Back to Details

digitalocean-networking

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

DigitalOcean Networking Skill

DigitalOcean 网络技能

progressive_disclosure: entry_point: summary: "DigitalOcean networking: VPC, firewalls, load balancers, reserved IPs, DNS, IPv6, NAT gateway." when_to_use: - "When designing private networks or segmentation" - "When securing inbound and outbound traffic" - "When configuring load balancing and DNS" quick_start: - "Create a VPC for private traffic" - "Apply firewalls to compute" - "Attach load balancers and reserved IPs" - "Configure DNS records" token_estimate: entry: 90-110 full: 3800-5000

progressive_disclosure: entry_point: summary: "DigitalOcean 网络:VPC、防火墙、负载均衡器、预留IP、DNS、IPv6、NAT网关。" when_to_use: - "设计专用网络或网络分段时" - "保障入站和出站流量安全时" - "配置负载均衡和DNS时" quick_start: - "创建VPC以实现专用流量传输" - "为计算资源应用防火墙规则" - "关联负载均衡器和预留IP" - "配置DNS记录" token_estimate: entry: 90-110 full: 3800-5000

Overview

概述

DigitalOcean networking services secure and control traffic with VPC networking, firewalls, load balancing, DNS, IPv6, and reserved IPs.
DigitalOcean网络服务通过VPC网络、防火墙、负载均衡、DNS、IPv6和预留IP来保障和控制流量。

VPC

VPC

Use VPC to create private network segments for Droplets, Kubernetes, and managed databases.
  • Create a VPC in the same region as compute resources.
  • Attach resources that need private communication.
使用VPC为Droplets、Kubernetes和托管数据库创建专用网络分段。
  • 在与计算资源相同的区域创建VPC。
  • 关联需要专用通信的资源。

Firewalls

防火墙

Use stateful firewalls to restrict inbound and outbound traffic.
  • Define inbound and outbound rules by protocol and port.
  • Apply rules to Droplets and other resources.
使用有状态防火墙限制入站和出站流量。
  • 按协议和端口定义入站和出站规则。
  • 将规则应用到Droplets及其他资源。

Load Balancers

负载均衡器

Use load balancers to distribute traffic across backend resources.
  • Configure health checks and target pools.
  • Terminate TLS and forward to backend services.
使用负载均衡器将流量分发到后端资源。
  • 配置健康检查和目标池。
  • 终止TLS并转发到后端服务。

Reserved IPs

预留IP

Use reserved IPs to keep stable public endpoints.
  • Assign reserved IPs to Droplets.
  • Remap IPs during failover or migration.
使用预留IP保持稳定的公共端点。
  • 为Droplets分配预留IP。
  • 在故障转移或迁移时重新映射IP。

DNS and IPv6

DNS与IPv6

  • Manage DNS records for DigitalOcean and external resources.
  • Enable IPv6 for dual-stack support.
  • 管理DigitalOcean及外部资源的DNS记录。
  • 启用IPv6以支持双栈网络。

NAT Gateway

NAT Gateway

Use NAT Gateway for outbound connectivity from private subnets.
使用NAT Gateway实现专用子网的出站连接。

Networking Workflow

网络工作流

  • Create a VPC per environment.
  • Attach compute and databases to the VPC.
  • Apply firewalls to limit inbound access.
  • Add load balancers for public entry points.
  • Configure DNS and reserved IPs for stable routing.
  • 为每个环境创建一个VPC。
  • 将计算资源和数据库关联到VPC。
  • 应用防火墙以限制入站访问。
  • 添加负载均衡器作为公共入口点。
  • 配置DNS和预留IP以实现稳定路由。

Complementary Skills

配套技能

When using this skill, consider these related skills (if deployed):
  • digitalocean-compute: Droplets, App Platform, and Kubernetes placement.
  • digitalocean-managed-databases: Private database connectivity.
  • digitalocean-management: Monitoring and uptime checks.
Note: Complementary skills are optional. This skill is fully functional without them.
使用本技能时,可考虑搭配以下相关技能(若已部署):
  • digitalocean-compute:Droplets、App Platform和Kubernetes部署。
  • digitalocean-managed-databases:专用数据库连接。
  • digitalocean-management:监控和可用性检查。
注意:配套技能为可选项。即使不使用它们,本技能也可完全正常工作。

Resources

资源

DigitalOcean Docs:
DigitalOcean 文档: