VPC

VPC Introduction

The Virtual Private Cloud (VPC) is a networking resource with a logical router at its core. Within Zadara Cloud Services, it was designed to provide a user experience that is identical to the AWS VPC. The virtual private cloud provides a routed L3 environment into which the user can deploy instances and managed services.

When you create a VPC you specify a CIDR block. All subnets that you will create in the VPC will be carved out from this CIDR block (without overlap). The router will ensure IP connectivity between all these subnets.

You can create a VPC with the UI either using a wizard which helps select the required networking depending on the VPC type, or with a basic Create command. The following VPC types are supported:

  • VPC with Single Private Subnet - the VPC runs in an isolated section of the cloud, without access to the Internet.

  • VPC with Single Public Subnet - the VPC runs in an isolated section of the cloud with direct access to the Internet. Security groups can be used to control inbound and outbound network traffic.

  • VPC with Public and Private Subnets - VM instances within the private subnet in the VPC can establish outbound connections to the Internet via the public subnet using Network Address Translation (NAT).

Default VPC

Every VPC-provisioned project has a Default VPC that is automatically created by Zadara Cloud Services.

  1. The Default VPC has 172.31.0.0/16 set as its CIDR block.

  2. It also contains a single subnet with 172.31.0.0/20 as its CIDR.

  3. The VPC has an Internet Gateway that connects it to the external network that was selected by the project.

  4. The route table of the subnet has a local route for the CIDR block of the VPC and a default route to the Internet gateway.

  5. A default security group is created that allows inbound traffic from all the virtual interfaces to which it is applied and allows outbound traffic to any destination.

  6. A DHCP-options set is also defined with the the domain-name option set to DHCP local.

Creating a VPC

Creating a VPC with the Create Command

To create a VPC using create command:

  1. Navigate to the Networking > VPC view.

  2. From the top toolbar, click Create.

  3. In the Create VPC dialogue, enter the following:

    • Name - name of the VPC.

    • Description - description of the VPC usage.

    • CIDR - subnet associated with the VPC.

    • Internet Gateway - internet gateway associated with VPC.

    Note

    An existing internet gateway will only be available from the pull-down list for association with a VPC if it is not already associated with another VPC. In this case, a new internet gateway should be defined by clicking +.

  4. Other constructs such as additional subnets, NAT Gateway, or Elastic IP’s can be associated with the VPC separately with the appropriate networking UI option.

Creating a VPC with the UI Wizard

To create a VPC using the wizard:

  1. Navigate to the Networking > VPC view.

  2. From the top toolbar, click Wizard.

  3. In the VPC Wizard dialogue Configuration tab, select one of the following VPC types. Subsequent UI options will depend on this selection.

    • VPC with Single Private Subnet

    • VPC with Single Public Subnet

    • VPC with Public and Private Subnets

  4. Click Next.

  5. For VPC with Single Private Subnet, proceed as follows:

    1. In the VPC tab, enter the following:

      • VPC Name

      • VPC Description

      • CIDR

    2. Click Next.

    3. In the Private Subnet tab, enter the following:

      • Private Subnet Name

      • Private Subnet Description

      • CIDR - This CIDR must be within the CIDR defined for VPC.

    4. Click Finish.

  6. For VPC with Single Public Subnet, proceed as follows:

    1. In the VPC tab, enter the following:

      • VPC Name

      • VPC Description

      • CIDR

      • Internet Gateway Name

    2. Click Next.

    3. In the Public Subnet tab, enter the following:

      • Public Subnet Name

      • Public Subnet Description

      • CIDR - This CIDR must be within the CIDR defined for VPC.

    4. Click Finish.

  7. For VPC with Public and Private Subnets, proceed as follows:

    1. In the VPC tab, enter the following:

      • VPC Name

      • VPC Description

      • CIDR

      • Internet Gateway Name

    2. Click Next.

    3. In the Private Subnet tab, enter the following:

      • Private Subnet Name

      • Private Subnet Description

      • CIDR - This CIDR must be within the CIDR defined for VPC.

    4. Click Next.

    5. In the Public Subnet tab, enter the following:

      • Public Subnet Name

      • Public Subnet Description

      • CIDR - This CIDR must be within the CIDR defined for VPC, but different than that defined for private subnet.

    6. Click Next.

    7. In the NAT Gateway tab, enter the following:

      • NAT Gateway Name

      • NAT Gateway Description

      • Elastic IP

    8. Click Finish.

VPC Operations

After creation of a VPC, it will be displayed in the vpc list in the Networking > VPC view. The following operations can be performed by selecting a VPC from the list, and clicking the appropriate icon.

From top toolbar:

  • Modify - to change name of the VPC.

  • Attach DHCP Options

  • Detach DHCP Options

  • Peer VPC

  • Set Default - set VPC as default for given project.

  • Upgrade DNS - DNS is a system level service. When upgraded to a new version, all related VM instances must be restarted. This requires user confirmation using this option.

  • Delete

From lower toolbar:

  • Events - view configuration events (info) or alarms for the VPC.

  • Peers - view peering information for VPC.

  • Subnets - view subnet information for VPC.

  • Security Groups - view security group information for VPC.

  • Route Tables - view route table information for VPC.

  • Internet Gateways - view internet gateway information for VPC.

  • DNS Records - view DNS information for VPC.

  • VMs - view VM instance information for the VPC.