Creating a CCE Turbo Cluster Using a Shared VPC
Shared VPC Overview
A shared VPC allows you to share your VPC resources with other accounts through the Resource Access Manager (RAM) service. For example, tenant A can share its VPC and subnets with tenant B. After tenant B accepted the sharing, tenant B can view the shared subnets and the shared VPC to which the shared subnets belong. Tenant B can use the shared subnets and VPC to create resources, such as CCE Turbo clusters. For details, see VPC Sharing Overview.
Application Scenarios
An enterprise organizes accounts in an orderly and centralized manner based on its organization structure or service form. Resources are managed in a unified manner and shared with other members to avoid repeated configurations. Unified security and O&M management makes it easy to configure and audit security policies.
For example, an enterprise IT account, the resource owner, creates a VPC and subnets and shares multiple subnets with other accounts.
- Account A is an enterprise service account and uses the shared subnet 1 to create resources.
- Account B is an enterprise service account and uses the shared subnet 2 to create resources.
Constraints
- Only CCE Turbo clusters support shared VPCs.
- Clusters created using a shared VPC do not support shared load balancers and NAT gateways.
- Clusters created using a shared VPC do not support SFS, OBS, and SFS Turbo storage volumes.
- If a CCE Turbo cluster has been created using a shared VPC, the owner of the shared VPC should not turn off the VPC sharing. Otherwise, the CCE Turbo cluster will malfunction.
Procedure
After account A shares a VPC with account B, account B can select the shared VPC and shared subnets when creating a CCE Turbo cluster.
- (For account A) Use RAM to create a shared VPC and specify account B as the resource user. For details, see Creating a Resource Share.
After the resource sharing is created, RAM sends an invitation to account B. Account B can access and use the shared resources only after accepting the invitation.
- (For account B) Log in to the CCE console and create a CCE Turbo cluster.
Select the VPC shared by account A when configuring network for the cluster. For details about other configurations, see Buying a CCE Cluster.
Figure 1 Selecting a shared VPC
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
