ApsaraDB for MongoDB supports two network types: classic network and Virtual Private Cloud (VPC). If your ApsaraDB for MongoDB instance resides in the classic network, you can switch the network type of the instance to VPC to enhance network security. This topic describes how to switch the network type of an ApsaraDB for MongoDB instance from classic network to VPC.
Prerequisites
The instance runs MongoDB 4.2 or earlier and uses local disks.
The network type of standalone instances can be set only to VPC and cannot be changed.
Background information
Classic network endpoint: Classic network endpoints are used for communication over the classic network. In the classic network, Alibaba Cloud services are not isolated. To block unauthorized traffic, you must configure security groups or IP address whitelists.
VPC endpoint: VPC endpoints are used for communication over VPCs. A VPC is an isolated network that provides higher security and performance than the classic network. By default, ApsaraDB for MongoDB provides VPC endpoints for instances to ensure high security and performance.
Usage notes
When you switch the network type of an ApsaraDB for MongoDB instance, the instance is disconnected once. We recommend that you perform this operation during off-peak hours or make sure that your application can automatically reconnect to the instance after it is disconnected. This prevents service interruptions.
If you connect to an instance only by using a public endpoint of the instance but not its classic network endpoint, the instance is not disconnected during network type switching.
If you connect to an instance by using its classic network endpoint and want to switch the network type of the instance without interrupting your services, refer to Configure a hybrid access solution to switch the network type of an instance from classic network to VPC.
Procedure
Go to the Replica Set Instances or Sharded Cluster Instances page. In the top navigation bar, select the region in which the instance resides. Then, find the instance and click the ID of the instance.
In the left-side navigation pane of the instance details page, click Database Connections.
In the Internal Connections section, click Switch to VPC.
In the VPC panel, configure the parameters described in the following table.
Parameter
Description
VPC
Select the VPC to which the instance belongs.
Select the vSwitch to which the instance belongs. If no vSwitches are available, create a vSwitch and then select it. For more information about how to create a vSwitch, see the "Create a VPC and a vSwitch" section in the Create and manage a VPC topic.
vSwitch
Retain Original Classic Network Endpoint
Specify whether to retain the original classic network endpoint of the ApsaraDB for MongoDB instance.Retain Original Classic Network Endpoint
On: A VPC endpoint is created while the original classic network endpoint is retained before the specified expiration time. For more information, see Configure a hybrid access solution to switch the network type of an instance from classic network to VPC.
Off: When the network type of the ApsaraDB for MongoDB instance is switched from classic network to VPC, the instance is disconnected. In addition, Alibaba Cloud services in the classic network, such as Elastic Compute Service (ECS) instances, cannot be connected to the ApsaraDB for MongoDB instance.
Click OK.