Sangfor Cloud Platform (SCP)

Enterprise Cloud Computing Platform Built on Business-Centric HCI.
{{ $t('productDocDetail.guideClickSwitch') }}
{{ $t('productDocDetail.know') }}
{{ $t('productDocDetail.dontRemind') }}
6.11.3
Sangfor Cloud Platform (SCP) {{ breadTitle }} Networking Service Manual Shared Service Network Gateway Planning
{{sendMatomoQuery("Sangfor Cloud Platform (SCP)","Gateway Planning")}}

Gateway Planning

{{ $t('productDocDetail.updateTime') }}: 2025-12-26

Introduction

Shared service gateway planning is used to manage gateways connecting shared services to resource pools. The traffic egress path of shared services can be defined by adding, editing, or deleting shared service gateways. This ensures tenant VPCs can accurately access the corresponding public services. Gateways are categorized into storage service and non-storage service types. A gateway must be associated with an edge or resource pool. Supports configuring a default gateway.

Shared Service Gateway Addition

Introduction

Refers to configuring the association between the shared service networks and resource pools or edges. The traffic egress type (storage service/non-storage service) for the shared service is defined, enabling the shared service to communicate with tenant VPCs through the gateway.

Constraints and Restrictions

The resource pool version must be SCP 5.8.8 or later. Otherwise, a shared service gateway cannot be added.

Shared service gateways are categorized as storage service and non-storage service types. The gateway type must be selected based on the service attributes (Gateways of storage service type are used only for storage shared services, while gateways of non-storage service type are used for services such as application center and security center).

Multiple shared service gateways can be added to a resource pool, but gateways of the same type (storage service/non-storage service) must be distinguished by using different edges or VLANs.

Prerequisites

You have logged in to SCP using the super admin account.

A resource pool must already be created (Example: Hygon Cluster (c86)), and its version must be SCP 5.8.8 or later.

The edge must already be created and in normal status (Example: The default edge with east-west tunnel).

Precautions

Before a gateway is added, check the network planning of the resource pool to ensure network connectivity between the edge and the resource pool.

If the Set to Default option is enabled, the gateway will be selected by default when a shared service is created. Make sure that this default gateway is available.

The storage service gateway must match the edge of the storage resources to prevent storage traffic path error.

Steps

Step 1.Log in to SCP and go to the Shared Service Network > Shared Services page.

Step 2.Click Gateway at the top of the page, and the Shared Service Gateway pop-up window appears.

Step 3.Click Add Gateway, and the Add New Gateway pop-up window appears.

Step 4.Configure the following fields:

Field

Description

Operation Suggestion

Resource Pool

Select the resource pool with SCP 5.8.8 or later associated with the shared service gateway.

Select the resource pool associated with the business (Example: Hygon Cluster (c86)).

Type

Select the type of shared service gateway. The gateway of storage service type is used for storage shared services, while the gateway of non-storage service type is for other services.

To add a gateway for the application center, select the non-storage service type. To add a gateway for the NAS storage, select the storage service type.

Shared Service Gateway

Select a specific physical or logical egress. It must match the network environment of the resource pool.

Select an existing edge (Example: The default edge with east-west tunnel).

Set to Default

If enabled, the default gateway will be selected when a shared service is created.

Check Enable for this option only when the default gateway is the primary shared service gateway for the resource pool.

Step 5.After the configuration is complete, click OK to finish the shared service gateway addition. You can view the newly added gateway in the Shared Service Gateway pop-up window.

Shared Service Gateway Editing

Introduction

You can modify the configurations of an existing shared service gateway, such as its VLAN ID or default options, thereby adapting to the network environment changes or adjustments in business requirements.

Constraints and Restrictions

The resource pool and the type of gateway cannot be changed. If changes are required, the gateway must be deleted and re-added.

If the shared service gateway is already associated with multiple shared services, make sure that the network is compatible with all associated services when the VLAN ID is changed.

Prerequisites

The shared service gateway must already be created and be in normal status.

The configuration items to be changed (Example: VLAN ID, default option) cannot be strongly depended on by services, or business dependencies must be coordinated and suspended.

Precautions

It is recommended to back up the configuration information of the current gateway before edition to facilitate rollback if issues arise.

After a VLAN ID is changed, the VLAN configuration on the physical switch must be synchronously adjusted to ensure network connectivity.

If the Set to Default option is enabled, make sure that no other conflicting default gateways exist within the same resource pool.

Steps

Step 1.Log in to SCP and go to the Shared Service Network > Shared Services page.

Step 2.Click Gateway at the top of the page.

Step 3.Locate the shared service gateway you want to edit in the Shared Service Gateways pop-up window and click Edit in the Operation column. The Edit Gateway pop-up window appears.

Step 4.The following fields can be changed:

Field

Description

Operation Suggestion

VLAN ID

The VLAN ID for the shared service gateway, used for network isolation. This is an optional field.

Enter the VLAN ID (Example: 200) only when isolation through VLAN is required for the physical network.

Set to Default

If checked, the default gateway will be selected when a shared service is created within the resource pool.

Check as needed, ensuring the selection of a default gateway is reasonable.

Step 5.After the changes are complete, click OK to save and apply the changes.

Delete Shared Service Gateway

Introduction

You can delete the configurations of a shared service gateway that is no longer in use, thereby releasing the gateway resources. This operation applies to scenarios like gateway business decommissioning or network architecture reconstruction.

Constraints and Restrictions

To delete the shared service gateway, the shared services associated with it must be deleted first, or the gateway configuration of these shared services must be modified first.

Once deleted, the gateway configuration cannot be restored. Backing up the configuration information in advance is required.

Prerequisites

Make sure that the shared service gateway is not associated with shared services. You can check it through the shared service list.

The super admin permissions are required for deletion, and the necessity of the deletion operation must be confirmed.

Precautions

Notify all business teams that depend on the gateway before deletion to prevent service interruption.

If the gateway to be deleted is default within the resource pool, set another gateway as the default first. Otherwise, no default gateway will be available when a shared service is created.

Steps

Step 1.Log in to SCP and go to the Shared Service Network > Shared Services page.

Step 2.Click Gateway at the top of the page.

Step 3.In the Shared Service Gateway pop-up window, locate the shared service gateway you want to remove and check the box in front of it.

Step 4.Click Remove, and a confirmation pop-up window appears.

Step 5.After the deletion operation is confirmed, click OK to finish the shared service gateway deletion.