TencentDB for PostgreSQL offers network management to ensure the security, efficiency, and flexibility of your instances when providing services both internally and externally. This document introduces the network-related information for PostgreSQL.
Network
There are two types of TencentDB network environments: VPC and classic network.
VPC: A Virtual Private Cloud is a logically isolated network space that you can customize in Tencent Cloud. By default, different VPCs cannot communicate with each other, even within the same region. Similar to a traditional network in a data center, a VPC in Tencent Cloud hosts your cloud service resources.
Classic network: This is a public network resource pool for all Tencent Cloud users. Tencent Cloud centrally manages all cloud resources for users, making management simple and efficient.
Note
Currently, resources cannot be created in the classic network.
Feature differences
SDK | Classic network | VPCs |
Network Customization | Unavailable | This feature is supported. |
Custom Route Configuration | Unavailable | This feature is supported. |
Custom IP | Unavailable | This feature is supported. |
Intercommunication rules | Intra-region connectivity | Interconnectivity between subnets within the same VPC and region. |
Security control | Security Group | Security Group |
Network access
Tencent Cloud services can be accessed over both the public and private networks.
Public network access: This is a service provided by Tencent Cloud for instances to perform public data transfer. Instances enable public IP addresses to communicate with other computers on the network or to access instances through the public network.
Private network access: it is used to provide Local Area Network (LAN) service. Tencent Cloud assigns resources with private IP addresses to allow a free private network communication in the same region or instance access over the private network.
Note
Security groups that currently support public network access are available only in the Guangzhou, Shanghai, Beijing, and Chengdu regions. Instances in other regions may be attacked if the public network access is enabled. We do not recommend that instances in production environment enable public network access. If you need to enable public network access, security group rules must be configured.
Network Configuration
You can configure one or two networks for each TencentDB for PostgreSQL instance.
In scenarios where the instance supports two networks:
An instance can be accessed through different VIPs that belong to different VPCs and subnets.
You can use this feature to change the instance network, for example, from the classic network to VPC or from VPC A to VPC B.
You can use this feature to implement the multi-plane network feature in scenarios where businesses in two different VPCs need to access the same database instance.
Managing Instance Network
The TencentDB for PostgreSQL console provides management operations for the instance's network, including adding, deleting, and modifying networks. For more information, see Modify Network.