At Exoscale each compute instance is provided with a public IP by default. At creation, public IP assignment can be controlled and offers three modes:
ipv4: The instance is assigned a Public IPv4 address
dual: The instance is assigned a Public IPv4 and a Public IPv6 address
none: No public IP attachment is done on the instance, it is a private instance
Assignment can only be promoted from
instances remain without public IP assignments for the duration of
You can create a private instance from the Portal, or You can also use the CLI.
Here is an example of Private Instance creation using the CLI:
$ exo compute instance create my-private-instance --private-instance ✔ Creating instance "my-private-instance"... 13s ┼──────────────────────┼──────────────────────────────────────┼ │ COMPUTE INSTANCE │ │ ┼──────────────────────┼──────────────────────────────────────┼ │ ID │ 5921300e-6bae-491b-8b15-1e927aef403a │ │ Name │ my-private-instance │ │ Creation Date │ 2023-10-02 20:12:37 +0000 UTC │ │ Instance Type │ standard.medium │ │ Template │ Linux Ubuntu 22.04 LTS 64-bit │ │ Zone │ de-fra-1 │ │ Anti-Affinity Groups │ n/a │ │ Deploy Target │ - │ │ Security Groups │ n/a │ │ Private Instance │ Yes │ │ Private Networks │ n/a │ │ Elastic IPs │ n/a │ │ IP Address │ - │ │ IPv6 Address │ - │ │ SSH Key │ - │ │ Disk Size │ 50 GiB │ │ State │ running │ │ Labels │ n/a │ │ Reverse DNS │ │ ┼──────────────────────┼──────────────────────────────────────┼
This newly created instance will not have any network. Most likely your use case involves some communication with other instances and services, and you should consider attaching a private instance to a private network.
Private instance metadata
Instance metadata is typically served over the http://169.254.169.254 address,
private instances will instead see an additional read-only drive containing their
metadata, compatible with the cloud-init
NoCloud configuration source.
The following caveats apply:
- Windows templates are not able to read metadata from the additional drive, standard Exoscale templates will require setting the password manually from the web portal console after the first boot.
- Metadata drives remain mounted and may contain credential information (for instance after a password reset request), metadata should thus be acted upon quickly