Migrate a classic network to a VPC

Why migrate to a VPC?

A VPC is your own private network in the cloud. You can use Alibaba Cloud resources within a VPC that you define. VPCs offer the following benefits:

• Secure network environment

  A VPC uses tunneling to achieve data-link layer isolation. This provides each tenant with an independent and isolated secure network. Different VPCs are completely isolated from each other.

• Controllable network configuration

  You have complete control over your virtual network. For example, you can define your own IP address range, configure route tables, and set up gateways. This lets you easily plan your internal network resources and routing paths. You can also connect your VPC to a traditional data center using a leased line or VPN. This helps you create a custom network environment, smoothly migrate applications to the cloud, and extend your data center.

How to migrate

Alibaba Cloud provides the following two solutions for migrating from a classic network to a VPC. You can use these solutions independently or together to suit different migration scenarios:

• Hybrid access and hybrid attachment solution

  If your services depend on cloud products such as ApsaraDB RDS and CLB, use the hybrid access and hybrid attachment solution. This solution allows for a smooth migration of your system to a VPC environment and ensures service stability.

  You can use this solution with the ClassicLink feature to allow classic network ECS instances that have not been migrated to access cloud resources in the VPC. For more information, see ClassicLink overview.

• Single ECS migration solution

  If your application is deployed on an ECS instance and restarting the ECS instance does not affect your system, you can choose the single ECS migration solution.

Hybrid attachment and hybrid access solution

The hybrid attachment and hybrid access solution provides a method for smooth migration. In this solution, you create new cloud product instances, such as ECS instances, in a VPC and then migrate your system to the VPC. After all systems are migrated to the VPC, you can release the resources in the classic network to complete the migration. For more information, see Hybrid access and hybrid attachment migration example.

• Hybrid attachment

  Hybrid attachment means that a CLB instance can use both classic network and VPC ECS instances as backend servers. These servers accept requests forwarded by the listener. Hybrid attachment is also supported for vServer groups.

  Both public-facing and private-facing CLB instances support hybrid attachment.

  Note

  • When a private-facing VPC CLB instance has both classic network and VPC ECS instances attached, a Layer 4 (TCP and UDP) listener cannot retrieve the originating IP address of clients from the classic network ECS instances. However, the listener can still retrieve the originating IP address from the VPC ECS instances. This does not affect Layer 7 (HTTP and HTTPS) listeners, which can retrieve the originating IP address of clients as usual.

  • CLB instances created after March 23, 2021, no longer support attaching classic network ECS instances. Existing instances are not affected.

• Hybrid access

  Cloud products such as ApsaraDB RDS and Object Storage Service (OSS) support hybrid access. This allows them to be accessed by ECS instances in both classic networks and VPCs. These products usually provide two endpoints: a classic network endpoint and a VPC endpoint.

When you use this solution, note the following:

• This solution is suitable for most system migrations. However, if your VPC ECS instances and classic network ECS instances need to communicate over the private network, you must use the ClassicLink feature.

• This solution is only for migrating from a classic network to a VPC.

Single ECS migration solution

The single ECS migration solution lets you migrate a classic network ECS instance to a VPC without creating an image or repurchasing the instance.

After you schedule the migration in the console, Alibaba Cloud performs the migration at your specified time. You will receive a text message notification after the migration is complete.

When you use the single ECS migration solution, note the following:

• The ECS instance restarts during the migration. Evaluate the impact on your system.

• After the migration, no special configuration is required. The public IP address of the ECS instance remains unchanged.

  • Although the public IP address does not change, it is not visible in the operating system of the ECS instance. This type of IP address is called a static public IP address for a VPC-type ECS instance. You can convert the static public IP address of a pay-by-data-transfer ECS instance to an elastic IP address (EIP) for easier management. For more information, see Convert the static public IP address of a VPC-type ECS instance to an EIP.

  • If any of your applications depend on the public IP address being visible in the ECS operating system, the migration will affect them. We recommend that you carefully evaluate this impact.

• After the migration, the private IP addresses of ECS instances in all regions will change.

• The zone of the vSwitch in the destination VPC must be the same as the zone of the ECS instance to be migrated.

• The instance ID and logon information remain unchanged during the migration.

• No extra fees are charged for migrating subscription instances. Starting from the next billing cycle, the instance is billed at the price of a VPC-type instance with the same specifications.

• If there are unfulfilled orders for renewal with specification change or unpaid orders before the migration, these orders are canceled and cannot be restored. You must create new orders.

• After an ECS instance is migrated to a VPC, if the instance uses other Alibaba Cloud services, you must change the access method to the VPC access method. This is part of the hybrid access solution for cloud products.