Application Scenarios
Dedicated Networks on Cloud
Scenario
Each VPC represents a private network and is logically isolated from other VPCs. You can deploy your service system in a VPC to build a private network environment on the cloud. If you have multiple service systems, for example, a production system and a test system, you can deploy them in two different VPCs to isolate them. If you want to establish communication between these two VPCs, you can create a VPC peering connection between them.
Related Services
ECS
Web Application or Website Hosting
Scenario
You can host web applications and websites in a VPC and use the VPC as a regular network. With EIPs or NAT gateways, you can connect ECSs running your web applications to the Internet. With the load balancers provided by the ELB service, you can evenly distribute traffic across multiple ECSs.
Cloud resources in a VPC can use the following cloud services to connect to the Internet.
| Cloud Service | Application Scenario | Description | Related Operations |
|---|---|---|---|
| EIP | Single ECS accesses the Internet. | You can assign an EIP and bind it to an ECS so that the ECS can access the Internet or provide services accessible from the Internet. An EIP can be bound to an ECS to enable Internet access, or unbound to disable access. Shared bandwidth and shared data packages can be used to lower costs. | |
| NAT Gateway | Multiple ECSs share an EIP to access the Internet. | A NAT gateway offers both source network address translation (SNAT) and destination network address translation (DNAT). SNAT allows multiple ECSs in the same VPC to share one or more EIPs to access the Internet. It reduces management costs and prevents the ECS EIPs from being exposed to the Internet. DNAT can implement port-level data forwarding. It maps EIP ports to ECS ports so that the ECSs in a VPC can share the same EIP and bandwidth to provide Internet-accessible services. But DNAT does not balance traffic. | |
| ELB | Use load balancers provided by the ELB service to evenly distribute incoming traffic across multiple ECSs in high-concurrency scenarios, such as e-commerce. | Load balancers distribute traffic across multiple backend ECSs, balancing the workload on each ECS (at Layer 4 or Layer 7). You can bind EIPs to ECSs to allow the access from the Internet. ELB expands the service capabilities of your applications and improves availability by eliminating single points of failures. |
Related Services
ECS, EIP, NAT Gateway, and ELB
Web Application Access Control
Scenario
You can create a VPC and security groups to host multi-tier web applications in different security zones. You can associate web servers and database servers with different security groups and configure different access control rules for security groups. You can launch web servers in a publicly accessible subnet, but run database servers in subnets that are not publicly accessible. This arrangement ensures high security.
Related Services
ECS
VPC Connectivity Options
Scenario
You can use the following cloud products to allow two VPCs to communicate with each other.
| Cloud Service | Application Scenario | Description | Related Operations |
|---|---|---|---|
| VPC Peering | Connect VPCs in the same region. | You can request a VPC peering connection with another VPC in your account or in another account, but the two VPCs must be in the same region. VPC peering connections are free. | Creating a VPC Peering Connection with Another VPC in Your Account Creating a VPC Peering Connection with a VPC in Another Account |
| Cloud Connect | Connect VPCs in different regions. | Cloud Connect allows you to connect two VPCs in the same account or in different accounts even they are in different regions. | |
| VPN | Use VPN to connect VPCs across regions at a low cost. | VPN uses an encrypted communications tunnel to connect VPCs in different regions and sends traffic over the Internet. It is inexpensive, easy to configure, and easy to use. However, VPN connections may be affected by the Internet quality. |
Related Services
ECS, Cloud Connect, and VPN
Hybrid Cloud Deployment
Scenario
If you have an on-premises data center and you do not want to migrate all of your business to the cloud, you can build a hybrid cloud, so that you can keep core data in your data center.
| Cloud Service | Application Scenario | Description | Related Operations |
|---|---|---|---|
| VPN | Use VPN to connect a VPC to an on-premises data center with a low cost. | VPN uses an encrypted communications tunnel to connect a VPC on the cloud to an on-premises data center and sends traffic over the Internet. It is inexpensive, easy to configure, and easy to use. However, VPN connections may be affected by the Internet quality. | |
| Direct Connect | Use a physical connection to connect a VPC to an on-premises data center. | Direct Connect provides physical connections between VPCs and data centers. It has the advantages of low latency and is very secure. Direct Connect is a good choice when there are strict requirements on network transmission quality. | |
| Cloud Connect | Connect VPCs in different regions. | Cloud Connect allows the loading of Direct Connect virtual gateways to a Cloud Connect connection, interconnecting an on-premises data center with VPCs across regions. | Communication Between VPCs Across Regions Communication Between Data Centers and VPCs in Different Regions |
Related Services
ECS, Direct Connect, Cloud Connect, and VPN
Last Article: Product Advantages
Next Article: Functions
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.