Creating a private network with Gateway (EN)

Objective

A Gateway offers a secure outbound connection method from your private network instances or the ability to use Floating IPs with your instance or Load Balancer for service exposition.

This can be created via the OVHcloud Control Panel, the OpenStack API or the OVHcloud API.

Learn how to create a private network with a gateway.

Requirements

• A Public Cloud project in your OVHcloud account
• Access to the OVHcloud API or the OpenStack command line environment (Tutorial)
• The OpenStack Command Line Interface tool installed on your working environment (optional)

Instructions

Dostęp do Panelu klienta OVHcloud

• Link bezpośredni: Public Cloud Projects
• Ścieżka nawigacji: Public Cloud > Wybierz projekt

Via the OVHcloud Control Panel

Step 1

Step 2

Step 3

Step 4

Step 5

Step 6

Click on Gateway in the left-hand menu under Network.

Please note that you need to have activated the vRack before proceeding, if you do not have a vRack, please consult this section of the relevant guide.

Next, click on Create a Gateway.

First, select a location. It is best to create a Public Gateway in the region where you intend to deploy your private instances.

In the next step, select your gateway size.

Size	Bandwith	Cost
S	up to 200Mbps	2€/month, excluding tax
M	up to 500Mbps	8€/month, excluding tax
L	up to 2Gbps	35€/month, excluding tax
XL	up to 4Gbps	121€/month, excluding tax
2XL	up to 8Gbps	304€/month, excluding tax

The next step allows you to edit the default name of your gateway and attach a private network to it. You can use the drop down list to select an existing private network. Be aware that only single-region private networks are supported by Gateway.

Otherwise, click on Add a private network to create a new one (in simplified dialog box with predefined values).

In our example, a private network does not exist yet in the region we selected, so we create a new one.

In the popup window, enter a name for your private network, select a subnet and click on Add.

Once the network has been added, click on Create a gateway.

The creation may take several minutes, you may need to refresh the page after a couple of minutes to display the new service.

Once the creation is done, you now have a private network linked to a public gateway.

To view your newly created private network, click on Private Networks in the left-hand menu under Network.

You can view the new gateway in the Gateway section.

Via Terraform

Before proceeding, it is recommended that you consult this guide:

• How to use Terraform

Once your environment is ready, you can create a Terraform file called 'private_network_simple.tf' and write the following:

# Create a Private Network
resource "ovh_cloud_project_network_private" "mypriv" {
  service_name  = "my_service_name"  # Replace with your OVHcloud project ID
  vlan_id       = "0"             # VLAN ID (usually 0)
  name          = "mypriv"
  regions       = ["GRA11"]
}
# Create a private subnet
resource "ovh_cloud_project_network_private_subnet" "myprivsub" {
  service_name  = ovh_cloud_project_network_private.mypriv.service_name
  network_id    = ovh_cloud_project_network_private.mypriv.id
  region        = "GRA11"
  start         = "10.0.0.2"
  end           = "10.0.255.254"
  network       = "10.0.0.0/16"
  dhcp          = true
}
# Create a custom gateway
resource "ovh_cloud_project_gateway" "gateway" {
  service_name = ovh_cloud_project_network_private.mypriv.service_name
  name         = "my-gateway"
  model        = "s"  # Gateway model ("s" for small, "m" for medium, etc.)
  region       = ovh_cloud_project_network_private_subnet.myprivsub.region
  network_id   = tolist(ovh_cloud_project_network_private.mypriv.regions_attributes[*].openstackid)[0]
  subnet_id    = ovh_cloud_project_network_private_subnet.myprivsub.id
}

You can create your resources by entering the following command:

terraform apply

Via the OpenStack API

Before proceeding, it is recommended that you consult these guides:

• Preparing an environment to use the OpenStack API
• Setting OpenStack environment variables

openstack network create my_network

openstack subnet create my_subnet --subnet-range <my_private_ip_range/mask> --network my_network --no-dhcp

Step 2

List the quality of service available:

openstack network qos policy list
+--------------------------------------+---------------+--------+---------+----------------------------------+
| ID                                   | Name          | Shared | Default | Project                          |
+--------------------------------------+---------------+--------+---------+----------------------------------+
| a5524eb5-944e-4106-b209-9478bbdcedab | large_router  | True   | False   | XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
| c210f5b2-db59-4973-a25f-9131195b6bcf | medium_router | True   | False   | XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
| ec0ee74d-a1f3-43f6-87aa-b0e69ef8ce45 | small_router  | True   | False   | XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX |
+--------------------------------------+---------------+--------+---------+----------------------------------+

Step 3

openstack router create my_router 

openstack router add subnet my_router my_subnet

openstack router set --external-gateway Ext-Net --qos-policy QOS_ID_OF_YOUR_CHOICE my_router

If you omit the --qos-policy parameter the "small" quality of service will be applied.

Via the OVHcloud API

Go further

Learn more about Gateway and its scenarios on our dedicated page.

If you need training or technical assistance to implement our solutions, contact your sales representative or click on this link to get a quote and ask our Professional Services experts for assisting you on your specific use case of your project.

Join our community of users.