25
4
I have successfully created a VPC peering connection between two private instances if I know their private IP addresses. However, I want to achieve a VPC peering for private instances under the auto-scaling group. Please have a look at the following diagram to understand the infrastructure layout.
如果我知道两个内网实例的内网IP地址,我已经成功创建了两个内网实例之间的私有网络对等连接。不过,我想实现弹性伸缩组下的内网实例的私有网络对等。请看下图以了解基础设施布局。
One of my applications is deployed over a private instance, in VPC B which needs a connection to another application deployed in private instances of VPC A. All the instances are highly scalable due to the Load Balancer and Scaling group.
我的一个应用部署在私有网络B中的私有实例上,需要连接到私有网络A的私有实例中部署的另一个应用。由于有负载均衡和伸缩组,所有实例都具有高度的可扩展性。
One way to achieve this connection is a NAT gateway installed in the public subnet of VPC B to request out to the Internet and received by VPC A and routed towards the load balancer. This is a long round trip, and it has more cost. So I want to achieve it by other means like VPC peering but How can I determine the private IP for instances under VPC A at run time?
实现此连接的一种方法是在私有网络B的公用子网中安装NAT网关,以请求出站到Internet,由私有网络A接收并路由到负载均衡器。这是一个很长的往返旅程,而且成本更高。所以我想通过私有网络对等等其他方式来实现,但是如何在运行时确定私有网络A下的实例的内网IP?
Or can we use VPC peering to do a connection towards the Loadbalancer of VPC A which can route to any private instance?
或者我们可以使用私有网络对等连接到私有网络A的负载均衡,从而可以路由到任何内网实例?
Any help is greatly appreciated.
如有任何帮助,我们不胜感激。
Edit:
编辑:
Current Configuration:
Here is how currently traffic discovers VPC A.
当前配置:以下是当前流量发现VPC A的方式。
When I call https://www.domainForVPCAPrivateInstance.com/api/healthCheck
from any private instance under VPC B, Here is the route It take.
当我从私有网络B下的任意内网实例调用https://www.domainForVPCAPrivateInstance.com/api/healthCheck时,它的路径如下所示。
VPC-B: private ec2 -> NAT gateway => internet -> DNS translation -> VPC A: Elastic load blanacer -> to any private instance in VPC A
私有网络-B:内网EC2->NAT网关=>互联网->域名转换->私有网络A:弹性负载分配器->到私有网络A中的任意内网实例
See Here traffic went through the internet. But VPC peering allows us to communicate between two VPC privately. But for that I have to know the private IP of any instance in VPC A. e.g.
看这里,流量是通过互联网的。但VPC对等允许我们在两个VPC之间进行私下通信。但要做到这一点,我必须知道VPC A中任何实例的内网IP。
https://private-ip-of-ec2-under-vpc-A/api/healthCheck
Https://private-ip-of-ec2-under-vpc-A/api/healthCheck
Right? But I can't determine. IP of instances when they are under load balancer and auto scaling group. They are highly scalable. So which solution allows to communicate between two VPCs' private instances privately when they are under auto scaling?
对吗?但我不能确定。负载均衡和弹性伸缩组下的实例IP。它们具有高度的可扩展性。那么,在弹性伸缩下,哪种方案可以实现两个私有网络内网实例之间的私密通信?
A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses. (From https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html). You can see scenarios and configurations on that page.
私有网络对等连接是两个私有网络之间的网络连接,使您可以使用私有IPv4地址或IPv6地址来路由它们之间的流量。(来自https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html).您可以在该页面上查看场景和配置。
@Franxi , Yes I know that its between private ipv4. How can I determine the private Ipv4 address of private instances running under the load balancer and auto scaling group? that was my actual question.
@Frxi,是的,我知道它在私有的IPv4之间。如何确定负载均衡和弹性伸缩组下运行的内网实例的内网IPv4地址?这才是我真正的问题。
Why you have to determine the private IPv4 address of private instances running under the load balancer? Peering between 2 VPCs, so the traffic can be routed to LB or EC2 ... Of course, you need to update the route table.
为什么要确定负载均衡下运行的内网实例的内网IPv4地址?在两个私有网络之间对等,这样流量就可以路由到负载均衡或EC2...当然,您需要更新路由表。
"I want to achieve it" I don't understand what you are trying to achieve. what are you asking to do, specifically?
“我想实现它”我不明白你想要实现什么。你具体要求做什么?
@Mubasher Accessing the instances directly is not a good solution in your case. You already know that. I think you can consider using NAT GW or internal ALB + VPC peering. Maybe you need to compare pricing, scalability, security, operation effort...
@Mubasher直接删除实例在您的情况下不是一个好的解决方案。你已经知道了我认为您可以考虑使用NAT GW或内部ALB + VPC对等。也许您需要比较定价、可扩展性、安全性、运营工作量.
You could use something like AWS Cloud Map.
您可以使用AWS Cloud Map。
Or you could have your code running in VPC B do some sort of lookup using the AWS API, via an AWS SDK, to get the list of instances registered with the load balancer.
或者,您可以让在vPC B中运行的代码通过AWS SDK使用AWS API执行某种查找,以获取向负载均衡器注册的实例列表。
Or you could add an Internal load balancer that points to the same targets, and make your requests to that.
或者,您可以添加指向相同目标的内部负载平衡器,并向其发出请求。
Can we use private endpoint? I don't have account to test it.
我们可以使用私有终端吗?我没有账户来测试它。
@FranxiHidro do you mean AWS Private Link? docs.aws.amazon.com/vpc/latest/privatelink/concepts.html Yes you could use that, but it still requires you to create another load balancer.
@FransHidro你是指AWS私有链接吗?Docs.aws.amazon.com/vpc/latest/privatelink/concepts.html是的,您可以使用它,但它仍然需要您创建另一个负载均衡器。
I mean the VPC endpoint, powered by AWS PrivateLink. I know it can work for the internal ALB, but I'm not sure about the internet-facing ALB.
我指的是vPC终端,由AWS PrivateLink提供支持。我知道它可以用于内部的白蛋白,但我不确定面向互联网的白蛋白。
@FranxiHidro You can't use AWS PrivateLink with an ALB at all, you have to have an NLB.
@FransHidro您根本不能将AWS PrivateLink与ALB一起使用,您必须拥有NLB。
@MarkB I will evaluate all three solutions and will check which one works and is more feasible in terms of scalability and cost.
@MarkB我将评估所有三种解决方案,并检查哪一种方案有效,在可扩展性和成本方面更可行。
25
4
0
我在 AWS Elastic beanstalk 上有一个 tomcat 应用程序,建议 here我正在使用环境属性设置与数据库的 jdbc 连接,此参数包括数据库的用户和密码。问题是,tomcat
经典的Elasticsearch不解析您的日期。也许我开始失明了。我不知道自己在做什么错,我的模板是: "datestamp": {
我想使用 flex 查询在Kibana中创建警报。我正在使用opendistro警报功能。我想检查最近10分钟内cpu.pct字段的所有值是否大于50,如果是,则发出警报。 { "size": 500
我正在使用Kibana中的警报功能,并且想检查字段的最后5个连续值是否超过阈值x,但是如果我在 flex 查询中使用过滤器,则会在前N个聚合之前应用该过滤器。 有没有一种方法可以使用其他选择器或方法在
我们的指数是超标准的。它是平坦的,并使用logstash从oracle / jdbc转储。 我们也使用相当标准的查询语法来查询 flex : { "size": 20, "from"
您好,我正在执行以下查询: { "_source": [ "source1", "source2", "source3", "source4", ], "q
请告诉我正确的方向:) 我有一个任务:通过查询以 flex 搜索方式查找文档,其中可能包含不必要的单词。 我将说明我的意思: 假设我有一些包含单词“ big red car ”的文档(现在它们在索引的
这是我的一份文件可能看起来像的 { "CC":{"colors":["Blue","Green","Yellow"]}, "CN":{"colors":["White"
语境 弹性 6.0.0 我有以下结构: { "age": 24, "blood": 450, "iv": 700, "job": "boss", "damage": "cut,
我可以使文档不可变吗?当文档提交到相同的 id 时,它们是否不会被重写? POST "localhost:9200/index001/_doc/1" // First time it is creat
我正在制作一个图形应用程序,我可以在其中通过拖动多段线的控制点来编辑多段线。但是,我想通过使其具有弹性来使其更易于使用;拖动控制点时,不是移动单个点,我希望也移动该点一定距离内的点,具体取决于“拉”控
我们都知道云计算拥有弹性扩展的特性,所谓的弹性,即云端的可用资源能够随着用户的需求而灵活变化、自由升降,在业务高峰或低谷期,均能匹配适量的资源,既不捉襟见肘、也不过分浪费。弹性云服务器,简单地说,
我有一个索引,其中多个人可以通过他们的姓名+角色分配给一个文档。 到目前为止,我们通过将“人员”添加为嵌套文档并仅将所有相关人员索引到一个文档中来实现搜索。 我们对查询性能不满意,我想尝试从 "peo
我要执行2个不同的批量上传,每次上传的顺序都是完全无法预测的 在一次加载中,我将具有以下字段:SERVER_NAME,OS和PROD_1_VERSION在另一项中,我将具有以下字段:SERVER_NA
如果我有一个索引到Elasticsearch的JSON文档,如下所示: "_source": { "pid_no": 19321, "aggregator_id
我似乎无法按顺序排列 flex 查询的结果。 我将内存利用率统计信息存储在elasticsearch中。文档示例如下所示: { "Component": "ABC", "memUsage"
给定输入“快速的棕色狐狸跳”,我想为单词创建每种可能的 token 组合。因此,示例字符串将被标记为 [ "quick", "quick brown", "quick fox", "quick jum
我基本上是在尝试编写一个查询,它应该在哪里返回文档 学校是“神圣的国际”,成绩是“第二”。 但当前查询的问题在于它没有考虑必须匹配查询部分。即,即使我没有指定学校给我这份文件,因为它不匹配。 查询给了
我正在尝试在Kibana Canvas 中设置日期格式,因此我遵循了此文档: https://www.elastic.co/blog/kibana-canvas-data-table-and-debu
在用 Flex 编写 token 生成器时,我遇到了这个恼人的错误:“无法识别的规则” 我的代码是: /* Keywords */ TYPE int|double|bool|char L
个人中心
文章发布
退出
我是一名优秀的程序员,十分优秀!