Network and traffic
Nebula provides a host of network configuration features for your instances. This page explains the different options you have when creating VPCs and subnets for your instances.
VPCs
A VPC (Virtual Private Cloud) is a logically isolated network in Nebula’s infrastructure. It defines the boundaries for your network resources, making them private and secure.
You can control your own virtual network environment by defining a range of available IP addresses with subnets and network gateways.
Create VPCs
You can create VPCs in 2 ways:
- On the VPCs Console page
- During the server creation flow
When you create a VPC, you need to define a name and an IPv4 CIDR block. Choose a VPC CIDR block large enough to accommodate all required subnets. Avoid overlap with other networks to prevent routing conflicts.
In simple terms, a CIDR block, or Classless Inter-Domain Routing block helps you allocate a range of IP addresses for your network. A CIDR block consists of these elements:
- A base IP address, which is the network identifier for the block.
- A subnet mask, or the
/xpart in the CIDR notation specifies how many IP addresses are available for hosts within the block.
The CIDR block you specify for a VPC is permanent and cannot be modified after creation.
Manage VPCs
You can manage your VPCs via the VPCs Console page.
Select a VPC to see:
- the assigned CIDR block
- the associated subnets
- the attached server instances
You can delete VPCs on the VPC details screen.
You can only delete VPCs that have no associated resources. First, terminate any server instances within each subnet that belongs to a VPC, then delete the subnets. Once all resources are removed, you can delete a VPC.
Subnets
Subnets are logical subdivisions within a VPC's IP address range. They enable segmentation of the network and provide a way to organize and control access to your resources.
We recommended that you create separate subnets for external and internal use.
- An external, or frontend subnet serves as the entry point of your network of servers. Use it to host resources that you need to be publicly availabe, such as your web servers or public-facing APIs. You can configure the security group of this subnet to allow public access.
- An internal, or backend subnet ensures that your sensitive resources and internal services are protected form public access. Use it to host resources that should only communicate internally within your network, such as your databases or internal application servers. You can configure the security group of this subnet to deny public access, and only allow traffic from your frontend subnet, or other trusted IP address ranges.
Create subnets
You can create subnets in 2 ways:
- On the details page of VPCs you already created
- During the server creation flow
The CIDR block you specify for a subnet is permanent and cannot be modified after creation.
When you create a subnet, you need to define a name, the IPv4 CIDR block, and a gateway IP address. Divide the VPC’s CIDR block into smaller, non-overlapping subnet ranges based on your application needs.
We recommend that you assign the first IP address in your subnet's address range as the gateway address. This address serves as the entry and exit for your subnet. If the gateway address you select falls outside the subnet's range, the Console returns an error.
Nebula automatically reserves the last IP address in a subnet's address range as a broadcast address. This address enables synchronized communication to all addresses within the subnet's network.
Manage subnets
You can manage your subnets via the details page of the VPC that the subnet is attached to.
Select a VPC, then the subnet you want to manage to see details like:
- the assigned CIDR block
- the subnet's ID
- the gateway IP
- the attached server instances
You can delete subnets on the subnet details screen.
You can only delete subnets that have no associated resources. First, terminate any server instances within the subnet, then delete the subnet itself.
Load balancing
Load balancers help you distribute incoming traffic across a select group of server instances. Use load balancers to utilize your resources effectively and ensure that your servers are always available.
A Nebula load balancer consists of three parts:
- A load balancer instance: the main resource that manages network traffic
- a server group: collects a set of servers with a defined load balancing method
- A listener: handles requests that come in through a specific port and directs those to a server group
A load balancer's resources are mutually dependent: the load balancer instance requires a server group to work, and server groups require listeners that connect each server to the load balancer.
We recommend that you create these resources in this order: load balancer first, then server groups, then listeners.
Create load balancers
You can create load balancers directly in the Console.
To create load balancers, you first need to launch your servers, set up a VPC, define security groups, and set up key pairs for secure authentication.
When you create a load balancer, you need to define a unique name and select the appropriate performance and capacity for your use case. Performance and capacity define aspects like a load balancer's bandwidth, maximum number of connections, connections per second, or queries per second.
Then, you have to attach a VPC from your existing configurations. Select the VPC that hosts the servers to which you want to distribute traffic.
You can optionally define a frontend subnet to receive incoming traffic and a backend subnet to route traffic to. To do this, you first need to create these subnets within the VPC that hosts the servers to which you want to distribute traffic.
Once your load balancer is ready, continue with creating server groups.
Manage load balancers
Open the details page of a load balancer directly from the Load balancers page in the Console to start or stop a load balancer. You can also edit these properties of the load balancer on the same page:
- update the name, performance and capacity, associated VPC, and subnets
- add, edit, or remove listeners through the Listeners tab
Server groups
Server groups help you define a pool of servers that the load balancer can distribute traffic to.
Create server groups
You can create server groups directly in the Console.
When you create a server group, you need to define a unique name and select a load balancing method:
| Algorithm | How it works | When to use |
|---|---|---|
| ROUND_ROBIN | Distributes incoming requests sequentially across servers. | Ideal for evenly distributed workloads with similar server capacity. |
| LEAST_CONNECTIONS | Routes traffic to the server with the fewest active connections. | Best for handling varied workloads and ensuring balanced usage. |
| SOURCE_IP | Directs traffic based on the client’s IP address for session persistence. Incoming requests from the same IP address will be routed to the same server. | Suitable for applications requiring consistent user sessions. |
After your server groups are ready, continue with creating listeners.
Manage server groups
Open the details page of a server group directly from the Server groups page in the Console to edit these properties:
- update the name, the associated load balancer, and the applied load balancing algorithm
- add or remove servers through the Servers tab
Listeners
Use listeners to direct incoming requests from a load balancer port to a specific server group. Navigate to the Listeners tab on the details page of a load balancer in the Console to create a new listener, and define these properties:
- a unique name for the listener
- the HTTP port where the listener will receive incoming requests
- the server group where the listener will forward requests to
A load balancer instance can have multiple listeners, each of which routes incoming network traffic from one port to a server group.
Manage listeners
Navigate to the Listeners tab on the details page of a load balancer in the Console to add, edit, or remove listeners.
After you finish adding your listeners, the load balancer is ready — helping you ensure that your services are reliable and always available.
Next steps
- Understand the available security features
- If you want to move your existing servers to Nebula, check out the migration guides
Need help?
If you have any technical questions or encounter any problems, get in touch with our Support team! We are here to help, and will provide support if you encounter any issues with NebCompute.