Kubernetes Kapsules and Managed Databases for Redis™ are also compatible with Private Networks, but they can only be attached to a Private Network at the time of creating the resource. It is not possible to attach a cluster or Redis™ database to a Private Network after its creation, or change the attached Private Network.
How to attach resources to a Private Network
VPC allows you to build your own Virtual Private Cloud on top of Scaleway’s shared public cloud. Within each VPC, you can create multiple Private Networks and attach Scaleway resources to them, as long as the resources are in an AZ within the network’s region. Attached resources can then communicate between themselves in an isolated and secure layer 2 network, away from the public internet.
Private Networks also have built-in Dynamic Host Configuration Protocol (DHCP), making it easy to manage the private IP addresses of your resources on the network.
Up to 512 resources can be attached to each Private Network, and each resource can be attached to up to eight Private Networks.
The following resource types can be attached to a Private Network:
- Instances
- Elastic Metal servers
- Load Balancers
- Public Gateways
- Managed Databases for PostgreSQL and MySQL
Before you start
To complete the actions presented below, you must have:
- A Scaleway account logged into the console
- Owner status or IAM permissions allowing you to perform actions in the intended Organization
- Created a Private Network
- Created at least one Scaleway resource in the same region as your Private Network
How to attach a resource to a Private Network
-
Click VPC in the Network section of the side menu. Your VPC dashboard displays:
-
Click the VPC containing the Private Network to which you want to attach a resource.
A list of Private Networks in this VPC displays:
-
Click the Private Network to which you want to attach a resource.
The Private Network’s dashboard displays.
-
Click the Attached resources tab.
If you already have resources attached to the Private Network, a list of these displays. Otherwise, you see a welcome screen.
-
Click + Attach resource. The following screen displays.
-
Select the type of resource (Instance, Elastic Metal server etc.) that you want to attach. Then select the specific resource to attach. Only resources within the same region (or one of its Availability Zones) as the Private Network will be displayed.
TipWhen attaching Instances, Load Balancers, Public Gateways, and Elastic Metal servers, you have the option to either auto-allocate an available IP from the pool of addresses for the Private Network or specify an IP that you have already reserved via IPAM. For Instances, which support both IPv4 and IPv6 for private IP addresses, you can also choose to auto-allocate or specify a reserved IP for each address type.
Support for using reserved IPs to attach Managed Databases to Private Networks will be coming soon.
-
Click Attach resource to finish.
You are returned to the list of attached resources, where the newly-attached resource now displays.
You can also attach a resource to a Private Network from the resource’s own section of the console. Follow the relevant steps below:
- Instance
- Elastic Metal server
- Managed Database for PostgreSQL and MySQL
- Load Balancer
- Public Gateway
Note that for Kubernetes Kapsules and Managed Databases for Redis™, you can only attach the resource to a Private Network at the time of creating the resource itself.
How to view the resource’s IP address
When you attach a resource to a Private Network, it gets a private IPv4 address on that network (and also an IPv6 address, if supported by the resource). Private IPs are assigned from the CIDR block defined at the time of the Private Network’s creation, either via auto-assignment or specification of a particular reserved IP.
No matter whether it is auto-allocated or pre-reserved, the IP remains stable for as long as the resource is attached to the Private Network, and does not risk changing even across reboots and long poweroffs. An auto-allocated IP is lost only when you delete the resource or detach it from the Private Network. Reserved IPs remain reserved even after you delete the resource or detach it from the Private Network, until you release the address.
You can view a resource’s IPv4 or v6 address in the Attached Resources tab of the Private Network itself (follow steps 1 - 5 above).
It can also be viewed via the Private Networks tab of the resource’s own dashboard.
When you attach an Instance or Elastic Metal server to a legacy Private Network on which you have not activated DHCP, no IP address is configured or shown on the screen shown above.
You will need to carry out manual configuration to set the IP address on the resource, or activate DHCP.
We strongly recommend that you activate DHCP on the Private Network to let us automatically handle IP address management.
If you do not see an IP address in the screens above for your resource, and you think you should, check out our troubleshooting guide.
Note that in any case, for Elastic Metal servers, some manual configuration is required even after activating DHCP. This is not required for Instances or other types of resources.
How to access a resource on a Private Network via its hostname (DNS)
In addition to using its IP address, you can also access a resource on a Private Network via its hostname, thanks to VPC’s inbuilt private DNS.
A resource’s hostname is equivalent to the name you gave the resource when creating it. For example, if you have an Instance with the name instance123
attached to a Private Network named prodpn
, its address on that network is instance123.prodpn.internal
.
- If you update the resource’s name after creating it, and thus its hostname changes, it will not be automatically updated on our DNS records unless you detach and reattach the resource to the Private Network.
- If you created the resource via the API, and it has dots in its name, these dots should be replaced by dashes for the purposes of DNS resolution (
my.instance
—>my-instance
) - You can also reach a resource via its resource ID, e.g.
e49902a6-ed4c-431f-bd62-0fc41063eec0.prodpn.internal
If you are still having problems reaching a resource attached to a Private Network via its hostname, see our troubleshooting guide.
How to detach a resource from a Private Network
-
Click VPC in the Network section of the side menu.
-
Click the VPC containing the Private Network from which you want to detach a resource.
A list of Private Networks in this VPC displays.
-
Click the Private Network from which you want to detach a resource.
-
Click the Attached resources tab.
A list of resources attached to the Private Network displays.
-
Click the «Unlink Icon» icon next to the resource you want to detach.
-
Click Detach resource when prompted to confirm.
You can also detach a resource to a Private Network from the resource’s own section of the console.