Applications running on TEM usually need public network access, and also require allowlist access in scenarios such as mini programs. In these cases, the application should have a fixed public IP.
This document describes how to enable public network access of the applications deployed on TEM.
Solution
The applications are deployed in a TEM environment, which associates with your VPC. In other words, they are essentially deployed in your VPC. You can configure a NAT Gateway instance and associate it with an EIP for your VPC, allowing the applications in your VPC to access the public network.
Log in to the NAT Gateway console, select the region where the TEM applications are deployed, and click +New to create a NAT Gateway instance.
Network: select the VPC with which the environment of the TEM applications associates.
Elastic IP: if there is no available Elastic IP (EIP), click Create Now to purchase an EIP, and then return to the Create NAT Gateway page to select it.
Step 3: Configure the NAT Gateway in the VPC console
1. Log in to the TEM console and access the Environment page. Select the environment in which the TEM applications are deployed to enter its details page.
2. Click the VPC next to Cluster Network to enter the VPC details page.
3. Select the Route Table module.
4. Click Create on the Route Table page to configure a route table.
Destination: select the public IP address to be accessed. You can configure a CIDR block for this parameter. For example, if you enter 0.0.0.0/0, all traffic will be forwarded to the NAT Gateway.
Next hop type: select NAT Gateway.
Next hop: select the NAT Gateway created in the Step 2.
5. On the Route Table page, locate the route table just created, and click More > Associated Subnets under the Operation column. In the pop-up window, select the subnet associated with the environment in which the TEM applications are deployed.
Step 4: Verify whether the TEM applications can access the public network
1. Log in to the TEM console and access the Application Management page. Click the ID/Name of the TEM applications to enter the instance list page.
2. Click Webshell under the Operation column of the target application.
3. Verify whether the application can access the public network.
Step 5: (optional) Query public network access IP addresses
1. Log in to the TEM console and access the Environment page. Select the environment in which the TEM applications are deployed to enter its details page.
2. Click the VPC next to Cluster Network to enter the VPC details page.
3. Select the NAT Gateway module to go to the NAT Gateway page.
4. Click the ID/Name of the target NAT Gateway to access its details page. Select the Bind Elastic IP tab to view the IP addresses that can access the public network.
Additional Fees
The NAT Gateway and EIP will be charged separately. For pricing details, see:
