This topic describes how to use Cloud Enterprise Network (CEN) to enable Elastic Compute Search (ECS) instances in different VPC networks to communicate with the same Cloud Storage Gateway (CSG) instance.
CSG is a storage service that helps you seamlessly integrate on-premises applications, infrastructure, and data storage with Alibaba Cloud. You can deploy virtual devices complied with standard storage protocols in your on-premises data centers or on Alibaba Cloud. This allows you to seamlessly connect on-premises storage applications and workloads to Alibaba Cloud storage and computing services.
On Alibaba Cloud, many enterprise users interconnect multiple VPC networks to run a large number of ECS clusters. However, CSG V1.0.31 and earlier versions only support interconnecting ECS instances that are deployed in the same VPC network. These versions do not support interconnecting ECS instances that are deployed in different VPC networks. CSG V1.0.32 and later versions support multiple VPC CIDR blocks, including 192.168.0.0/16, 172.16.0.0/12, and 10.0.0.0/8. This example
shows how to configure CEN instances, Express Connect, and security groups to enable ECS instances in three different VPC networks to communicate with the same CSG instance.
- SG represents security group.
- VPC represents virtual private networks. 172.16.0.0/12 and other CIDR blocks represent the supported CIDR blocks.
Configure the CEN instance
Create security group rules
You can create security groups for the CSG instance to enable all Cloud Enterprise Network (CEN) instances to share the same CSG instance. In this example, you need to create the following security groups: SG-10 and SG-192.
- Log on to the ECS console.
- Choose .
- On the Security Groups page, find the target security group and click Add Rules.
- On the Security Group Rules page, click Add Security Group Rule.
- In the Add Security Group Rule dialog box that appears, set the required parameters.
Set Authorization Type to IPv4 CIDR Block. For more information about the other parameters, see Add security group rules.
If you need to use Lightweight Directory Access Protocol (LDAP) and Active Directory (AD), set Protocol Type to Customized TCP or Customized UDP, and Port Range to 53/636.
After you configure security group rules, all ECS instances in the VPC networks can access the CSG instance through CEN. CSG supports standard storage protocols NFS, SMB, and iSCSI, allowing instances using these protocols to store volumetric data on Object Storage Service (OSS) for other instances using new storage protocols. This facilitates storage expansion, cross-region data sharing, data distribution, compatibility with legacy applications, and backup data archiving and transfer. For more information, see Cloud Storage Gateway scenarios.
Access the CSG instance
- Access file gateways
- Access block gateways
- For more information about how to access block gateways from a client that runs the Linux operating system, see Use volumes from a Linux operating system.
- For more information about how to access block gateways from a client that runs the Windows operating system, see Use volumes from a Windows operating system.