +
        +
        +

        Procedure

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Click in the upper left corner and choose Network > Virtual Private Cloud.

          The Virtual Private Cloud page is displayed.

        4. In the navigation pane on the left, choose Access Control > Security Groups.

          The security group list is displayed.

        5. In the upper right corner, click Create Security Group.

          The Create Security Group page is displayed.

        6. Configure the parameters as prompted.
          Figure 1 Create Security Group
          -
          Table 1 Parameter description

          Parameter

          +
          - - - - - - - - - - - - - - diff --git a/docs/vpc/umn/vpc_qs_0013.html b/docs/vpc/umn/vpc_qs_0013.html index cb611b7e..852d863f 100644 --- a/docs/vpc/umn/vpc_qs_0013.html +++ b/docs/vpc/umn/vpc_qs_0013.html @@ -50,8 +50,8 @@ - @@ -74,9 +74,9 @@
        7. Configure required parameters.

          You can click + to add more outbound rules.

          Figure 2 Add Outbound Rule
          -
          8. Table 2 Parameter description

          Parameter

          Description

          +

          Description

          Example Value

          +

          Example Value

          Name

          +

          Name

          Mandatory

          +

          Mandatory

          Enter the security group name.

          The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

          NOTE:

          You can change the security group name after a security group is created. It is recommended that you give each security group a different name.

          sg-AB

          +

          sg-AB

          Enterprise Project

          +

          Enterprise Project

          Mandatory

          +

          Mandatory

          When creating a security group, you can add the security group to an enabled enterprise project.

          An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

          default

          +

          default

          Template

          +

          Template

          Mandatory

          -

          A template comes with default security group rules, helping you quickly create security groups. The following templates are provided:

          -
          • Custom: This template allows you to create security groups with custom security group rules.
          • General-purpose web server (default value): The security group that you create using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389.
          • All ports open: The security group that you create using this template includes default rules that allow inbound traffic on any port. Note that allowing inbound traffic on any port poses security risks.
          +

          Mandatory

          +

          The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements.

          +

          Table 1 describes the security group templates.

          General-purpose web server

          +

          General-purpose web server

          Description

          +

          Description

          Optional

          +

          Optional

          Supplementary information about the security group. This parameter is optional.

          The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

          N/A

          +

          N/A

          Source

          Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example:
          • IP address:
            • Single IP address: 192.168.10.10/32
            • All IP addresses: 0.0.0.0/0
            • IP address range: 192.168.1.0/24
            -
          • Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
          +
          Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group.
          • IP address:
            • Single IP address: 192.168.10.10/32
            • All IP addresses: 0.0.0.0/0
            • IP address range: 192.168.1.0/24
            +
          • Security group: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A.

          If the source is a security group, this rule will apply to all instances associated with the selected security group.

          Table 2 Outbound rule parameter description

          Parameter

          +
          - @@ -106,9 +106,9 @@ - diff --git a/docs/vpc/umn/vpc_route01_0005.html b/docs/vpc/umn/vpc_route01_0005.html index d5ff010b..a2c5e777 100644 --- a/docs/vpc/umn/vpc_route01_0005.html +++ b/docs/vpc/umn/vpc_route01_0005.html @@ -6,7 +6,7 @@

          Notes and Constraints

          By default, each VPC can have up to 10 route tables, including the default route table.

          Procedure

          1. Log in to the management console.
          1. Click in the upper left corner and select the desired region and project.
          2. Click in the upper left corner and choose Network > Virtual Private Cloud.

            The Virtual Private Cloud page is displayed.

            -
          3. In the navigation pane on the left, choose Virtual Private Cloud > Route Tables.
          4. In the upper right corner, click Create Route Table. On the displayed page, configure parameters as prompted.
            Figure 1 Create Route Table
            +
          5. In the navigation pane on the left, choose Virtual Private Cloud > Route Tables.
          6. In the upper right corner, click Create Route Table. On the displayed page, configure parameters as prompted.
            Figure 1 Create Route Table
          Table 2 Outbound rule parameter description

          Parameter

          Description

          +

          Description

          Example Value

          Destination

          Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

          +

          Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group.

          • IP address:
            • Single IP address: 192.168.10.10/32
            • All IP addresses: 0.0.0.0/0
            • IP address range: 192.168.1.0/24
            -
          • Security group: The destination is from another security group. You can select a security group in the same region under the current account from the drop-down list. For example, instance A is in security group A and instance B is in security group B. If security group A has an outbound rule with Action set to Allow and Destination set to security group B, access from instance A is allowed to instance B.
          +
        8. Security group: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A.
          		9.

          0.0.0.0/0
          diff --git a/docs/vpc/umn/vpc_route01_0006.html b/docs/vpc/umn/vpc_route01_0006.html index 8c38e6e1..3ec4f4a0 100644 --- a/docs/vpc/umn/vpc_route01_0006.html +++ b/docs/vpc/umn/vpc_route01_0006.html @@ -7,7 +7,7 @@

          Procedure

          1. Log in to the management console.
          1. Click in the upper left corner and select the desired region and project.
          2. Click in the upper left corner and choose Network > Virtual Private Cloud.

            The Virtual Private Cloud page is displayed.

          3. In the navigation pane on the left, choose Virtual Private Cloud > Route Tables.
          4. In the route table list, click the name of the route table to which you want to add a route.
          5. Click Add Route and set parameters as prompted.

            You can click + to add more routes.

            -
            Figure 1 Add Route
            +
            Figure 1 Add Route
          Table 1 Parameter descriptions

          Parameter
          @@ -17,7 +17,16 @@ - + + + + - + + + + - - - - -
          Table 1 Parameter descriptions

          Parameter

          Destination

          +

          Destination Type

          +

          Mandatory

          +
          The destination can be:
          • IP address: single IP address or IP address range
          +
          +

          IP address

          +

          Destination

          Mandatory

          Enter the destination of the route. You can enter a single IP address or an IP address range in CIDR notation.

          diff --git a/docs/vpc/umn/vpc_route01_0009.html b/docs/vpc/umn/vpc_route01_0009.html index 9f8b54c6..ceb7ac4e 100644 --- a/docs/vpc/umn/vpc_route01_0009.html +++ b/docs/vpc/umn/vpc_route01_0009.html @@ -6,7 +6,9 @@

          Procedure

          1. Log in to the management console.
          1. Click in the upper left corner and select the desired region and project.
          2. Click in the upper left corner and choose Network > Virtual Private Cloud.

            The Virtual Private Cloud page is displayed.

          3. In the navigation pane on the left, choose Virtual Private Cloud > Route Tables.
          4. Click the name of the target route table.

            The route table details page is displayed.

            -
            1. On the Summary tab page, view the basic information and routes of the route table.
            2. On the Associated Subnets tab page, view the subnets associated with the route table.
            +
            1. On the Summary tab page, view the basic information and routes of the route table.
              Figure 1 View the basic information and routes of the route table
              +
            2. On the Associated Subnets tab page, view the subnets associated with the route table.
              Figure 2 View the subnets associated with the route table
              +
          diff --git a/docs/vpc/umn/vpc_route01_0011.html b/docs/vpc/umn/vpc_route01_0011.html index 0b234b02..4b29e896 100644 --- a/docs/vpc/umn/vpc_route01_0011.html +++ b/docs/vpc/umn/vpc_route01_0011.html @@ -15,13 +15,22 @@

          Destination

          +

          Destination Type

          +

          Mandatory

          +
          The destination can be:
          • IP address: Select this option if you want to enter an IP address or IP address range.
          +
          +

          IP address

          +

          Destination

          Mandatory

          Enter the destination of the route. You can enter a single IP address or an IP address range in CIDR notation.

          The destination of each route must be unique. The destination cannot overlap with any subnet CIDR block in the VPC.

          Pv4: 192.168.0.0/16

          +

          IPv4: 192.168.0.0/16

          Next Hop Type

          diff --git a/docs/vpc/umn/vpc_route01_0015.html b/docs/vpc/umn/vpc_route01_0015.html index cc7e0543..0610e5f2 100644 --- a/docs/vpc/umn/vpc_route01_0015.html +++ b/docs/vpc/umn/vpc_route01_0015.html @@ -6,7 +6,9 @@

          Procedure

          1. Log in to the management console.
          1. Click in the upper left corner and select the desired region and project.
          2. Click in the upper left corner and choose Network > Virtual Private Cloud.

            The Virtual Private Cloud page is displayed.

          3. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

            The Subnets page is displayed.

          4. Locate the target subnet and click its name.

            The subnet details page is displayed.

            -
          5. In the right of the subnet details page, view the route table associated with the subnet.
          6. Click the name of the route table.

            The route table details page is displayed. You can further view the route information.

            +
          7. In the right of the subnet details page, view the route table associated with the subnet.
            Figure 1 View the route table associated with a subnet
            +
          8. Click the name of the route table.

            The route table details page is displayed. You can further view the route information.

            +
            Figure 2 View the basic information and routes of the route table
          diff --git a/docs/vpc/umn/vpc_vip_0002.html b/docs/vpc/umn/vpc_vip_0002.html index f278c422..2de3c9c2 100644 --- a/docs/vpc/umn/vpc_vip_0002.html +++ b/docs/vpc/umn/vpc_vip_0002.html @@ -4,7 +4,8 @@

          Scenarios

          If an ECS requires a virtual IP address or if a virtual IP address needs to be reserved, you can assign a virtual IP address from the subnet.

          Procedure

          1. Log in to the management console.
          2. Click in the upper left corner and select the desired region and project.
          3. Click in the upper left corner and choose Network > Virtual Private Cloud.

            The Virtual Private Cloud page is displayed.

            -
          4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.
          5. In the subnet list, click the name of the subnet where a virtual IP address is to be assigned.
          6. Click the IP Addresses tab and click Assign Virtual IP Address.
          7. Select an IP address type. This parameter is available only in regions supporting IPv6.
            • IPv4
            • IPv6
            +
          8. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.
          9. In the subnet list, click the name of the subnet where a virtual IP address is to be assigned.
          10. Click the IP Addresses tab and click Assign Virtual IP Address.
            Figure 1 Assign a virtual IP address
            +
          11. Select an IP address type. This parameter is available only in regions supporting IPv6.
            • IPv4
            • IPv6
          12. Select a virtual IP address assignment mode.
            • Automatic: The system assigns an IP address automatically.
            • Manual: You can specify an IP address.
          13. Select Manual and enter a virtual IP address.
          14. Click OK.

          You can then query the assigned virtual IP address in the IP address list.

          diff --git a/docs/vpc/umn/vpc_vpc_0004.html b/docs/vpc/umn/vpc_vpc_0004.html index 26725c9f..8df72adc 100644 --- a/docs/vpc/umn/vpc_vpc_0004.html +++ b/docs/vpc/umn/vpc_vpc_0004.html @@ -16,7 +16,7 @@

          Key

          • Cannot be left blank.
          • Must be unique for each VPC and can be the same for different VPCs.
          • Can contain a maximum of 36 characters.
          • Can contain only the following character types:
            • Uppercase letters
            • Lowercase letters
            • Digits
            • Special characters, including hyphens (-) and underscores (_)
            +
          • Cannot be left blank.
          • Must be unique for each VPC and can be the same for different VPCs.
          • Can contain a maximum of 36 characters.
          • Can contain only the following character types:
            • Uppercase letters
            • Lowercase letters
            • Digits
            • Only hyphens (-), underscores (_), and at signs (@) are allowed.

          vpc_key1

          @@ -24,7 +24,7 @@

          Value

          • Can contain a maximum of 43 characters.
          • Can contain only the following character types:
            • Uppercase letters
            • Lowercase letters
            • Digits
            • Special characters, including hyphens (-) and underscores (_)
            +
          • Can contain a maximum of 43 characters.
          • Can contain only the following character types:
            • Uppercase letters
            • Lowercase letters
            • Digits
            • Only underscores (_), hyphens (-), and at signs (@) are allowed.

          vpc-01

          diff --git a/docs/vpc/umn/vpc_vpc_0005.html b/docs/vpc/umn/vpc_vpc_0005.html index 2bf2d5b1..2204a7a7 100644 --- a/docs/vpc/umn/vpc_vpc_0005.html +++ b/docs/vpc/umn/vpc_vpc_0005.html @@ -14,7 +14,7 @@

          Key

          • Cannot be left blank.
          • Must be unique for each subnet.
          • Can contain a maximum of 36 characters.
          • Can contain only the following character types:
            • Uppercase letters
            • Lowercase letters
            • Digits
            • Special characters, including hyphens (-) and underscores (_)
            +
          • Cannot be left blank.
          • Must be unique for each subnet.
          • Can contain a maximum of 36 characters.
          • Can contain only the following character types:
            • Uppercase letters
            • Lowercase letters
            • Digits
            • Only hyphens (-), underscores (_), and at signs (@) are allowed.

          subnet_key1

          @@ -22,7 +22,7 @@

          Value

          • Can contain a maximum of 43 characters.
          • Can contain only the following character types:
            • Uppercase letters
            • Lowercase letters
            • Digits
            • Special characters, including hyphens (-) and underscores (_)
            +
          • Can contain a maximum of 43 characters.
          • Can contain only the following character types:
            • Uppercase letters
            • Lowercase letters
            • Digits
            • Only underscores (_), hyphens (-), and at signs (@) are allowed.

          subnet-01

          @@ -34,16 +34,16 @@

          Procedure

          Search for subnets by tag key and value on the page showing the subnet list.
          1. Log in to the management console.
          2. Click in the upper left corner and select the desired region and project.
          3. Click in the upper left corner and choose Network > Virtual Private Cloud.

            The Virtual Private Cloud page is displayed.

            -
          4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

            The Subnets page is displayed.

            +
          5. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

            The Subnets page is displayed.

          6. In the search box above the subnet list, click the search box.

            Click the tag key and then the value as required. The system filters resources based on the tag you select.

            Click anywhere in the search box to add the next tag key and value.

            You can add multiple tag keys and values to refine your search results. If you add more than one tag to search for VPCs, the VPCs containing all specified tags will be displayed.

          Add, delete, edit, and view tags on the Tags tab of a subnet.
          1. Log in to the management console.
          2. Click in the upper left corner and select the desired region and project.
          3. Click in the upper left corner and choose Network > Virtual Private Cloud.

            The Virtual Private Cloud page is displayed.

            -
          4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

            The Subnets page is displayed.

            -
          5. In the subnet list, locate the target subnet and click its name.
          6. On the subnet details page, click the Tags tab and perform desired operations on tags.
            • View tags.

              On the Tags tab, you can view details about tags added to the current subnet, including the number of tags and the key and value of each tag.

              -
            • Add a tag.

              Click Add Tag in the upper left corner. In the displayed Add Tag dialog box, enter the tag key and value, and click OK.

              +
            • In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

              The Subnets page is displayed.

              +
            • In the subnet list, locate the target subnet and click its name.
            • On the subnet details page, click the Tags tab and perform desired operations on tags.
              • View tags.

                On the Tags tab, you can view details about tags added to the current subnet, including the number of tags and the key and value of each tag.

                +
              • Add a tag.

                Click Add Tag in the upper left corner. In the displayed Add Tag dialog box, enter the tag key and value, and click OK.

              • Edit a tag.

                Locate the row that contains the tag you want to edit, and click Edit in the Operation column. Enter the new tag key and value, and click OK.

              • Delete a tag.

                Locate the row that contains the tag you want to delete, and click Delete in the Operation column. In the displayed dialog box, click Yes.