Updated on 2024-04-15 GMT+08:00

Overview

If your ECSs need to access the Internet (for example, the ECSs functioning as the service nodes for deploying a website), you can follow the procedure shown in Figure 1 to bind EIPs to the ECSs.

Figure 1 Configuring the network

Table 1 describes the different tasks in the procedure for configuring the network.

Table 1 Configuration process description

Task

Description

Create a VPC.

This task is mandatory.

A created VPC comes with a default subnet you specified.

After the VPC is created, you can create other required network resources in the VPC based on your service requirements.

Create another subnet for the VPC.

This task is optional.

If the default subnet cannot meet your requirements, you can create one.

The new subnet is used to assign IP addresses to NICs added to the ECS.

Assign an EIP and bind it to an ECS.

This task is mandatory.

You can assign an EIP and bind it to an ECS for Internet access.

Create a security group.

This task is mandatory.

You can create a security group and add ECSs in the VPC to the security group to improve ECS access security. After a security group is created, it has default rules, which allow all outgoing data packets. ECSs in a security group can access each other without the need to add rules.

Add a security group rule.

This task is optional.

If the default rule does not meet your service requirements, you can add security group rules.