Overview
Service Overview
Samsung Cloud Platform provides VPC services to support the use of logically separated, customer-dedicated private network spaces in the cloud environment.
VPC (Virtual Private Cloud) is a service that provides a logically isolated, customer-dedicated private network space in a cloud environment. Depending on the usage purpose, you can create a General Subnet and a Local Subnet for communication between servers, and you can freely select NAT Gateway and Internet Gateway to configure various networks. You can create multiple VPCs and operate them independently. VPC Peering allows configuration of connections between VPCs.
Service Architecture Diagram
Components
Subnet
Subnet means the IP address range of a VPC. Depending on the purpose, use a General Subnet to create a Subnet for Public or Private use. It is a service that allows users to segment the network within a VPC according to their purpose/scale. Subnet provides a Local Subnet for communication between a regular Subnet and a server.
General Subnet Create/Read/Delete: When creating a VPC, the Subnet that is created by default is used according to purpose. For example, it can be used by distinguishing between a Public Subnet that can use the Internet and a Private Subnet that cannot use the Internet.
VPC Endpoint Subnet Create/Read/Delete: It is possible to access the Samsung Cloud Platform via a private connection from an external network connected to the VPC, allowing entry to the VPC.
Local Subnet creation/query/deletion: It does not allow connections to other Subnets or external access, and is a Subnet that only permits direct connections between Virtual Server-Virtual Server or Bare Metal Server-Bare Metal Server, so only settings between Virtual Server-Virtual Server within the VPC are possible.
Subnet types
It means Sub_network and is an IP address space subdivided into small units for use in IP networks. Subnet types are divided according to how routing for the Subnet is configured.
| Type | Detailed Description |
|---|---|
| Public Subnet | Subnet can be configured to use the internet as a General Subnet |
| Private Subnet | Can configure a Subnet where internet usage is not possible using General Subnet |
| VPC Endpoint Subnet | Subnet configuration that can be used as VPC Endpoint |
| Local Subnet | Possible to configure a Subnet that does not connect to other Subnets or external access |
Internet Gateway
You can create an Internet Gateway to connect to a VPC, view detailed information, or delete an unused Internet Gateway. You can use an Internet Gateway to connect VPC resources to the internet.
You can assign a public IP to instances and load balancers that can be connected to the internet, allowing access from outside.
NAT Gateway
Create a NAT Gateway, connect it to a subnet, view detailed information, or delete an unused NAT Gateway.
To create a NAT Gateway for a subnet, you must first create an Internet Gateway and attach it to the VPC. Creating a NAT Gateway allows internet access for all resources in the subnet. To restrict internet access, apply firewall rules.
A NAT Gateway can be created when it is of the General type, and it is a service that maps a single representative public IP for a Virtual Server without a public IP NAT, for outbound internet usage.
Public IP
If you want to use the same IP address each time you stop and start an instance, you reserve a Public IP and use it.
This is a service that creates a desired public IP within the available Public IP Pool of Samsung Cloud Platform and assigns it to compute resources for use.
Compute resources assigned with the designated public IP will not have their IP changed even if they are rebooted.
Port
Provides a connection point to connect a single device such as a server’s NIC to the network. This allows addition beyond the default provided NIC.
VPC Endpoint
Provides an entry point of the VPC that can access the Samsung Cloud Platform via a Private connection from an external network connected to the VPC.
VPC Peering
Through a 1:1 private route between VPCs, IP communication is possible. By default, peering is provided between VPCs in the same Account, and only one connection is allowed between different Accounts.
Private NAT
You can map and connect the customer’s IP using Direct Connect from compute resources within the VPC.
Transit Gateway
Transit Gateway connects the customer’s network and Samsung Cloud Platform’s network easily and serves as a gateway service that acts as a connection hub for multiple VPCs within the cloud environment.
Through Transit Gateway, customers can configure various network topologies they desire. Additionally, it provides independent firewall configuration and routing functions for each connected network segment, allowing thorough security management.
PrivateLink
It is a service that connects internal data of Samsung Cloud Platform to a private path between VPC and SCP services without exposing it to the internet.
- PrivateLink Service is for service providers, and PrivateLink Endpoint is for service users.
Constraints
The VPC of Samsung Cloud Platform limits the number of VPCs and Subnets created as follows.
| Category | Default Quota | Detailed Description |
|---|---|---|
| VPC | 5 | Number of default VPC creation limit per Account |
| VPC Peering | 5 | Number of VPC Peering creation limit per account |
| Subnet | 3 | Default Subnet creation limit per VPC |
| Private NAT | 3 | Default number of Private NATs that can be created per VPC |
| Transit Gateway | 3 | Number of Transit Gateways creation limit per account |
| Transit Gateway connection from VPC | 5 | Maximum number of VPC connections per Transit Gateway (only same account can connect) |
Prior Service
VPC has no preceding service.