问题描述
你好
希望有人能帮忙.我根据文章https://docs.microsoft.com/zh-cn/azure/virtual-machines/windows/sql/virtual-machines-windows-portal-sql-create-failover配置了Azure中的2节点SQLServer FCI -集群
Hope someone can help. I configured a 2 node SQLServer FCI within Azure as per article https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sql/virtual-machines-windows-portal-sql-create-failover-cluster
从Azure VNet内部访问SQLServer实例时,一切工作正常,现在我需要从公共Internet连接,因此我创建了Azure公共负载均衡器并以与内部负载均衡器相同的方式对其进行配置,除了 前端IP现在是Azure公共IP.
Everything is working fine when accessing the SQLServer instance from inside Azure VNet, now I need to connect from the public Internet, so I created an Azure Public Load Balancer and configured it the same way as the Internal Load Balancer, except that the Front End IP is now an Azure Public IP.
当尝试使用SQL Server Management Studio从Internet连接时,连接不起作用,我认为问题是公用IP必须与SQL FCI虚拟IP地址匹配,而该IP FIP虚拟IP地址是当前IP地址中的私有IP.范围 我的Azure Vnet,我可以在FCI中添加第二个IP,但是该IP被限制在VNET子网(10.1.2.x/24)中.
When trying to connect from the Internet using SQL Server Management Studio, connection does not work, I suppose that the problem is that the Public IP must match the SQL FCI virtual IP address that is currently a private IP from within the range of my Azure Vnet, I can add a second IP to my FCI but this IP is constrained to the VNET Subnet (10.1.2.x/24).
我的第二个尝试是创建一个具有2个Nics的VM并使用Windows RRAS服务来配置自己的虚拟设备,因此我配置了一个新的子网(10.1.7.x/24),以便它可以像我的外部"网络并执行以下操作:
My second try was to create a VM with 2 Nics and use Windows RRAS services in order to configure my own Virtual Appliance, so I configured a new Subnet (10.1.7.x/24) so it can work as my "external" network and did the following:
- 使用2个Nics创建一个VM(Windows Server 2016)
- 将Nic01分配给内部子网(10.1.2.x/24)
- 将Nic02分配给外部" ;子网(10.1.7.x/24)
- 我为Azure门户中的Nic02启用了IP转发的Nic02分配了公共IP
- 在以下位置启用了IP转发操作系统级别
- 已安装的远程访问"功能
- 已配置的远程访问" NAT角色
- 在NAT角色配置中,Nic02被定义为公共接口".和Nic01作为专用接口"
- 在NAT角色配置中,我创建了一个规则,以便将通过Nic02端口1433的传入流量NAT转换为内部IP 10.1.2.7端口1433,其中10.1.27是内部负载平衡器使用的IP,并且按照开头引用的条款进行操作 我的帖子
- ,当尝试从Internet连接时,我可以看到到达RRAS VM的流量,以及我可以看到映射"被创建为RRAS控制台,但似乎流量没有流向Azure内部负载均衡器,因此 SQL Management Studio并非从外部进行连接.
- Create a VM with 2 Nics (Windows Server 2016)
- Nic01 was assigned to Internal Subnet (10.1.2.x/24)
- Nic02 was assigned to "external" Subnet (10.1.7.x/24)
- I assigned a Public IP to Nic02
- Enabled IP Forwarding for Nic02 in Azure Portal
- Enabled IP Forwarding at the OS Level
- Installed "Remote Access" feature
- Configured "Remote Access" for NAT role
- Within NAT Role configuration Nic02 was defined as "Public Interface" and Nic01 as "Private Interface"
- Within NAT Role configuration I created a Rule in order to NAT incoming traffic via Nic02 port 1433 to Internal IP 10.1.2.7 port 1433, where 10.1.27 is the IP used by the Internal Load Balancer and is working as per article cited at the beginning of my post
- When trying to connect from the Internet I can see traffic arriving to the RRAS VM and also I can see "mappings" being created a the RRAS console, but it seems traffic is not flowing to the Azure Internal Load Balancer and in consequence SQL Management Studio is NOT connecting from the out side.
如果有人可以帮助此配置,我将非常感激,因为我说过SQL FCI在Azure内部可以正常工作,但现在我需要它从外部(公共Internet)进行连接.
If someone can help with this configuration I will really appreciate it, as I stated SQL FCI is working fine from inside Azure but now I need it to connect from Outside (Public Internet).
此致
恩里克.
Enrique Carbonell
Enrique Carbonell
推荐答案
这篇关于如何配置对SQLServer FailOver群集实例的公共访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!