Application Scenarios
Dedicated Networks on Cloud
Scenario
Each VPC represents a private network and is logically isolated from other VPCs. You can deploy your service system in a VPC so it will have a private network environment on Huawei Cloud. If you have multiple service systems, for example, a production system and a test system, you can deploy them in two different VPCs to keep them isolated. If you want to establish communication between these two VPCs, you can create a VPC peering connection to link them.
Related Services
ECS
Web Application or Website Hosting
Scenario
You can host web applications and websites in a VPC and use the VPC as a regular network. With EIPs or NAT gateways, you can connect ECSs running your web applications to the Internet. You can use load balancers provided by the ELB service to evenly distribute traffic across multiple ECSs.
Cloud resources in a VPC can use the following cloud services to connect to the Internet.
Cloud Service |
Application Scenario |
Description |
Related Operations |
|---|---|---|---|
EIP |
Single ECS accesses the Internet. |
You can assign an EIP and bind it to an ECS so that the ECS can access the Internet or provide services accessible from the Internet. You can unbind the EIP from the ECS to disable access at any time. You can use shared bandwidth and shared data packages to streamline costs. |
|
NAT Gateway |
Multiple ECSs share an EIP to access the Internet. |
A NAT gateway offers both source network address translation (SNAT) and destination network address translation (DNAT). SNAT allows multiple ECSs in the same VPC to share EIPs to access the Internet. In this way, you can reduce management costs and prevent the EIPs of ECSs from being exposed to the Internet. DNAT uses port-level data forwarding. It maps EIP ports to ECS ports so that the ECSs in a VPC can share the same EIP and bandwidth to provide Internet-accessible services. However, DNAT does not balance traffic. |
|
ELB |
Evenly distribute incoming traffic across multiple ECSs in high-concurrency scenarios, such as e-commerce. |
Load balancers evenly distribute traffic across multiple backend ECSs (at Layer 4 or Layer 7). You can bind EIPs to ECSs to allow access from the Internet. ELB expands the capabilities and improves availability of your applications by eliminating single points of failures. |
Related Services
ECS, EIP, NAT Gateway, and ELB
Web Application Access Control
Scenario
You can create a VPC and security groups to host multi-tier web applications in different security zones. You can associate web servers and database servers with different security groups and configure different access control rules for security groups. You can launch web servers in a publicly accessible subnet. But then, to ensure security, you can run database servers in subnets that are not publicly accessible.
Related Services
ECS
VPC Connectivity Options
Scenario
You can use the following cloud services to allow two VPCs to communicate with each other.
Cloud Service |
Application Scenario |
Description |
Related Operations |
|---|---|---|---|
VPC Peering |
Connect VPCs in the same region. |
You can request a VPC peering connection with another VPC in your account or in another account, but the two VPCs must be in the same region. VPC peering connections are free. |
Creating a VPC Peering Connection with Another VPC in Your Account Creating a VPC Peering Connection with a VPC in Another Account |
Cloud Connect |
Connect VPCs in different regions. |
Cloud Connect allows you to connect two VPCs in the same account or in different accounts even if they are in different regions. |
|
VPN |
Use VPN to connect VPCs across regions at a low cost. |
VPN uses an encrypted communications tunnel to connect VPCs in different regions and sends traffic over the Internet. It is inexpensive, easy to configure, and easy to use. However, the quality of VPN connections depends on the quality of your Internet connections. |
Related Services
ECS, Cloud Connect, and VPN
Hybrid Cloud Deployment
Scenario
If you have an on-premises data center and you do not want to migrate all of your services to the cloud, you can build a hybrid cloud, which will let you keep core data in your data center.
Cloud Service |
Application Scenario |
Description |
Related Operations |
|---|---|---|---|
VPN |
Use VPN to connect a VPC to an on-premises data center at a low cost. |
VPN uses an encrypted communications tunnel to connect a VPC on the cloud to an on-premises data center and sends traffic over the Internet. It is inexpensive, easy to configure, and easy to use. However, the quality of VPN connections depends on the quality of your Internet connections. |
Connecting to a VPC Through a VPN Using an Enterprise Switch to Allow an On-premise Data Center and a VPC to Communicate at Layer 2 |
Direct Connect |
Use a physical connection to connect a VPC to an on-premises data center. |
Direct Connect provides physical connections between VPCs and data centers. It features low latency and is very secure. Direct Connect is a good choice if you have strict requirements on network transmission quality. |
Accessing Multiple VPCs Using a Connection Using an Enterprise Switch to Allow an On-premise Data Center and a VPC to Communicate at Layer 2 |
Related Services
Cloud Connect, ECS, Direct Connect, and VPN
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
