Skip to main content
MyITCyberBack to home
← Insights·Cloud Architecture

Why You Should Delete the Default AWS VPC

·2 min read
AWS network diagram contrasting the default 172.31.0.0/16 VPC with a custom 10.0.0.0/16 VPC split into public, private, and isolated subnets.

The default AWS VPC is fine for kicking the tires. For a real company environment, it is too open, too generic, and too easy to misuse.

The default AWS VPC is good for quick testing, but it is not a good foundation for a company environment.

By default, AWS creates a VPC with 172.31.0.0/16, public subnets in each Availability Zone, an Internet Gateway, and a route to the internet. The default subnets are usually /20, which means thousands of IP addresses per subnet.

This is too open and too generic for production.

A company should build its own VPC with a clear network design. Public subnets should be used only for resources that really need public access, such as load balancers. Application servers should be placed in private subnets, and databases should be placed in isolated subnets.

Subnets should also be sized correctly. Creating very large subnets creates unnecessary noise, wastes IP space, and makes the environment harder to manage.

Deleting the default VPC helps reduce mistakes, prevents accidental public exposure, and forces a cleaner cloud network design that matches the company’s real security and operational needs.

// related reading
Docker Compose GPU access configuration. Left panel shows a compose file without the deploy.resources block, with a flow showing container start, GPU chip with red X, nvidia-smi failing, and workload falling to CPU. Right panel shows a compose file with the deploy.resources.reservations.devices block including driver: nvidia and count: 1, with a flow showing container start, GPU chip with green checkmark, nvidia-smi working, and CUDA available. Bottom strip shows six checks: compose file defines GPU, driver: nvidia, count or device_ids, nvidia-smi from inside, no extra flags, predictable behavior.
AI Infrastructure

Docker Compose Does Not Automatically Use the GPU

On Linux GPU servers, Docker Compose does not use the NVIDIA GPU automatically. The service starts, nothing obviously fails, and the workload quietly falls back to CPU. The fix is a few lines in the compose file, but only if you know to look for them.

Read article
Docker default runtime configuration for NVIDIA GPU containers. Left panel shows daemon.json with only the runtimes block and no default-runtime set, with a flow showing container start falling back to runc, nvidia-smi failing inside the container, and AI workloads dropping to CPU. Right panel shows daemon.json with both default-runtime: nvidia and the runtimes block, with a flow showing the container always using nvidia-container-runtime, nvidia-smi working inside the container, CUDA available, and consistent behavior after restarts and deployments. Below, a GPU server readiness strip with six checks: daemon.json configured, default runtime nvidia, Docker restarted, nvidia-smi in container, survives reboots, works in automation.
AI Infrastructure

Docker Default Runtime: Keep GPU Containers on NVIDIA

On Linux GPU servers, Docker can know about the NVIDIA runtime and still not use it. If default-runtime is missing from daemon.json, every container falls back to runc, nvidia-smi fails inside the container, AI workloads drop to CPU, and the problem looks like an application issue when it is really a one-line configuration gap.

Read article
Back to all insights