A network profile defines a group of networks and network settings that are available for a cloud account in a particular region or data center.

A network profile defines the networking options and capabilities that are made available to deployed machines, based on the network tags in the network component YAML in a blueprint.

Based on tag matching, one or more networks in one or more matched network profiles is available for use when a blueprint is deployed. The network and security settings that are defined in the matched network profile are also applied when the blueprint is deployed.

You typically define network profiles to support a target deployment environment, for example a small test environment where an existing network has outbound access only or a large load-balanced production environment that needs a set of security policies. Think of a network profile as a collection of workload-specific network characteristics.

When you deploy a blueprint, constraints in a blueprint's network components are matched to network tags. For network profiles that contain capability tags, the capability tags are applied to all networks that are available for that profile. See What Are Tags.

Note:

Tag matching does not require that network profiles contain capability tags. For network profiles that do not contain capability tags, tag matching occurs on the network tags only. The network profiles that contain tag-matched networks, or matched subnets for Amazon Web Services and Microsoft Azure, are considered matched network profiles.

A network profile contains the following information. While some settings are optional, they all play an important role.

  • Capability tags

    Capability tags are applied to all networks in the network profile, but only when the networks are used as part of that network profile. Capability tags are an optional grouping and naming tool for network profiles.

  • Networks

    Networks, also referred to as subnets, are logical subdivisions of an IP network. A network groups a cloud account, IP address or range, and network tags to control how and where to provision a blueprint deployment. Network parameters in the profile define how machines in the deployment can communicate with one another over IP layer 3.

    Network tags apply to every instance of the network they have been added to, for all network profiles that contain that network. Networks can be instanced into any number of network profiles. Regardless of network profile residency, a network tag is associated with that network wherever the network is used.

  • Network policies

    A network component in a blueprint can be defined, by using its networkType setting in the blueprint YAML:

    • existing

    • public

    • private

    • outbound

    Depending on the associated cloud account, you can use network policies to define settings for on-demand networks for the outbound and private network types.

    • Do not create an on-demand network

      This network profile can't be used for blueprints that contain the outbound and private network types.

    • Create an on-demand network

      The specified network or subnet names and sizes for the specified network domain are used for the on-demand networks that are created for matched blueprints that contain the outbound and private network types.

    • Create an on-demand security group

      Requires an on-demand security group for the on-demand networks that are created for matched blueprints that contain the outbound and private network types.

      Security groups are applied to all machines in the deployment.

For information about working with network profiles, WordPress Use Case: Add Network Profiles.

For information about working with networks, see Network Resources.