DocsICP FilingConsole
官方文档
首页

Prepare the environment

更新时间:
复制 MD 格式
产品详情
我的收藏

To host applications using SOFAStack, you must first prepare a deployment environment. This environment includes workspaces for resource isolation, a secure virtual private cloud (VPC), and security groups for ECS servers.

Prerequisites

  • You have an Alibaba Cloud account that has completed identity verification.

  • You have activated SOFAStack.

Procedure

Create a standard workspace

A workspace is a group of resources that have service interconnection, consistent security policies, and minimal access latency. Workspaces let you easily group and manage resources. For example, you can create separate workspaces for development, testing, and production. Resources in different workspaces are isolated from each other.

  1. Log on to the SOFAStack console.

  2. In the navigation pane on the left, click Global Settings at the bottom.

  3. Click Add Workspace, select the Standard Workspace type, and click Create.

    Note

    If a workspace already exists, click Create Workspace in the upper-left corner.

  4. On the Create Workspace page, enter the following basic information.

    • Workspace ID: Enter an ID for the workspace. The ID must be 2 to 45 characters long, start with a letter, and contain only letters and digits. The ID must be globally unique and cannot be changed after creation. For example, you can enter `dev`, `test`, or `prod`. In this example, enter DemoWS.

    • Workspace Name: Enter a display name for the workspace. The name must be 1 to 64 characters long. For example, you can enter Development Workspace, Test Workspace, or Production Workspace. In this example, enter DemoWS.

    • Region: Select the region for the workspace. Each workspace must belong to a region.

    • Network Type: Select VPC.

    • Import VPC: Keep this disabled.

    • Zone: Select the zones for the workspace. You can select multiple zones, but each zone must have exactly one vSwitch. The workspace can only import resources from the configured zones. Features such as publishing, deployment, and disaster recovery use these zones for grouped releases and switchovers. Configure two zones to support high availability (HA) architectures, such as dual-data-center architectures.

  5. Click Next. On the Create VPC page, enter the following configuration information:

    • VPC Name: The name must be 2 to 128 characters long, start with a letter or a Chinese character, and can contain digits, underscores (_), and hyphens (-). You can use the system-generated name, which is in the format WorkspaceID-vpc.

    • VPC CIDR Block: This setting cannot be changed after the VPC is created. The private IP addresses of all resources in the VPC, such as ECS, RDS, and SLB instances, are allocated from this CIDR block. The available CIDR blocks are:

      • 10.0.0.0/8

      • 172.16.0.0/12

      • 192.168.0.0/16

    • Description: The description is optional and can contain 2 to 256 English or Chinese characters. It cannot start with http:// or https://.

    • vSwitch: Click Add vSwitch. In the Create vSwitch window that appears, enter the following information and click Submit.

      • Name: The name must be 2 to 128 characters long, start with a letter or a Chinese character, and can contain digits, underscores (_), and hyphens (-). The system automatically generates a default name in the format WorkspaceID-vsw.

      • Zone: Select the zone for the vSwitch. vSwitches in different zones within the same VPC can communicate with each other over the private network. You must create one vSwitch for each zone.

      • Custom CIDR Block: This option is disabled by default. If you enable it, you must enter a CIDR block. The vSwitch CIDR block can be the same as the VPC CIDR block or a subnet of it.

      • Subnet Mask: If Custom CIDR Block is disabled, select a subnet mask and a CIDR block. The default subnet mask is 24 bits (for example, 172.31.0.0/24). The mask can range from 16 to 29 bits, which provides from 4 to 65,532 addresses.

      • Description: The vSwitch description must be 2 to 256 characters in length and must not start with http:// or https://.

  6. Click Next. On the Create Security Group page, click Add Security Group. In the Add Security Group window that appears, enter the following information and click Submit.

    • Security Group Name: Required. Enter a name for the security group. The name must be 2 to 128 characters long, start with a letter, and can contain letters, digits, hyphens (-), and periods (.).

    • Description: The description is optional. It can contain 2 to 256 English or Chinese characters and cannot start with http:// or https://.

    • Rules: Keep the default settings, which allow all inbound and outbound traffic.

  7. Click OK to return to the Create Security Group page, and then click Submit.

Previous:Activate serviceNext:Create application metadata