# High-Level Architecture with Load Balancer and Jump Server in a VPC Setup
## **Introduction**
In this use case, we demonstrate how NeevCloud enables secure cloud networking by implementing a Virtual Private Cloud (VPC) with a Load Balancer (LB) for traffic distribution and a Jump Server for enhanced administrative access. This setup ensures security, scalability, and efficient traffic management for hosting web applications.
## **Architecture Details**
### **VPC Configuration**
* **CIDR**: `10.0.5.0/24` – A private subnet used for internal communication.
* The VPC serves as the foundation of the private network, isolating traffic and enabling secure internal connectivity.
### **Components**
1. **Load Balancer (LB)**:
* Private IP: `10.0.5.5`
* Role: Routes incoming traffic from the public network to the backend web servers.
* Security: Acts as an additional layer, preventing direct public access to web servers.
2. **Web Servers**:
* WS1: IP `10.0.5.10`
* WS2: IP `10.0.5.11`
* WS3: IP `10.0.5.12`
* Role: Hosts the application and serves client requests.
* Deployment: Configured within the private network.
3. **Jump Server (Admin Gateway)**:
* Private IP: `10.0.5.200`
* Floating IP: Assigned for secure external access.
* Role: Used exclusively for administrative access to the private network.
* Security: Provides a single entry point for accessing the internal network.
**3. Public Access via Floating IPs**
Floating IP-1: Routes client traffic to the Load Balancer.
Floating IP-2: Assigned to the Jump Server for administrative tasks, avoiding direct access to the web servers.
## **Step-by-Step Implementation**
### **Step 1: Create a Private Network**
* **Navigate to**: `Networking > Network` in the NeevCloud portal.
* **Action**:
* Provide a name for the network (e.g., `WebVPC`).
* Set CIDR to `10.0.5.0/24`.
* Leave other options at default and create the network.
### **Step 2: Deploy a Router**
* **Navigate to**: `Networking > Routers`.
* **Action**:
* Create a router and name it (e.g., `WebRouter`).
* Set the external gateway to the Public Networ**k**.
* Add the private network (`10.0.5.0/24`) as an interface.
### **Step 3: Launch Virtual Machines**
* **Navigate to**: `Instances > Launch Instance`.
* Web Servers:
* Launch three VMs (WS1, WS2, WS3) with private IPs assigned.
* Assign them to the private VPC.
* Avoid attaching the public network.
* Jump Server:
* Launch one VM and assign it to the private network.
* Avoid attaching the public network to maintain restricted access.
* Assign a floating IP for external access.
### **Step 4: Set Up a Load Balancer**
* **Navigate to**: `Networking > Load Balancers`.
* **Action**:
* Create a Load Balancer and assign it the private IP `10.0.5.5`.
* Add a backend pool with WS1, WS2, and WS3.
* Configure listeners:
* HTTP Listener: Port 80
* HTTPS Listener: Port 443 (recommended for secure communication).
### **Step 5: Allocate and Associate Floating IPs**
* **Navigate to**: `Networking > Floating IPs`.
* **Action**:
* Allocate two floating IPs from the public IP pool.
* Associate:
* Floating IP-**1**: Linked to the Load Balancer for routing public traffic to web servers.
* Floating IP-2: Linked to the Jump Server for secure external access.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.neevcloud.com/neevcloud-guide/use-case/high-level-architecture-with-load-balancer-and-jump-server-in-a-vpc-setup.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.