Overview
Service Overview
Samsung Cloud Platform provides VPC services to support the use of a logically isolated, customer-dedicated private network space in the cloud environment.
VPC (Virtual Private Cloud) is a service that provides a logically isolated, customer-dedicated private network space in a cloud environment. Depending on the use case, you can create a General Subnet and a Local Subnet for communication between servers, and freely select NAT Gateway and Internet Gateway to configure various networks. You can create multiple VPCs and operate them independently. VPC Peering enables connectivity configuration between VPCs.
Service Architecture Diagram
Component
Subnet
A Subnet refers to the IP address range of a VPC. Depending on the purpose, use a General Subnet to create Subnets for Public or Private use. It is a service that lets users segment the network within a VPC to match their purpose and scale. Subnet provides a regular Subnet and a Local Subnet for communication between servers.
General Subnet Creation/Query/Deletion: When creating a VPC, a Subnet is created by default and can be used according to its purpose. For example, you can separate and use a Public Subnet that can access the Internet and a Private Subnet that cannot.
VPC Endpoint Subnet Create/Read/Delete: Access to the Samsung Cloud Platform is possible via a private connection from an external network linked to the VPC, enabling entry into the VPC.
Local Subnet Creation/Query/Deletion: It does not allow connections to other subnets or external access, and only permits direct connections between Virtual Server-Virtual Server or Bare Metal Server-Bare Metal Server, so it can be configured only for Virtual Server-Virtual Server communication within the VPC.
Subnet types
It denotes a Sub_network, an IP address space subdivided into smaller units for use in an IP network. Subnet types are divided based on how routing for the Subnet is configured.
| type | Detailed description |
|---|---|
| Public Subnet | A Subnet that can access the internet can be configured using a General Subnet. |
| Private Subnet | A Subnet that cannot access the internet can be configured using a General Subnet. |
| VPC Endpoint Subnet | Subnet configuration that can be used for a VPC Endpoint |
| Local Subnet | Configure a subnet that cannot connect to other subnets or external networks. |
Internet Gateway
Create an Internet Gateway to connect it to a VPC, view its details, or delete an unused Internet Gateway. You can use an Internet Gateway to connect VPC resources to the Internet.
You can assign a Public IP to instances and load balancers that are connected to the internet, allowing external access.
NAT Gateway
You can create a NAT Gateway, connect it to a subnet, view its details, or delete an unused NAT Gateway.
To create a NAT Gateway for a subnet, you must first create an Internet Gateway and attach it to the VPC. When you create a NAT Gateway, internet access is allowed for all resources in the subnet. To restrict internet access, apply firewall rules.
A NAT Gateway can be created for the General type, and it is a service that maps a single representative public IP to a Virtual Server without a public IP NAT for outbound internet usage.
Public IP
If you want to use the same IP address each time you stop and start an instance, reserve a Public IP and use it.
This is a service that creates a desired public IP within the available Public IP Pool of Samsung Cloud Platform and assigns it to compute resources for use.
Compute resources assigned with the designated public IP will not have their IP changed even after reboot.
Port
Provides a connection point to attach a single device, such as a server’s NIC, to the network. This enables adding additional NICs beyond the default provision.
VPC Endpoint
Provides an entry point for the VPC that enables access to the Samsung Cloud Platform via a private connection from an external network connected to the VPC.
VPC Peering
You can communicate via IP through a 1:1 private route between VPCs. By default, peering is provided between VPCs in the same account, and only one connection is allowed between different accounts.
Private NAT
From compute resources within the VPC, you can use Direct Connect to map the customer’s IP and establish a connection.
Transit Gateway
Transit Gateway is a gateway service that easily connects the customer’s network with the Samsung Cloud Platform network and serves as a connection hub for multiple VPCs within the cloud environment.
Through the Transit Gateway, you can configure a variety of network topologies that meet customer requirements. Additionally, it provides independent firewall configurations and routing capabilities for each connected network segment, enabling thorough security management.
PrivateLink
It is a service that connects internal Samsung Cloud Platform data to a private path between the VPC and the SCP service without exposing it to the internet.
- PrivateLink Service is for service providers, and PrivateLink Endpoint is for service users.
Constraints
Samsung Cloud Platform’s VPC limits the number of VPCs and subnets that can be created as follows.
| Category | Default quota | Detailed description |
|---|---|---|
| VPC | 5 | Default VPC creation limit per account |
| VPC IP range | 6 | Number of IP range creation limits per VPC (default 1 + additional 5) |
| VPC Peering | 5 | VPC Peering creation limit per account |
| Subnet | 3 | Maximum number of default subnets per VPC |
| Private NAT | 3 | Default Private NAT creation limit per VPC |
| Transit Gateway | 3 | Maximum number of Transit Gateways per account |
| Transit Gateway connection from VPC | 5 | Maximum number of VPC connections per Transit Gateway (only the same account can be connected) |
Prior Service
VPC has no prerequisite services.