If you're hosting your own grid on Amazon, you can enjoy the benefits of Amazon's virtual private cloud (VPC) integration to use the same scalable infrastructure inside a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS cloud, which offers multiple layers of security, including security groups and network access control lists (ACL).

This is great if you want to host grid nodes in your own private subnets.

To use this feature, select VPC when configuring your own hosted grid. ​​

We will then auto-discover available VPC identifiers, security groups and subnets available within your hosted region.

Setting up your VPC

If you haven't already, you will need to create your own VPC prior to creating a grid with Flood. We recommend using a VPC with Public and Private Subnets.

The configuration for this scenario includes a virtual private cloud (VPC) with a public subnet and a private subnet. We will then automatically create grid nodes in the private subnet, with a load balancer in the public subnet.

Here's how to get started: Open your VPC dashboard in the AWS console and click Start VPC Wizard.

Select the VPC with Public and Private Subnets configuration. This will create the two subnets, and grid nodes will be able to reach Flood for test control / results via Network Address Translation (NAT) in the public subnet.

This will also create an m1.small instance for NAT. This eliminates the need to expose grid nodes on the public subnet and removes the hassle of needing elastic IPs for each of your grid nodes.​

In the detailed review, ensure that the availability zones for the public and private subnets are the same. This will ensure that grid nodes can be reached for test results via an elastic load balancer hosted in the public subnet.​

Grid nodes will be created in your private subnet, as such they still need outbound access to Flood and related resources. If creating your own customised VPC in AWS please ensure that the Security -> Network ACL allows outbound access for your private subnet otherwise Grid nodes will fail to start.​

What about a VPC with public subnets only?

AWS provide an alternative scenario using just a single public subnet, and an Internet gateway to enable communication over the Internet.

Unfortunately this configuration does not allow the Grid nodes hosted in the public subnet outbound connectivity to the Internet without installation of an additional NAT instance, or manual assignment of Elastic IPs to each node via your VPC console after the Grid has been created.

For this reason, we recommend using the the VPC wizard to set up a VPC with a NAT instance; for more information, see Scenario 2: VPC with Public and Private Subnets previously described. Otherwise, you can set up the NAT instance manually using the steps detailed here. ​