Resource classification
KakaoCloud provides services across multiple data centers. These data centers are interconnected, allowing users to access desired types of resources from anywhere in the world. KakaoCloud resources are classified into 'Global resources', 'Regional resources', and 'Availability Zone resources'.
| Resource classification | Description |
|---|---|
| Global resources | Resources of a high-level concept that do not belong to a specific region and can be used commonly across multiple regions. |
| Regional resources | Resources that can only be used within a specific region. - They operate independently between regions and must be created separately for each region. |
| Availability Zone resources | Resources that can only be used within a specific Availability Zone (AZ). - They are managed separately from resources in other Availability Zones within the same region. |
Difference between
Regional resources and Availability Zone resourcesRegional resources can utilize all resources in that region, whereas Availability Zone resources can only utilize resources located in the same Availability Zone.
For example, to connect Block Storage to a specific instance, both the regional resource and the availability zone resource must be in the same Availability Zone. Similarly, to assign a Public IP address to an instance, that instance must be located in the same region as the Public IP address.
info
The real-time status of KakaoCloud services is provided through the KakaoCloud Status Board.
In the event of an issue, event information is provided on the Status Board to support customers in responding more quickly.
Global resources
Global resources are not dependent on a specific region and are resources that can be used commonly across multiple regions. This mainly includes resources applied globally, such as projects, authentication, and billing.
| Resource | Description |
|---|---|
| Project | A high-level unit for logically grouping resources, used as a basis for billing and access control. |
| IAM Policy | An access control policy resource declared globally at the organization or project level and applied consistently to all regional resources. |
| Billing Group | A global resource that aggregates usage by project and manages it as a single billing unit. Usage from all regions is consolidated and managed as one billing unit. |
Regional resources
Regional resources can only be used within a specific region, and resources operate independently between regions. To use the same resource, it must be created separately in each region.
| Category | Resource | Description |
|---|---|---|
| Common | Resource ID | Resource IDs (Image ID, Instance ID, Volume ID, Snapshot ID, etc.) can only be used in the region where the resource was created. |
| Resource Name | Resource names (Security Group name, Key Pair name, etc.) can only be used in the region where the resource was created. Resources with the same name can be created in multiple regions, but they do not share a relationship. | |
| Beyond Compute Service | Key Pair | A credential resource created on a per-region basis. It is linked only to instances in that region, but the same public key can be uploaded to other regions for reuse. |
| Image | A regional resource containing operating system information used when an instance is launched. Instances can be launched using images provided in that region. | |
| Snapshot | A point-in-time copy resource of a volume managed on a per-region basis. Snapshot data is stored within the created region and can only be used for volume recovery or replication in the same region. | |
| Beyond Networking Service | VPC | A virtual network resource created on a per-region basis. Only subnets and instances within one region can be connected. |
| Security Group | A resource that controls inbound and outbound traffic access for instances on a per-region basis. Security rules are applied only to resources within the same region. | |
| Routing Table | A network path configuration resource on a per-region basis. It handles routing only between subnets and gateways within the same region. | |
| Public IP | A public address reserved on a per-region basis. It connects only to instances or load balancers in the same region. | |
| Transit Gateway | A hub resource connecting multiple VPCs and on-premises networks within a region. Inter-region connection is not supported. | |
| High Availability Group | A regional resource that integrates and manages load balancers deployed in multiple Availability Zones within a region as a single group. | |
| Container Pack | Repository | A regional resource for storing container images. Accessed through region-specific endpoints. |
| Node Pool | A node group resource managed on a Kubernetes cluster basis. Definition and management are performed at the regional level, while actual nodes are distributed across multiple AZs. | |
| Beyond Storage Service | Bucket | A regional bucket resource of the Object Storage service. Data is stored in the selected region and managed physically separate from other regions. |
| Data Store | MySQL Instance Group | A database instance group resource deployed on a per-region basis in the MySQL service. Instances within the group are distributed across AZs in the region, and backups are managed by group and type (automatic, manual). |
| PostgreSQL Instance Group | A database instance group resource operated on a per-region basis in the PostgreSQL service. Instances within the group are distributed across AZs in the region, and backups are managed by group and type (automatic, manual). | |
| MemStore Cluster | A regional cache cluster based on Redis, not shared between regions. Shards/nodes within the group are distributed across AZs in the region, and backups are managed by group and type (automatic, manual). | |
| Analytics | Hadoop Cluster | A regional Hadoop-based cluster resource for large-scale distributed data processing and storage linkage. |
| Kafka Cluster | A streaming cluster resource created on a per-region basis in the Advanced Managed Kafka service. Cluster configuration, monitoring, and recovery are automated to provide a stable data streaming environment. | |
| Topic | A message publishing resource created on a per-region basis in the Pub/Sub service. Linked to subscriptions in the same region. | |
| Subscription | A message subscription resource created on a per-region basis in the Pub/Sub service. Receives messages published from topics in the same region. | |
| Management | Certificate | A regional certificate resource managed in Certificate Manager. Interoperates with regional resources such as load balancers. |
| Scenario | A workflow resource created on a per-region basis in the Monitoring Flow service. Interoperates with service resources within the region and executes automatically based on conditions. | |
| Workspace | A regional resource constituting a Prometheus monitoring environment. Collection policies vary by region. | |
| Security | Key | A resource managed on a per-region basis in the Key Management Service (KMS). Created and managed in the selected region, supporting key rotation; rotated keys are managed as versions. |
| Secret | A resource managed on a per-region basis in the Secrets Manager service. Created and managed in the selected region; when a secret value changes, a new version is created and managed. |
Availability Zone resources
Availability Zone (AZ) resources can only be used within a specific Availability Zone and are managed independently from other AZs in the same region. They are utilized for ensuring high availability and fault isolation.
| Category | Resource | Description |
|---|---|---|
| Beyond Compute Service | Instance | Computing resources deployed on an Availability Zone basis. Runs only within a specific data center. |
| Volume | A block device connected to an instance in a specific Availability Zone. Cannot be moved to another AZ. | |
| Beyond Networking Service | Subnet | A network segment resource separated on an Availability Zone basis. Forms an independent network boundary between AZs within a region. |
| Network Interface | A network interface resource connected to an instance within an Availability Zone. Can only be connected to instances in that AZ and cannot be moved to another AZ. | |
| Load Balancer | A traffic distribution resource created on an Availability Zone basis. Distributes traffic by managing multiple instances in one Availability Zone as a group. | |
| Beyond Storage Service | File Storage Instance | A file storage instance resource created on an Availability Zone basis in the File Storage service. |