All Products
Search
Document Center

Virtual Private Cloud:Overview of the migration solution

Last Updated:Sep 12, 2024

This topic describes how to migrate resources from the classic network to a virtual private cloud (VPC), and the benefits of migration. VPCs are isolated from each other and provide higher security than the classic network.

Benefits

VPCs are private networks in the cloud. You can use Alibaba Cloud resources in your VPC. VPC has the following benefits:

  • Secure network environment

    VPCs use tunneling technology and can implement isolation at Layer 2. Your VPCs are secure and isolated on Alibaba Cloud. Different VPCs are completely isolated from each other.

  • Flexible network configurations

    You have full control over your VPCs. For example, you can specify CIDR blocks, and configure route tables and gateways for your VPCs. This allows you to deploy resources and implement routing as needed. In addition, you can connect a VPC to a data center by using an Express Connect circuit or a VPN gateway. This allows you to smoothly migrate applications and extend your data center.

Note

Alibaba Cloud discontinues services for Elastic Compute Service (ECS) instances on classic networks starting February 28, 2025. We recommend that you migrate existing classic network instances to VPCs to avoid unintentional resource release or unavailability.

Solutions

Alibaba Cloud provides hybrid access and hybrid attachment solutions. You can use the solutions independently or in combination.

If your applications depend on services such as ApsaraDB RDS and Classic Load Balancer (CLB), you can use the solutions in combination. This allows you to smoothly migrate resources to a VPC and ensures service availability.

You can also use ClassicLink to allow ECS instances in the classic network to access cloud resources in the VPC. For more information, see Overview of ClassicLink.

Hybrid access and hybrid attachment

Both the hybrid access and hybrid attachment solutions support smooth migration, which allows you to create resources such as ECS instances in a VPC, and then migrate resources from the classic network to the VPC. After all resources are migrated, you can release them in the classic network. For more information, see Migrate cloud resources from a classic network to a VPC.

  • Hybrid attachment

    To use this solution, specify ECS instances in the classic network and ECS instances in a VPC as backend servers of a CLB instance to receive requests forwarded by listeners. vServer groups are also supported.

    This solution applies to Internet-facing and internal-facing CLB instances.

    Note
    • In scenarios where ECS instances in the classic network and ECS instances in a VPC are specified as backend servers of an internal-facing CLB instance in a VPC, if the listeners use TCP or UDP, the IP addresses of clients cannot be retrieved on the ECS instances in the classic network. However, the IP addresses of clients can be retrieved on the ECS instances in the VPC. This does not apply to listeners that use HTTP or HTTPs.

    • CLB instances created after March 23, 2021 cannot be associated with ECS instances in classic networks, while earlier instances are not affected.

  • Hybrid access

    Services such as ApsaraDB RDS and Object Storage Service (OSS) can be accessed by ECS instances in the classic network and ECS instances in a VPC. Such a service typically provides two endpoint types. One is the classic network endpoint and the other is the VPC endpoint.

When you use this solution, take note of the following rules:

  • This solution applies to most migration scenarios. If the ECS instances in the classic network need to communicate with the ECS instances in a VPC, you can use ClassicLink.

  • This solution applies only to the migration from the classic network to a VPC.