The users can customize the network segment of a VPC, and then further divide the Virtual Private Cloud into multiple subnets, and deploy applications and services on the corresponding network to meet various application scenarios.
The users can configure the next hop type, next hop and destination of the routing rule in the Route Table according to the service requirements. After the Route Table is associated with a subnet, the management of the network traffic forwarding path can be achieved.
Network ACL: When operating at the subnet level, it supports the allowing rule and the denying rule.. Data flow return must be explicitly allowed by the rules. Security group: When operating at the instance level, it only supports the allowing rule. Data flow return is automatically allowed, not affected by any rule.
If the resources in VPC have requirement to visit the Internet, EIP access can be realized by associating the elastic IP or self-building the NAT gateway and configuring corresponding routing policy.
To deploy some resources (e.g. application and database) on the cloud and some resources in the enterprise IDC, the user can connect the Intranet of JD Cloud and enterprise IDC Intranet through VPN tunnel or Direct Connection.
To cope with mass traffic and burst traffic business demands (such as portal website, e-commercial website and massive online game), Load Balancer can be used for traffic distribution. Dynamic adjustment can be made to the quantity of backend Virtual Machines. High-availability service solutions can be provided through redundant deployment of devices in the multiple availability zones.
WEB service can make response to the customer requests by using Virtual Private Cloud (e.g. website and blog) of Intranet deployment and configuring Security Group, network ACL and other virtual firewalls. However, WEB service is prevented to visit internet, guaranteeing the security of WEB service.
Support unvarnished transmission of the real IP address of the client through Load Balancer under HTTP monitoring protocol, making it convenient to analyze the source of customer and make statistics on the operation and maintenance data
You can create different subnets within Virtual Private Cloud. The whole Web layer is placed on one subnet. The logical layer is placed on a separate subnet by configuring elastic IP/NAT Gateway for communication with the Internet. The data layer is placed on another subnet. The flow between subnets is controlled by network ACL. Such secure and flexible deployment can not only satisfy your demands for Internet application and access but also guarantee the security of the database server. More connection demands can be realized through peering, connection, VPN and other products.
Scan, feedback the current page