Overview
Service Overview
Samsung Cloud Platform provides VPC service to support the use of logically isolated customer-dedicated private network spaces in the cloud environment.
VPC (Virtual Private Cloud) is a service that provides logically isolated customer-dedicated private network spaces in the cloud environment. You can create General Subnets for public or private use, and Local Subnets for server-to-server communication according to your purpose. You can freely choose NAT Gateway and Internet Gateway to configure various networks. You can create multiple VPCs and operate them independently. You can configure connections between VPCs through VPC Peering.
Service Architecture
Components
Subnet
Subnet refers to the IP address range of a VPC. You can create subnets for public or private use using General Subnets according to your purpose. It is a service that allows users to subdivide networks according to their purpose/scale within a VPC. Subnet provides General Subnet and Local Subnet for server-to-server communication.
General Subnet Create/View/Delete: This is the subnet created by default when creating a VPC, and you use the subnet according to your purpose. For example, you can distinguish and use it as a Public Subnet that can access the internet and a Private Subnet that cannot access the internet.
VPC Endpoint Subnet Create/View/Delete: You can create an entry point to the VPC that allows access to Samsung Cloud Platform through a private connection from an external network connected to the VPC.
Local Subnet Create/View/Delete: This is a subnet that allows only direct connections between Virtual Server-Virtual Server or Bare Metal Server-Bare Metal Server without connecting to other subnets or external access. Only Virtual Server-Virtual Server settings within the VPC are possible.
Subnet Types
Sub_network refers to a subdivided IP address area in small units for use in an IP network. Subnet types are divided according to how routing for the subnet is configured.
| Type | Description |
|---|---|
| Public Subnet | Can configure a subnet that can access the internet as a General Subnet |
| Private Subnet | Can configure a subnet that cannot access the internet as a General Subnet |
| VPC Endpoint Subnet | Can configure a subnet that can be used as a VPC Endpoint |
| Local Subnet | Can configure a subnet that cannot connect to other subnets or external access |
Internet Gateway
You can create an Internet Gateway and connect it to a VPC, view detailed information, or delete unused Internet Gateways. You can connect VPC resources to the internet using the Internet Gateway.
You can assign a Public IP to instances and load balancers that can be connected from the outside by connecting to the internet.
NAT Gateway
You can create a NAT Gateway and connect it to a subnet, view detailed information, or delete unused NAT Gateways.
To create a NAT Gateway for a subnet, you must first create an Internet Gateway and connect it to the VPC. When you create a NAT Gateway, internet access is allowed for all resources belonging to the subnet. Apply firewall rules to restrict internet access.
NAT Gateway can be created for the General type, and it is a service that maps one representative public IP for Virtual Servers without public IP NAT mapping for outbound internet use.
Public IP
If you want to use the same IP address every time you stop and start an instance, you reserve and assign a Public IP.
It is a service that creates a desired public IP within Samsung Cloud Platform’s available Public IP Pool and assigns it to Compute resources.
Even if the Compute resource assigned with the specified Public IP is rebooted, the IP does not change.
Port
Provides a connection point to connect a single device, such as a server’s NIC, to a network. This allows additional devices beyond the default NIC.
VPC Endpoint
Provides an entry point to the VPC that allows access to Samsung Cloud Platform through a private connection from an external network connected to the VPC.
VPC Peering
You can communicate via IP through a 1:1 private route between VPCs. By default, peering between VPCs of the same account is provided, and only one connection between different accounts is allowed.
Private NAT
Compute resources within a VPC can connect by mapping customer network IPs using Direct Connect.
Transit Gateway
Transit Gateway is a gateway service that easily connects customer networks and Samsung Cloud Platform’s networks and acts as a connection hub for multiple VPCs within the cloud environment.
Through Transit Gateway, you can configure various network topologies as desired. In addition, you can thoroughly manage security by providing independent firewall configuration and routing functions for each connected network section.
PrivateLink
It is a service that connects a private path between the VPC and SCP services without exposing internal data of Samsung Cloud Platform to the internet.
- PrivateLink Service is for service providers, and PrivateLink Endpoint is for service users.
Constraints
Samsung Cloud Platform’s VPC limits the number of VPCs and Subnets created as follows.
| Category | Default Quota | Description |
|---|---|---|
| VPC | 5 | Default VPC creation limit per account |
| VPC IP Range | 6 | IP range creation limit per VPC (default 1 + additional 5) |
| VPC Peering | 5 | VPC Peering creation limit per account |
| Subnet | 3 | Default Subnet creation limit per VPC |
| Private NAT | 3 | Default Private NAT creation limit per VPC |
| Transit Gateway | 3 | Transit Gateway creation limit per account |
| VPC to Transit Gateway Connection | 5 | VPC connection limit per Transit Gateway (only same account can be connected) |
Prerequisites
VPC has no prerequisites.