如何使用堡垒主机通过SSH进行Redshift [英] How to use bastion host to SSH to Redshift
问题描述
我一直在尝试找出如何将Amazon Redshift集群设为私有而非公开访问的方式.我正在尝试将数据从当前的MySQL数据库安全地移至Redshift中的集群.当前,我有一个Python脚本,该脚本创建数据的CSV,将其放入S3,为数据创建表,然后使用COPY将其放入Redshift.我们正在使用Python脚本来自动化该过程.
I have been trying to figure out how to connect to Amazon Redshift clusters when they are private rather than publicly accessible. I am trying to securely move data from our current MySQL DB to a cluster in Redshift. Currently I have a Python script which creates a CSV of the data, puts it in S3, creates a table for the data, then uses COPY to put it in Redshift. We are using the Python script to automate the process.
但是,当集群设置为私有时,我完全无法与Redhsift建立连接.我进行了一些挖掘,发现了有关SSH隧道作为潜在解决方案的信息.据我所知,Redshift不支持SSH,但可以使用堡垒主机通过运行psql的ec2实例进行连接.问题是我需要在Python脚本中执行此操作,以使过程尽可能自动化.
However I am completely unable to establish connections with Redhsift when the cluster is set to private. I did some digging and found out about SSH Tunneling as a potential solution. While Redshift doesn't support SSH to my knowledge it is possible to use a bastion host to connect using an ec2 instance running psql. The issue with this is I need to perform this in the Python script in order to keep the process as automated as possible.
我已经创建了一个ec2实例,并使用PuTTY将psql加载到该实例,但是我不确定如何将该实例用作堡垒主机,即连接到该实例并使用它连接到Redshift,以及如何执行该操作在python脚本中,如果有可能的话.有没有人做过类似的事情或知道如何连接到ec2以及从ec2到redshift?
I have created an ec2 instance and used PuTTY to load psql to it, however I am unsure of how to use that instance as a bastion host i.e. connecting to it and using it to connect to Redshift, and how to acually perform this in the python script if it is at all possible. Has anyone done anything similar or know how to connect to ec2 and from ec2 to redshift?
推荐答案
堡垒仅用于将请求从您自己的计算机转发到Amazon Redshift.您不需要在堡垒上安装任何软件(例如 psql ).
The Bastion will simply be used to forward requests from your own computer to Amazon Redshift. You do not need to install any software (eg psql) on the Bastion.
假设您可以成功使用PuTTY登录到堡垒,请在PuTTY中更改此配置:
Assuming that you can successfully use PuTTY to login to the Bastion, change this configuration in PuTTY:
- 转到隧道配置页面
- 源端口: 5439
- 目标:Redshift群集的完整DNS名称,后跟
:5439 - 点击添加
- 保存您的腻子设置
- Go to the Tunnels configuration page
- Source port: 5439
- Destination: The full DNS name of your Redshift cluster, followed by
:5439 - Click Add
- Save your PuTTY settings
此配置显示:通过SSH连接将本地端口5439重定向到堡垒服务器.从那里,堡垒将流量发送到REDSHIFT-DNS:5439."
因此,堡垒就像一个跳箱一样,转发了您的流量,并没有实际运行任何其他操作.
Thus, the Bastion just acts like a Jump Box, forwarding your traffic and not actually running anything else.
您可以将本地源端口更改为任何您喜欢的端口,以便在同一SSH连接上可以有多个隧道.
You can change the local source port to whatever you like, so you can have multiple tunnels on the same SSH connection.
这篇关于如何使用堡垒主机通过SSH进行Redshift的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
