This topic describes how to enable Elastic Container Instances (ECIs) to communicate with the Internet. The following two methods are available:

  • Associate an Elastic IP Address (EIP) with a network address translation (NAT) gateway in the Virtual Private Cloud (VPC) where an ECI resides.
  • Directly associate an EIP with an ECI.

Method 1: Associate an EIP with a NAT gateway in the VPC where an ECI resides

Scenario: ECI pulls images from Docker Hub.

Procedure:
  1. Create a VPC and a VSwitch.
  2. Create a NAT gateway.
  3. Create an EIP and associate it with the NAT gateway.
  4. Create a source network address translation (SNAT) entry for the NAT gateway.

Procedure

  1. Create a VPC and a VSwitch.
    Log on to the VPC console. Create a VPC on the VPCs page and create a VSwitch on the VSwitches page.
  2. Create a NAT gateway.
    On the NAT Gateways page, create a NAT gateway. Select the VPC created in the previous step when you create the NAT gateway.
  3. On the Elastic IP Addresses page, create an EIP to be associated with the created NAT gateway.
    Associate the EIP with the NAT gateway.
  4. Create an SNAT entry for the NAT gateway.
    Create an SNAT entry for the NAT gateway to enable Internet access.

    After the preceding configuration is completed, you can pull images from Docker Hub when you create an ECI. All ECIs in the same zone can access the Internet through the NAT gateway and the EIP associated with the VSwitch in the VPC.

    If you want to enable the access from the Internet to ECIs, you also need to create a destination network address translation (DNAT) entry for the NAT gateway. For more information, see PAI Studio.

Method 2: Directly associate an EIP with an ECI

Scenario: The NGINX web server needs to access an ECI over the Internet.

The following figures show the configurations for creating an ECI. You can directly associate an EIP that resides in the same region with the ECI. When the NGINX web server is started, port 80 is exposed to the EIP. In addition, you need to set a security group rule to enable port 80.
Notice Different from a NAT gateway, an EIP can only be associated with an ECI. If you want to enable multiple ECIs to access the Internet, you must associate an EIP with each ECI.
After the ECI is started, enter the URL in the http://EIP:Port number format in a browser. The webpage in the following figure appears.