本文介绍了亚马逊ELB在VPC的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我们正在使用亚马逊的EC2,我们希望把一个ELB(负载均衡),以2实例上的专用子网。如果我们只是专用子网添加到ELB,也不会得到任何联系,如果我们重视两个子网到ELB话,就可以访问实例,但它往往会超时。有没有人成功地实施了ELB他们VPC的专用子网内?如果是这样,你能或许可以解释的过程给我?

We're using Amazon EC2, and we want to put an ELB (load balancer) to 2 instances on a private subnet. If we just add the private subnet to the ELB, it will not get any connections, if we attach both subnets to the ELB then it can access the instances, but it often will get time-outs. Has anyone successfully implemented an ELB within the private subnet of their VPC? If so, could you perhaps explain the procedure to me?

感谢

推荐答案

我的队友,我只是已经实施ELB的VPC在不同的可用区2个私人子网。你得到超时的原因是,为您添加到负载平衡器每个子网,它得到一个外部IP地址。 (尝试'挖ELB-DNS名,在这里',你会看到多个IP地址)。如果这些IP地址中的一个映射专用子网,它就会超时。映射的IP到公共子网会工作。由于DNS可能会给你的IP地址中的任何一个,有时工作,有时超时。

My teammate and I just have implemented ELB in a VPC with 2 private subnets in different availability zones. The reason you get timeouts is that for each subnet you add to the load balancer, it gets one external IP address. (try 'dig elb-dns-name-here' and you will see several IP addresses). If one of these IP address maps a private subnet, it will timeout. The IP that maps into your public subnet will work. Because DNS may give you any one of the IP addresses, sometimes it works, sometimes it times out.

在一些来回亚马逊,我们发现,ELB只应在公共子网,即具有路由到Internet网关子网。我们希望保持我们的网络服务器在我们的私人子网但允许ELB与他们交谈。为了解决这个问题,我们必须确保我们有一个相应的公共子网的每个可用区中,我们有专用子网。我们然后添加到ELB,公共子网为每个可用区。

After some back and forth with amazon, we discovered that the ELB should only be placed in 'public' subnets, that is subnets that have a route out to the Internet Gateway. We wanted to keep our web servers in our private subnets but allow the ELB to talk to them. To solve this, we had to ensure that we had a corresponding public subnet for each availability zone in which we had private subnets. We then added to the ELB, the public subnets for each availability zone.

起初,这似乎并没有工作,但乱投医后,我们重新创建ELB和一切工作,因为它应该。我认为这是一个错误,或者ELB只是从这么多的变化一个奇怪的状态。

At first, this didn't seem to work, but after trying everything, we recreated the ELB and everything worked as it should. I think this is a bug, or the ELB was just in an odd state from so many changes.

下面是多了还是少了什么,我们做的:

Here is more or less what we did:

  1. 在Web服务器-1运行在PrivateSubnet-1的可用性区美东-1B与安全组称为Web服务器。
  2. 在Web服务器-2运行在PrivateSubnet-2的可用性区美东-1C与安全组称为Web服务器。
  3. 创建一个公共子网中区美东-1B,我们把它叫做PublicSubnet-1。我们保证,我们相关的路由表,其中包括与此新的子网的路由到Internet网关(IG-XXXXX)。 (如果您使用向导创建一个公共/私人VPC,这条路已经存在。)
  4. 创建一个公共子网中区美东-1C,我们把它叫做PublicSubnet-2。我们保证,我们相关的路由表,其中包括与此新的子网的路由到Internet网关(IG-XXXXX)。 (如果您使用向导创建一个公共/私人VPC,这条路已经存在。)
  5. 创建一个新的ELB,增加了它PublicSubnet-1和PublicSubnet-2(不是PrivateSubnet-X)。而且,采摘实例在ELB运行,在这种情况下,Web服务器-1和Web服务器-2。确信指定一个安全组,允许进入的端口80和443。让我们把这个组ELB组。
  6. 在网络服务器组,允许端口80和443从ELB组的流量。

我希望帮助!

这篇关于亚马逊ELB在VPC的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-23 18:42