- What's New
- Function Overview
- Service Overview
- Billing
- Getting Started
-
User Guide
-
VPC Endpoint Services
- VPC Endpoint Service Overview
- Creating a VPC Endpoint Service
- Viewing a VPC Endpoint Service
- Deleting a VPC Endpoint Service
- Managing Connections of a VPC Endpoint Service
- Managing Whitelist Records of a VPC Endpoint Service
- Managing Port Mappings of a VPC Endpoint Service
- Managing Tags of a VPC Endpoint Service
- VPC Endpoints
- Accessing OBS
- Using Cloud Eye to Monitor VPC Endpoints
- Using CTS to Audit VPC Endpoints
- Permissions Management
- Quotas
-
VPC Endpoint Services
- Best Practices
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Version Management
-
VPC Endpoint Services
- Creating a VPC Endpoint Service
- Querying VPC Endpoint Services
- Querying Details of a VPC Endpoint Service
- Modifying a VPC Endpoint Service
- Deleting a VPC Endpoint Service
- Querying Connections to a VPC Endpoint Service
- Accepting or Rejecting a VPC Endpoint
- Querying Whitelist Records of a VPC Endpoint Service
- Batch Adding or Deleting Whitelist Records of a VPC Endpoint Service
- Querying Public VPC Endpoint Services
- Querying Basic Information About a VPC Endpoint Service
- Changing the Name of a VPC Endpoint Service
- Updating Descriptions of VPC Endpoint Connections
- Batch Adding Whitelist Records of a VPC Endpoint Service
- Batch Deleting Whitelist Records of a VPC Endpoint Service
- Updating the Description of a Whitelist Record of a VPC Endpoint Service
- VPC Endpoints
- Resource Quotas
- Tags
- Application Examples
- Appendix
- SDK Reference
- FAQs
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Getting Started
-
VPC Endpoint Services
- VPC Endpoint Service Overview
- Creating a VPC Endpoint Service
- Viewing Summary of a VPC Endpoint Service
- Deleting a VPC Endpoint Service
- Managing Connections of a VPC Endpoint Service
- Managing Whitelist Records of a VPC Endpoint Service
- Viewing Port Mappings of a VPC Endpoint Service
- Managing Tags of a VPC Endpoint Service
- VPC Endpoints
- Permission Management
- FAQs
- Change History
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
APIs
- Version Management
-
APIs for Managing VPC Endpoint Services
- Creating a VPC Endpoint Service
- Querying Details of a VPC Endpoint Service
- Modifying a VPC Endpoint Service
- Deleting a VPC Endpoint Service
- Querying VPC Endpoint Services
- Querying Connections of a VPC Endpoint Service
- Accepting or Rejecting a VPC Endpoint
- Querying the Whitelist Records of a VPC Endpoint Service
- Batch Adding or Deleting Whitelist Records of a VPC Endpoint Service
- APIs for Managing VPC Endpoints
- Resource Quota
- Tag Function
- Application Examples
- Appendix
- Change History
-
User Guide (Paris Region)
- Service Overview
-
Getting Started
- Operation Guide
- Configuring a VPC Endpoint for Communications Across VPCs of the Same Domain
- Configuring a VPC Endpoint for Communications Across VPCs of Different Domains
- Configuring a VPC Endpoint for Accessing the Private IP Address of OBS over Private Networks
- Configuring a VPC Endpoint for Accessing the Public IP Address of OBS over Public Networks
-
VPC Endpoint Services
- VPC Endpoint Service Overview
- Creating a VPC Endpoint Service
- Viewing the Summary of a VPC Endpoint Service
- Deleting a VPC Endpoint Service
- Managing Connections of a VPC Endpoint Service
- Managing Whitelist Records of a VPC Endpoint Service
- Viewing Port Mappings of a VPC Endpoint Service
- Managing Tags of a VPC Endpoint Service
- VPC Endpoints
- Permissions Management
- Quotas
- FAQ
- Change History
-
API Reference (Paris Region)
- Before You Start
- API Overview
- Calling APIs
-
APIs
- Version Management
-
APIs for Managing VPC Endpoint Services
- Creating a VPC Endpoint Service
- Querying Details About a VPC Endpoint Service
- Modifying a VPC Endpoint Service
- Deleting a VPC Endpoint Service
- Querying VPC Endpoint Services
- Querying Connections of a VPC Endpoint Service
- Accepting or Rejecting a VPC Endpoint
- Querying Whitelist Records of a VPC Endpoint Service
- Batch Adding or Deleting Whitelist Records
- Querying Public VPC Endpoint Services
- Querying Basic Information About a VPC Endpoint Service
- APIs for Managing VPC Endpoints
- Resource Quota
- Tag Function
- Application Examples
- Appendix
- Change History
-
User Guide (Kuala Lumpur Region)
- Service Overview
- Getting Started
-
VPC Endpoint Services
- VPC Endpoint Service Overview
- Creating a VPC Endpoint Service
- Viewing the Summary of a VPC Endpoint Service
- Deleting a VPC Endpoint Service
- Managing Connections of a VPC Endpoint Service
- Managing Whitelist Records of a VPC Endpoint Service
- Viewing Port Mappings of a VPC Endpoint Service
- Managing Tags of a VPC Endpoint Service
- VPC Endpoints
- Quotas
- FAQ
- Change History
-
API Reference (Kuala Lumpur Region)
- Before You Start
- API Overview
- Calling APIs
-
APIs
- Version Management
-
APIs for Managing VPC Endpoint Services
- Creating a VPC Endpoint Service
- Querying Details of a VPC Endpoint Service
- Modifying a VPC Endpoint Service
- Deleting a VPC Endpoint Service
- Querying VPC Endpoint Services
- Querying Connections of a VPC Endpoint Service
- Accepting or Rejecting a VPC Endpoint
- Querying the Whitelist Records of a VPC Endpoint Service
- Batch Adding or Deleting Whitelist Records of a VPC Endpoint Service
- APIs for Managing VPC Endpoints
- Resource Quota
- Tag Function
- Application Examples
- Appendix
- Change History
- User Guide (Ankara Region)
-
API Reference (Ankara Region)
- Before You Start
- API Overview
- Calling APIs
-
APIs
- Version Management
-
APIs for Managing VPC Endpoint Services
- Creating a VPC Endpoint Service
- Querying Details About a VPC Endpoint Service
- Modifying a VPC Endpoint Service
- Deleting a VPC Endpoint Service
- Querying VPC Endpoint Services
- Querying Connections of a VPC Endpoint Service
- Accepting or Rejecting a VPC Endpoint
- Querying Whitelist Records of a VPC Endpoint Service
- Batch Adding or Deleting Whitelist Records
- Querying Public VPC Endpoint Services
- Querying Basic Information About a VPC Endpoint Service
- APIs for Managing VPC Endpoints
- Resource Quota
- Application Examples
- Permissions Policies and Supported Actions
- Appendix
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Show all
Copied.
Accessing OBS
Scenarios
This section describes how to access OBS using a VPN or Direct Connect connection.
OBS can be configured as a gateway VPC endpoint service on the VPC Endpoint console only in the LA-Mexico City1, LA-Sao Paulo1, and LA-Santiago regions.
To access OBS as gateway VPC endpoint services in other regions, you need to search for it by name. To obtain its name, you can submit a service ticket or contact the OBS O&M engineers.
Prerequisites
- The VPC subnet that needs to communicate with the VPN gateway must include the OBS CIDR block. For details about how to obtain the OBS CIDR block, submit a service ticket or contact the OBS customer manager.
For details about how to create a VPN connection, see Creating a VPN Gateway.
- The VPC subnet that needs to communicate with the Direct Connect virtual gateway must include the OBS CIDR block. For details about how to obtain the OBS CIDR block, submit a service ticket or contact the OBS customer manager.
For details on how to enable Direct Connect, see Enabling Direct Connect.
Procedure
- Go to the VPC endpoint list page.
- On the displayed page, click Buy VPC Endpoint.
- Set Service Category to Cloud Services and select com.myhuaweicloud.na-mexico-1.dns.
- Configure required parameters.
- Click Next and Submit.
- Check the private IP address returned after the VPC endpoint for connecting to DNS is created.
- Add DNS records on the DNS server at your on-premises data center to forward requests for resolving OBS domain names to the VPC endpoint for accessing DNS.
The methods of configuring DNS forwarding rules vary depending on OSs. For details, see the DNS software operation guides.
This step uses Bind, a common DNS software, as an example to configure forwarding rules in the UNIX.
Method 1: In file /etc/named.conf, add the DNS forwarder configuration and set forwarders to the private IP address of the VPC endpoint for accessing DNS.
options { forward only; forwarders{ xx.xx.xx.xx;}; };
Method 2: In file /etc/named.rfc1912.zones, add the following content, and set forwarders to the private IP address of the VPC endpoint for accessing DNS.
The following uses the OBS endpoint and cluster address of an OBS bucket in the LA-Mexico City1 region as an example:
zone "obs.na-mexico-1.myhuaweicloud.com" { type forward; forward only; forwarders{ xx.xx.xx.xx;}; }; zone "obs.lz01.na-mexico-1.myhuaweicloud.com" { type forward; forward only; forwarders{ xx.xx.xx.xx;}; };
NOTE:
- If no DNS server is available at your on-premises data center, add the private IP address of the VPC endpoint in file /etc/resolv.conf.
- obs.na-mexico-1.myhuaweicloud.com indicates the OBS endpoint in the LA-Mexico City1 region.
- obs.lz01.na-mexico-1.myhuaweicloud.com indicates the address of the lz01 cluster where the OBS bucket is deployed.
- xx.xx.xx.xx indicates the IP address returned in step 9.
- Configure a DNS route from the on-premises node to the Direct Connect or VPN gateway.
xx.xx.xx.xx indicates the private IP address of the VPC endpoint for accessing DNS. The traffic from the node to OBS needs to be directed to the Direct Connect or VPN gateway, and then to OBS through Direct Connect or VPN. Configure a permanent route at your on-premises data center and specify the IP address of the Direct Connect or VPN gateway as the next hop for accessing OBS.
route -p add xx.xx.xx.xx mask 255.255.255.255 xxx.xxx.xxx.xxx
NOTE:
- xx.xx.xx.xx indicates the IP address returned in step 9.
- xxx.xxx.xxx.xxx indicates the IP address of the Direct Connect or VPN gateway created at your on-premises data center.
- The route command format varies depending on the OS. Use the route command format corresponding to the actual OS.
- Repeat steps 5 to 9 to create a VPC endpoint for connecting to OBS.
NOTE:
You can only access OBS using the OBS domain name in the region where the VPC endpoint is located.
- Configure an OBS route from your on-premises data center to the Direct Connect or VPN gateway.
The IP address of OBS belongs to 100.125.0.0/16. Traffic from the data center to OBS needs to be directed to the Direct Connect or VPN gateway, and then to OBS through Direct Connect or VPN.
Configure a permanent route at your on-premises data center and specify the IP address of the Direct Connect or VPN gateway as the next hop for accessing OBS.
route -p add 100.125.0.0 mask 255.255.0.0 xxx.xxx.xxx.xxx
NOTE:
- If your on-premises data center is disconnected from the Direct Connect gateway or a VPN gateway, a connection between the on-premises node and the gateway must be established first.
- The route command format varies depending on the OS. Use the route command format corresponding to the actual OS.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot