This topic describes how to migrate resources from the classic network to a virtual private cloud (VPC), and the benefits of migration. VPCs are isolated from each other and provide higher security than the classic network.
Benefits
VPCs are private networks in the cloud. You can use Alibaba Cloud resources in your VPC. VPC has the following benefits:
Secure network environment
VPCs use the tunneling technology and can implement isolation at Layer 2. Your VPCs are secure and isolated on Alibaba Cloud. Different VPCs are completely isolated from each other.
Flexible network configurations
You have full control over your VPCs. For example, you can specify CIDR blocks, and configure route tables and gateways for your VPCs. This allows you to deploy resources and implement routing as needed. In addition, you can connect a VPC to a data center by using an Express Connect circuit or a VPN gateway. This allows you to smoothly migrate applications and extend your data center.
Solutions
Alibaba Cloud provides the hybrid access and hybrid attachment solutions. You can use the solutions independently or use them in combination.
If your applications depend on services such as ApsaraDB RDS and Server Load Balancer (SLB), you can use the solutions in combination. This allows you to smoothly migrate resources to a VPC and ensures the service availability.
You can also use ClassicLink to allow Elastic Compute Service (ECS) instances in the classic network to access cloud resources in the VPC. For more information, see Overview of ClassicLink.
Hybrid access and hybrid attachment
Both the hybrid access and hybrid attachment solutions support smooth migration, which allows you to create resources such as ECS instances in a VPC, and then migrate resources from the classic network to the VPC. After all resources are migrated, you can release the resources in the classic network. For more information, see Migrate cloud resources from a classic network to a VPC.
Hybrid attachment
To use this solution, specify ECS instances in the classic network and ECS instances in a VPC as backend servers of an SLB instance to receive requests forwarded by listeners. vServer groups are also supported.
This solution applies to Internet-facing and internal-facing SLB instances.
NoteIn scenarios where ECS instances in the classic network and ECS instances in a VPC are specified as backend servers of an internal-facing SLB instance in a VPC, if the listeners use TCP or UDP, the IP addresses of clients cannot be retrieved on the ECS instances in the classic network. However, the IP addresses of clients can be retrieved on the ECS instances in the VPC. This does not apply to listeners that use HTTP or HTTPs.
Hybrid access
Services such as ApsaraDB RDS and Object Storage Service (OSS) can be accessed by ECS instances in the classic network and ECS instances in a VPC. Such a service typically provides two endpoint types. One is the classic network endpoint and the other is the VPC endpoint.
When you use this solution, take note of the following rules:
This solution applies to most migration scenarios. If the ECS instances in the classic network need to communicate with the ECS instances in a VPC, you can use ClassicLink.
This solution applies only to the migration from the classic network to a VPC.