ApsaraDB supports two network types: classic network and Virtual Private Cloud (VPC). This chapter describes the differences between the two network types and the method of configuration.
On Alibaba Cloud platform, a classic network and VPC have the following differences:
Classic network: The cloud service on the classic network is not isolated, and unauthorized access can be blocked only by the security group or white list policy of the cloud service.
VPC: It helps you build an isolated network environment on the Alibaba Cloud. You can customize the routing table, IP address range and gateway on the VPC. In addition, you can combine your own machine room and cloud resources in the VPC of Alibaba Cloud into a virtual machine room through a leased private line or VPN to migrate applications to the cloud seamlessly.
By default, RDS uses the classic network. If you want to use VPC, ensure that RDS and VPC are in the same region. You may create VPC in either of the following scenarios:
If RDS is not created, first create VPC, and then create RDS under VPC. For details, refer to the section New RDS Scenario below.
If RDS already exists, create VPC in the region where RDS is located and add RDS to VPC. For details, refer to the section Existing RDS Scenario below.
Create VPC. For details, refer to the VPC Quick Start.
Create an RDS instance in the region where VPC is located. For details, refer to Purchase.
During the purchase process, select VPC for Network type and select the created VPC, as shown in the figure below.
Create VPC in the region where RDS is located. For details, refer to the VPC Quick Start.
Log on to the
RDS Consoleand select the target instance.
Select Database Connection in the instance menu.
Click Switch to VPC on the Database Connection page, as shown in the figure below.
On the Switch to VPC page, select VPC and Virtual switch, and click OK, as shown in the figure below.
NOTE: After switching to VPC, the original intranet address is changed from a classic network address to a VPC address whereas the original Internet address remains unchanged, and ECS outside of VPC cannot be accessed.