How to use Object Storage with Private Networks
The Public Gateway feature of the Private Network allows Instances in your Private Network to reach resources on the Internet without using a public IP address.
In this documentation, you will learn how to create an Instance without a public IP address, create a Private Network with a Public Gateway, and a route from your Instance to an Object Storage bucket.
You may need certain IAM permissions to carry out some actions described on this page. This means:
- you are the Owner of the Scaleway Organization in which the actions will be carried out, or
- you are an IAM user of the Organization, with a policy granting you the necessary permission sets
- You have an account and are logged into the Scaleway console
- You have created an Object Storage bucket
How to create an Instance without a public IP
Follow the instructions for creating an Instance. We create an Instance without a flexible IP using the following specifications for our Instance:
- Availability Zone:
nl-ams-1(but you can select the AZ of your choice). - OS Image: Ubuntu 20.04 Focal Fossa
- Instance type: DEV1-S
- Advanced options: Untick the flexible IP option
You could also use one of the following methods to create your Instance:
- Use this link to automatically configure your Instance in the console with the required parameters. Just click Create Instance to launch the instance creation process.
- If you have installed the Scaleway CLI tool, create the Instance using the following command:
scw instance server create type=DEV1-S zone=nl-ams-1 image=ubuntu_bionic root-volume=l:20G name=objectstorage-over-pn ip=none
How to create a Private Network and attach the Instance
- Follow the instructions for creating a Private Network. Make sure you create it in the region that encompasses the Availability Zone of the Instance you previously created.
- Follow the instructions to attach your Instance to the Private Network.
How to create a Public Gateway and attach the Private Network
- Follow the instructions for creating a Public Gateway:
- Select the same Availability Zone as for your previously created Instance.
- Leave the IP configuration empty to allocate a new IP to your Public Gateway.
- You can choose a gateway type, name and tags according to your choice. After creating your Public Gateway, you are directed to a list of this and any other Public Gateways you have previously created.
- Click on your new Public Gateway’s name. The gateway’s dashboard displays.
- Click the Private Networks tab.
- Click Attach to a new Private Network. A pop-up window displays.
- Select Attach to an existing Private Network and pick a Private Network from the drop-down list. Set Dynamic NAT to active.
- Click Attach to Private Network.
How to set the Object Storage Route
-
SSH into your Instance using the following command:
ssh root@your_virtual_instance_ipNote:As your Instance has no public IP address, you must connect to it using another Instance in your Private Network or assign a temporary public IP to it.
-
Configure the following route to the Object Storage platform:
# set this to keep the network on the instanceip route add 10.0.0.0/8 via `ip route | grep default | awk '{print $3} '` dev ens2# dhcp on pn interfacedhclient ens5# change default routeip route del default via `ip route | grep default | awk '{print $3} '` dev ens2ip route add default via 192.168.42.1 dev ens5 # use the gateway ip in the gateway's descriptioncurl https://s3.nl-ams.scw.cloud
Conclusion
You have now configured an Instance with a Private Network to communicate with Scaleway’s Object Storage platform using the Public Gateway feature. The gateway ensures the exchange of data between your Private Network and the public Internet.