diff --git a/tutorials/load-overflow-proxmox-and-elastic-metal/index.mdx b/tutorials/load-overflow-proxmox-and-elastic-metal/index.mdx
index b91a013e77..90a4609ed4 100644
--- a/tutorials/load-overflow-proxmox-and-elastic-metal/index.mdx
+++ b/tutorials/load-overflow-proxmox-and-elastic-metal/index.mdx
@@ -12,7 +12,7 @@ categories:
- load-balancer
- postgresql-and-mysql
dates:
- validation: 2024-07-02
+ validation: 2024-11-05
posted: 2019-05-20
---
@@ -40,7 +40,7 @@ Finally, we can introduce and configure a Load Balancer to evenly distribute tra
- An [SSH key](/identity-and-access-management/organizations-and-projects/how-to/create-ssh-key/)
- 2 [Elastic Metal servers](/compute/instances/how-to/create-an-instance/) running on Proxmox
- [Created a Private Network](/network/vpc/how-to/create-private-network/) and added your resources to it
-- [Created a Public Gateway](/network/public-gateways/how-to/create-a-public-gateway/) with DHCP enabled
+- [Created a Public Gateway](/network/public-gateways/how-to/create-a-public-gateway/)
- A [domain or subdomain](/network/domains-and-dns/quickstart/) pointed to your Instance
## Preparing Proxmox
@@ -69,7 +69,7 @@ Create or clone your virtual machines on both servers of the cluster to distribu
Make sure to select the bridge `vmbr1`, automatic MAC address generation, and select DHCP for LXC network configuration.
- The DCHP server in your Private Network will automatically assign a random IP address to your container or VM. If required, you can configure [static NAT](/network/public-gateways/how-to/configure-a-public-gateway/#how-to-review-and-configure-dhcp) to assign a static IP address to it.
+ We recommend that you use IPAM to assign an IP on the Private Network to each VM. You first need to [reserve](/network/ipam/how-to/reserve-ip/) an IP address for each machine, then use the IPAM API's [Attach IP to custom resource](https://www.scaleway.com/en/developers/api/ipam/#path-ips-attach-existing-ip-to-custom-resource) method to attach it by passing the VM's name and MAC address.
## Configuring the Load Balancer
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-create-pg.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-create-pg.webp
deleted file mode 100644
index 142a1100cc..0000000000
Binary files a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-create-pg.webp and /dev/null differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-create-pn.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-create-pn.webp
deleted file mode 100644
index db47fef776..0000000000
Binary files a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-create-pn.webp and /dev/null differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-attach-pgw-pn.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-attach-pgw-pn.webp
new file mode 100644
index 0000000000..47ee34d782
Binary files /dev/null and b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-attach-pgw-pn.webp differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-attach-resource.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-attach-resource.webp
new file mode 100644
index 0000000000..357b44333a
Binary files /dev/null and b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-attach-resource.webp differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-create-pgw.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-create-pgw.webp
new file mode 100644
index 0000000000..08aafaaf63
Binary files /dev/null and b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-create-pgw.webp differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-create-pn.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-create-pn.webp
new file mode 100644
index 0000000000..e69c424541
Binary files /dev/null and b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-create-pn.webp differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-ssh-bastion.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-ssh-bastion.webp
new file mode 100644
index 0000000000..759cb58763
Binary files /dev/null and b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway-vpc-ssh-bastion.webp differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_add_instance.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_add_instance.webp
deleted file mode 100644
index 448c8bc448..0000000000
Binary files a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_add_instance.webp and /dev/null differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_add_instance.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_add_instance.webp
deleted file mode 100644
index 124bc02898..0000000000
Binary files a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_add_instance.webp and /dev/null differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_dhcp_status.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_dhcp_status.webp
deleted file mode 100644
index 15b314a4cb..0000000000
Binary files a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_dhcp_status.webp and /dev/null differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_public_gateway_attach_network.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_public_gateway_attach_network.webp
deleted file mode 100644
index 243884d0e5..0000000000
Binary files a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_public_gateway_attach_network.webp and /dev/null differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_public_gateway_list.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_public_gateway_list.webp
deleted file mode 100644
index da00eeca6d..0000000000
Binary files a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_public_gateway_list.webp and /dev/null differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_static_dhcp.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_static_dhcp.webp
deleted file mode 100644
index d84236d025..0000000000
Binary files a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_static_dhcp.webp and /dev/null differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_static_nat.webp b/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_static_nat.webp
deleted file mode 100644
index 7c845afcfe..0000000000
Binary files a/tutorials/vpc-public-gateway-autoconfiguration/assets/scaleway_vpc_static_nat.webp and /dev/null differ
diff --git a/tutorials/vpc-public-gateway-autoconfiguration/index.mdx b/tutorials/vpc-public-gateway-autoconfiguration/index.mdx
index ad248c8dbb..92213d9d9c 100644
--- a/tutorials/vpc-public-gateway-autoconfiguration/index.mdx
+++ b/tutorials/vpc-public-gateway-autoconfiguration/index.mdx
@@ -10,7 +10,7 @@ categories:
- instances
tags: Private-Network instances Public-Gateway
dates:
- validation: 2024-05-20
+ validation: 2024-11-05
---
## Private Networks and Public Gateways - Overview
@@ -31,113 +31,81 @@ dates:
ssh root@
```
-
- You can connect to your Instance even if it does not have a [flexible IP address](/compute/instances/how-to/use-flexips/) by using its IPv6 address.
-
+
+ You can connect to your Instance using its flexible IPv4 or IPv6 address.
+
+
2. Check the status of your network interfaces using the `ip a` command. You see the details of the default Ethernet adapter of your Instance:
```
- 2: ens2: mtu 1500 qdisc fq_codel state UP group default qlen 1000
- link/ether de:1c:a4:2b:d0:39 brd ff:ff:ff:ff:ff:ff
- inet 10.70.104.113/31 scope global dynamic ens2
- valid_lft 85983sec preferred_lft 85983sec
- inet6 2001:bc8:634:c38::1/64 scope global
- valid_lft forever preferred_lft forever
- inet6 fe80::dc1c:a4ff:fe2b:d039/64 scope link
+ 2: enp0s1: mtu 1500 qdisc mq state UP group default qlen 1000
+ link/ether de:00:00:7b:1f:91 brd ff:ff:ff:ff:ff:ff
+ inet 51.158.99.14/32 metric 100 scope global dynamic enp0s1
+ valid_lft 771sec preferred_lft 771sec
+ inet6 2001:bc8:710:5c70:dc00:ff:fe7b:1f91/64 scope global dynamic mngtmpaddr noprefixroute
+ valid_lft 86391sec preferred_lft 14391sec
+ inet6 fe80::dc00:ff:fe7b:1f91/64 scope link
valid_lft forever preferred_lft forever
```
-3. Go to the [Private Networks page](https://console.scaleway.com/private-network/private-networks) of the Scaleway console.
-4. Click **Create a new Private Network**. The Private Network creation wizard displays:
-
-5. Enter the details of the new Private Network and click **Create a Private Network**:
- - Enter a **Name** for the Private Network
- - Select the region for the Private Network
-
-
- Make sure to create the Private Network in the same region as your Instance.
-
-
- Once completed, the list of your Private Networks displays.
-6. Click on the Private Network's name to display its information.
-7. Click the **Attached Resources** tab to see the list of Instances attached to the Private Network.
-8. Select your Instance from the drop-down menu and click **Add Instance** to attach it to the Private Network:
-
-9. Use the `ip a` command on the Instance to verify the presence of the new Ethernet interface:
+3. Go to the [VPC page](https://console.scaleway.com/vpc/vpc) of the Scaleway console.
+4. Click the default VPC of the region that covers your Instance's Availability Zone.
+5. Click **Create Private Network**. The Private Network creation wizard displays:
+
+6. Leave the default settings in place, or enter a customized **name**, **tags** and, in **Advanced Settings**, **CIDR block**.
+7. Click **Create Private Network**.
+ The Private Network is created inside the specified VPC, and its **Overview** page displays.
+8. Click the **Attached Resources** tab to see the list of Instances attached to the Private Network. Currently, no resources are attached.
+9. Click **Attach resource** and select your Instance from the dropdown list that displays. Leave the default IPv4 and IPv6 address settings in place, or specify these addresses yourself if you prefer.
+
+10. Click **Attach to Private Network**. You are returned to the **Attached resources** tab, where your Instance now displays.
+11. Use the `ip a` command on the Instance to verify the presence of the new Ethernet interface:
```
- 3: ens5: mtu 1500 qdisc fq_codel state UP group default qlen 1000
- link/ether 02:00:00:00:5a:d8 brd ff:ff:ff:ff:ff:ff
- inet6 fe80::ff:fe00:5ad8/64 scope link
- valid_lft forever preferred_lft forever
+ 3: enp1s0: mtu 1500 qdisc mq state UP group default qlen 1000
+ link/ether 02:00:00:11:cf:fe brd ff:ff:ff:ff:ff:ff
+ inet 172.16.8.2/22 metric 50 brd 172.16.11.255 scope global dynamic enp1s0
+ valid_lft 86369sec preferred_lft 86369sec
+ inet6 fdf6:47af:d6e7:e60e:d4bf:b161:6073:1c8f/128 scope global dynamic noprefixroute
+ valid_lft 86371sec preferred_lft 71971sec
+ inet6 fe80::ff:fe11:cffe/64 scope link
+ valid_lft forever preferred_lft forever
```
-The Instance is now added to the Private Network but no IP address has been configured. You can configure it manually or use DHCP autoconfiguration with a Public Gateway.
+The Instance is now added to the Private Network, and the Private Network's inbuilt DHCP has assigned the IPv4 address `172.16.8.2/22` and the IPv6 address `fdf6:47af:d6e7:e60e:d4bf:b161:6073:1c8f/128`.
## Creating a Public Gateway
1. Go to the [Public Gateways page](https://console.scaleway.com/public-gateway/public-gateways) of the Scaleway console, and click **Create a Public Gateway**. The Public Gateway creation wizard displays:
-
+
2. Enter the details of the new Public Gateway:
- - Choose the Availability Zone of the Public Gateway.
- - Select the Public Gateway offer
- - Select the Public Gateway IP address. To create a new IP, select **Allocate new IP** in the drop-down list.
- - Enter a name and optional tags for the Public Gateway
+ - Choose the Availability Zone of the Public Gateway. It must match the Availability Zone of your Instance.
+ - Select the Public Gateway offer type.
+ - Select the Public Gateway IP address. Either allocate a new IP, or use one of your existing Public Gateway flexible IPs.
+ - Enter a name and optional tags for the Public Gateway, or leave the default ones in place.
3. Click **Create a Public Gateway**. The Public Gateway is created, and you are taken to the list of your Public Gateways:
-
-4. Click **Manage** to display the Public Gateway Information.
-5. Click **+ Attach a new Private Network** to attach the previously created Private Network to the Public Gateway.
-6. Select the Private Network from the drop-down list, then click **Attach Private Network**:
-
-7. Check if the IP address for the Private Network has been assigned to the Instance using the DHCP server of the Private Gateway by running the `ip a` command:
- ```
- 3: ens5: mtu 1500 qdisc fq_codel state UP group default qlen 1000
- link/ether 02:00:00:00:5a:d8 brd ff:ff:ff:ff:ff:ff
- inet 192.168.0.2/24 brd 192.168.0.255 scope global dynamic ens5
- valid_lft 3513sec preferred_lft 3513sec
- inet6 fe80::ff:fe00:5bea/64 scope link
- valid_lft forever preferred_lft forever
- ```
+4. Click the Public Gateway you just created to go to its dashboard.
+5. Click the **Private Networks** tab, then **Attach to a Private Network**.
+
+6. Configure the attachment:
+ - Select the Private Network you previously created from the drop-down list.
+ - Either choose a specific IPv4 address to use for the attachment, or leave the default auto-allocation option in place.
+ - Activate the toggle to [advertise the default route](/network/public-gateways/concepts/#default-route)
+7. Click **Attach to Private Network**.
- You can see the private IP address `192.168.0.2` has been configured automatically on the interface.
+ The Public Gateway is attached to the Private Network, and you are returned to the list of Private Networks for this gateway.
- Once the Instance is added to the Private Network and autoconfigured through DHCP, it cannot be accessed through its public IPv4 address anymore. Later in this tutorial, we explain how to configure port forwarding to access your Instances through the Public Gateway's public IPv4 address.
+ Once the Instance and a Public Gateway advertising the default route are added to the same Private Network, the Instance cannot be accessed through its public IPv4 address anymore. You should use SSH bastion to access your Instances through the Public Gateway's public IPv4 address, as described in the next section.
-## Configuring port forwarding
-
-Port forwarding allows you to configure a mapping of ports on the IP address of the Public Gateway to IP addresses and ports inside the Private Network. This allows you to access services on Instances in a Private Network without the need for a public IP address on each of them.
-
-1. Return to the [Public Gateways page](https://console.scaleway.com/public-gateway/public-gateways) of the Scaleway console. The list of your Public Gateways displays.
-2. Click > **More Info** next to the relevant Public Gateway to display its information.
-3. Click the **DHCP** tab. Then click **View DHCP Status** to display the list of devices autoconfigured by the DHCP server:
-
-
-
- As you can see in the screenshot above, both entries have the **dynamic** type. This means the DHCP server has dynamically assigned an IP address to each device. The assigned IP address may change and the port forwarding will stop working. To avoid this, configure a **static** lease.
-
-4. Copy the **MAC address** of the device you want to configure. Then click **Configure DHCP**.
-5. Click **Edit** > **Add static association** and enter the MAC address and the private IP address for the Instance. Confirm by clicking
-
-6. Click the **NAT** tab to display the NAT configuration. 5. Click **Edit** > **Add static association** and enter the MAC address and the private IP address for the Instance. Confirm by clicking
-
-7. Click the **NAT** tab to display the NAT configuration.
-
-You can now connect to your Instance using the IP address of the Public Gateway:
-
-```
-ssh root@ -p 2202
-```
-
-You are now logged into the Instance using the IP address of the Public Gateway:
-
-```
-Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.4.0-81-generic x86_64)
+## Configuring and connecting via SSH bastion
-* Documentation: https://help.ubuntu.com
-* Management: https://landscape.canonical.com
-* Support: https://ubuntu.com/advantage
+SSH bastion allows you to make secure SSH connections to resources attached to a Public Gateway. In the case of our Instance, we could even detach its public IP addresses, and still connect via the gateway's public IP and the Instance's private IP on the Private Network.
-root@my-first-instance:~#
-```
+1. Go to the [Public Gateways page](https://console.scaleway.com/public-gateway/public-gateways) of the Scaleway console, and click on the Public Gateway you created previously. Its **Overview** page displays.
+2. In the **SSH bastion** panel, click **Activate**.
+
+3. Leave the default port in place, copy the SSH connection command, and click **Save SSH bastion settings**.
+ SSH bastion is activated, and all the SSH keys currently associated with your Scaleway Project are uploaded to the bastion.
+4. Check that you can connect to your Instance via the gateway's bastion, with the `ssh -J bastion@212.47.227.11:61000 root@1` with the private IP address of your Instance on the Private Network, as established in the previous section. In this case, the command to use is `ssh -J bastion@212.47.227.11:61000 root@172.16.8.2`.
## Going further