在Azure中设置的MongoDB副本，我应将防火墙指向何处? [英] MongoDB replica set in Azure, where do I point the firewall?

问题描述

我有一个天蓝色的mongoDB副本集 我有: server1主服务器 服务器2次要 server3仲裁器

I have a mongoDB replica set in azure I have: server1 Primary server2 secondary server3 Arbiter

我的本​​地计算机上有一个开发环境，我想指向该mongoDB实例

I have a dev environment on my local machine that I want to point to this mongoDB instance

我如何在Azure防火墙上打开什么以确保已按照最佳实践设置此配置.

What do I open on my Azure Firewall to make sure this configuration is setup with best practices.

我是为主服务器和辅助服务器创建负载平衡端点，还是为仲裁器创建单个端点，或者甚至是其他东西?

Do I create a load balanced endpoint to the Primary and Secondary or do I create a single endpoint to the arbiter, or perhaps even something else?

谢谢！

推荐答案

MongoDB在负载平衡的端点上不能很好地工作(因为您最终可能会向辅助节点发送流量，除非对此您无法控制，否则您为每个VM实施了自定义探针，然后需要根据副本集节点的运行状况为每个节点更新探针的状态). MongoDB客户端驱动程序旨在与副本集的拓扑一起使用，以就与哪个节点进行通信做出正确的决定.每个副本集节点应具有一个离散的可寻址ip:port.如果您将所有实例都放在一个云服务中(例如myservice.cloudapp.net)，则每个实例将需要一个端口(因为它们都共享一个IP地址).如果每个实例都在不同的云服务中，则每个实例可以具有相同的端口，每个实例具有不同的dns名称/ip地址.

MongoDB will not play well with a load-balanced endpoint (as you might end up sending traffic to a secondary, and you'd have no control over this unless you implemented a custom probe for each VM, and then you'd need to update the probe's status based on the replicaset node's health, for each node). The MongoDB client-side driver is designed to work with a replicaset's topology to make the correct decision on which node to communicate with. Each replicaset node should have a discrete addressable ip:port. If you have all your instances in a single cloud service (e.g. myservice.cloudapp.net) then you'll need one port per instance (since they'd all share a single ip address). If each instance is in a different cloud service, then you can have the same port for each, with different dns name / ip address for each.

这篇关于在Azure中设置的MongoDB副本，我应将防火墙指向何处?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！