Networking Overview

NFYio provides VPC (Virtual Private Cloud) networking to isolate your infrastructure and control how resources communicate. Whether you’re running storage buckets, AI agents, APIs, or databases, networking gives you fine-grained control over connectivity and security.

Why VPC Networking?

• Resource isolation — Keep production workloads separate from development and staging
• Private subnets — Run resources without public IP exposure
• Security groups — Control inbound and outbound traffic at the resource level
• Network ACLs — Subnet-level firewall rules for defense in depth
• VPC peering — Connect multiple VPCs for cross-project or cross-region communication

Core Concepts

Virtual Private Cloud (VPC)

A VPC is an isolated network segment with its own IP address range (CIDR block). All resources—buckets, agents, APIs, databases—can be attached to a VPC and communicate within its boundaries.

Subnets

Subnets divide a VPC into smaller segments. You can have:

• Public subnets — Resources can receive traffic from the internet (via an internet gateway)
• Private subnets — No direct internet access; use NAT for outbound traffic

Availability Zones

NFYio supports multiple availability zones. Deploy subnets across zones for high availability and fault tolerance.

Architecture

┌─────────────────────────────────────────────────────────────┐
│                        VPC (10.0.0.0/16)                     │
│  ┌─────────────────────┐    ┌─────────────────────┐         │
│  │  Public Subnet A     │    │  Private Subnet A   │         │
│  │  (10.0.1.0/24)      │    │  (10.0.2.0/24)      │         │
│  │  - Load Balancer    │    │  - Storage Proxy    │         │
│  │  - API Gateway      │    │  - Agent Service    │         │
│  └─────────────────────┘    └─────────────────────┘         │
│  ┌─────────────────────┐    ┌─────────────────────┐         │
│  │  Public Subnet B     │    │  Private Subnet B   │         │
│  │  (10.0.3.0/24)      │    │  (10.0.4.0/24)      │         │
│  └─────────────────────┘    │  - PostgreSQL       │         │
│                             │  - Redis            │         │
│                             └─────────────────────┘         │
└─────────────────────────────────────────────────────────────┘

Getting Started

1. Create a VPC — Define your CIDR block (e.g., 10.0.0.0/16)
2. Add subnets — Create public and/or private subnets in your availability zones
3. Configure security groups — Define rules for resource-level access
4. Attach resources — Assign buckets, agents, and APIs to your VPC subnets

Next Steps

• Virtual Private Cloud (VPC) — Deep dive into VPC architecture and creation
• Subnet Management — Public vs private subnets, routing, and IP assignment
• Security Groups — Resource-level firewall rules