从 VPC 内部的 EC2 连接到 ElastiCache(VPC 外部)实例 [英] Connecting to ElastiCache (Outside VPC) instance from a EC2 inside VPC

问题描述

我们有大量应用程序使用一个位于 VPC 之外的 ElasticCache 实例 (Redis)(经典实例).一些应用程序位于 VPC 中，一些应用程序位于 VPC 之外(经典实例).我们如何将所有应用程序连接到缓存?

We have large number of applications that uses one ElasticCache instance (Redis) which is located outside the VPC (a classic instance). Some Applications are located with in VPCs and Some are outside VPC (Classic instances). How can we connect all applications to the cache ?

我们可以将 VPC 外部的应用程序连接到缓存，因为缓存也位于 VPC 外部VPC 中无法连接到缓存的应用程序数量较少.

We have no issue connecting applications outside VPC to the cache as the cache is also located outside VPC There is a smaller number of applications inside VPCs that cannot connect to the cache.

谢谢.

推荐答案

无法从 VPC 实例直接访问经典集群.解决方法是在经典实例上配置 NAT.

Its is not possible to directly access the classic-cluster from a VPC instance. The workaround would be configuring NAT on the classic instance.

NAT 需要一个简单的 tcp 代理

NAT need to have a simple tcp proxy

YourIP=1.2.3.4
YourPort=80
TargetIP=2.3.4.5
TargetPort=22

iptables -t nat -A PREROUTING --dst $YourIP -p tcp --dport $YourPort -j DNAT \
--to-destination $TargetIP:$TargetPort
iptables -t nat -A POSTROUTING -p tcp --dst $TargetIP --dport $TargetPort -j SNAT \
--to-source $YourIP
iptables -t nat -A OUTPUT --dst $YourIP -p tcp --dport $YourPort -j DNAT \
--to-destination $TargetIP:$TargetPort

更多详情:https://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/Access.Outside.html

这篇关于从 VPC 内部的 EC2 连接到 ElastiCache(VPC 外部)实例的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！