在Azure中设置的MongoDB副本,我应将防火墙指向何处? [英] MongoDB replica set in Azure, where do I point the firewall?
问题描述
我有一个天蓝色的mongoDB副本集 我有: server1主服务器 服务器2次要 server3仲裁器
I have a mongoDB replica set in azure I have: server1 Primary server2 secondary server3 Arbiter
我的本地计算机上有一个开发环境,我想指向该mongoDB实例
I have a dev environment on my local machine that I want to point to this mongoDB instance
我如何在Azure防火墙上打开什么以确保已按照最佳实践设置此配置.
What do I open on my Azure Firewall to make sure this configuration is setup with best practices.
我是为主服务器和辅助服务器创建负载平衡端点,还是为仲裁器创建单个端点,或者甚至是其他东西?
Do I create a load balanced endpoint to the Primary and Secondary or do I create a single endpoint to the arbiter, or perhaps even something else?
谢谢!
推荐答案
MongoDB在负载平衡的端点上不能很好地工作(因为您最终可能会向辅助节点发送流量,除非对此您无法控制,否则您为每个VM实施了自定义探针,然后需要根据副本集节点的运行状况为每个节点更新探针的状态). MongoDB客户端驱动程序旨在与副本集的拓扑一起使用,以就与哪个节点进行通信做出正确的决定.每个副本集节点应具有一个离散的可寻址ip:port.如果您将所有实例都放在一个云服务中(例如myservice.cloudapp.net
),则每个实例将需要一个端口(因为它们都共享一个IP地址).如果每个实例都在不同的云服务中,则每个实例可以具有相同的端口,每个实例具有不同的dns名称/ip地址.
MongoDB will not play well with a load-balanced endpoint (as you might end up sending traffic to a secondary, and you'd have no control over this unless you implemented a custom probe for each VM, and then you'd need to update the probe's status based on the replicaset node's health, for each node). The MongoDB client-side driver is designed to work with a replicaset's topology to make the correct decision on which node to communicate with. Each replicaset node should have a discrete addressable ip:port. If you have all your instances in a single cloud service (e.g. myservice.cloudapp.net
) then you'll need one port per instance (since they'd all share a single ip address). If each instance is in a different cloud service, then you can have the same port for each, with different dns name / ip address for each.
这篇关于在Azure中设置的MongoDB副本,我应将防火墙指向何处?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!