Public Access

August 9, 2022 at 12:42 PM

Public Access

Table of Contents

Adding Network

To configure the networks, you need to go to My Services, select the necessary service, and go to the Networks tab.
You can add access from the Internet in this section. To add a network, click the Add access button.

Add_access

Public access parameters are set in the modal window:

load_balancer

The settings are divided into 3 blocks:

1. Load Balancer - network settings that will be used to optimize the use of resources;

  • Name is the name of your network;
  • Domain* - the address which will be used for access from the Internet for this network.
  • External protocol - protocol type (HTTPS, HTTP, or TCP) for data transfer outside the network;
  • Internal protocol - protocol type (HTTPS, HTTP, or TCP) for data transfer within the network;
    Note: If TCP is selected in one of these lists, the protocol type in the other list is replaced with TCP automatically.
  • Port - an internal port that will send and receive requests.
  • Manage Certificates button is available if you’ve chosen HTTPS as an external protocol type and activated the Use my domain name option. Manage Certificates button links to the new popup window with the certificates list. Here you can check, add, or remove certificates.

2. Virtual machines are VMs, which will be manipulated by the load balancer. There should be at least one VM in the network.

  • VM is a virtual machine;
  • IP is the IP address from which the data will be redirected.

3. Information Security

  • Project determines a project for which it is necessary to add external access from the Internet.
  • Purpose is the aim of adding external access from the Internet.

* - There are two ways of using domain names:

  1. Use own domain name (it is necessary to activate Use my domain name). Once you’ve created a domain name, you will receive an email notifying to fill in a DNS record.
  2. Use a corporate domain name (it is necessary to enter Subdomain and choose a corporate domain from the list). The domain owner will receive an email notification stating the domain usage request (the requester may be found in CC).

To add a machine, press the button near the VM. After that, you can configure another VM.
Click the Save button to finish.

Viewing Public Access

After adding the network, they are displayed in the form of a list with the following characteristics:

  • Access name;
  • Domain name;
  • Port and protocol;
  • Number of VMs;
  • Status.

networks_list

Usage of HTTP/2

When using HTTPS, the load balancer coordinates HTTP/2 и HTTP/1.1 with the client as an SSL handshake using the TLS extension ALPN. HTTP/2 will be used as the default protocol for all browsers.

Note: in some cases, it is possible to use HTTP/1.1 instead of HTTP/2 atop HTTPS (e.g. when using curl with --http1.1).

If HTTPS is used as an internal protocol, the interaction between the load balancer and the client’s server can be carried out via both HTTP/1.1 and HTTP/2 and depends on the server’s settings.

To start using gRPC, you have to proxy end-to-end requests atop HTTP/2. To do this, select HTTPS as a protocol for internal and external access.

Manage Certificates

The list of the certificates added can be found in the Manage Certificates window with the following information:

  • Name of the certificate
  • Certificate’s domains
  • Expiration date

cert_list

To add a new certificate click the Add certificate button and provide the information in the modal window. One certificate record corresponds to one certificate.

To remove a certificate, click the recycle bin icon in front of it. You will be requested to confirm the action.

add_cert