AWS和Azure混合云设置-是否可以进行此配置(Azure负载均衡器-> AWS VM)?
[英]AWS & Azure Hybrid Cloud Setup - is this configuration at all possible (Azure Load Balancer -> AWS VM)?
问题描述
We have all of our cloud assets currently inside Azure, which includes a Service Fabric Cluster containing many applications and services which communicate with Azure VM's through Azure Load Balancers. 
我们目前在Azure内部拥有所有云资产,其中包括一个Service Fabric群集,其中包含许多应用程序和服务,这些应用程序和服务通过Azure负载平衡器与Azure VM进行通信。 The VM's have both public and private IP's, and the Load Balancers' frontend IP configurations point to the private IP's of the VM's. VM具有公共IP和私有IP,并且负载均衡器的前端IP配置指向VM的私有IP。
What I need to do is move my VM's to AWS . 我需要做的是将虚拟机移至AWS 。 Service Fabric has to stay put on Azure though. 虽然Service Fabric 必须保留在Azure上。 I don't know if this is possible or not. 我不知道这是否可行。 The Service Fabric services communicate with the Azure VM's through the Load Balancers using the VM's private IP addresses. Service Fabric服务使用虚拟机的专用 IP地址通过负载平衡器与Azure VM进行通信。 So the only way I could see achieving this is either: 因此,我可以看到的唯一方法是:
- Keep the load balancers in Azure and direct the traffic from them to AWS VM's. 将负载均衡器保持在Azure中,并将流量从负载均衡器定向到AWS VM。
- Point Azure Service Fabric to AWS load balancers. 将Azure Service Fabric指向AWS负载平衡器。
I don't know if either of the above are technologically possible. 我不知道以上两种技术是否可行。
For #1, if I used Azure's load balancing, I believe the load balancer front-end IP config would have to use the public IP of the AWS VM, right? 对于#1,如果我使用Azure的负载平衡,我相信负载平衡器前端IP配置将必须使用AWS VM的公共IP,对吗? Is that not less secure? 这还不算安全吗? If I set it up to go through a VPN (if even possible) is that as secure as using internal private ip's as in the current load balancer config? 如果我将其设置为通过VPN(如果可能的话),是否与使用当前负载均衡器配置中的使用内部专用ip一样安全?
For #2, again, not sure if this is technologically achievable - can we even have Service Fabric Services "talk" to AWS load balancers? 再次,对于#2,不确定这是否在技术上可以实现-我们甚至可以让Service Fabric Services与AWS负载均衡器“对话”吗? If so, what is the most secure way to achieve this? 如果是这样,最安全的方法是什么?
I'm not new to the cloud engineering game, but very new to the idea of using two cloud services as a hybrid solution. 我对云工程游戏并不陌生,但对于使用两个云服务作为混合解决方案的想法却并不陌生。 Any thoughts would be appreciated. 任何想法将不胜感激。
2 个解决方案
解决方案1
1 已采纳 2018-10-02 06:28:16
As far as I know creating multiregion / multi-datacenter cluster in Service Fabric is possible. 据我所知,可以在Service Fabric中创建多区域/多数据中心群集。
Here are the brief list of requirements to have initial mindset about how this would work and here is a sample not approved by Microsoft with cross region Service Fabric cluster configuration (I know this are different regions in Azure not different cloud provider but this sample can be of use to see how some of the things are configured). 这是关于如何进行工作的初步思路要求的简短列表,这是未经Microsoft批准的跨区域Service Fabric群集配置的示例 (我知道这是Azure中的不同区域,不是不同的云提供商,但是此示例可以是查看如何配置某些东西)。
Hope this helps. 希望这可以帮助。
解决方案2
1 2018-10-02 13:18:33
Based on the details provided in the comments of you own question: 根据您自己的问题的评论中提供的详细信息:
SF is cloud agnostic, you could deploy your entire cluster without any dependencies on Azure at all. SF与云无关,您可以部署整个群集,而完全不依赖Azure。 The cluster you see in your azure portal is just an Azure Resource Screen used to describe the details of your cluster. 在Azure门户中看到的群集只是一个Azure资源屏幕,用于描述群集的详细信息。
Your are better of creating the entire cluster in AWS, than doing the requested approach, because at the end, the only thing left in azure would be this Azure Resource Screen. 与执行请求的方法相比,在AWS中创建整个群集要好得多,因为最后,唯一剩下的就是Azure资源屏幕。
Extending the Oleg answer, "creating multiregion / multi-datacenter cluster in Service Fabric is possible." 扩展Oleg的答案, “可以在Service Fabric中创建多区域/多数据中心群集”。 I would add, that is also possible to create an azure agnostic cluster where you can host on AWS, Google Cloud or On Premises. 我要补充一点,也可以创建一个不可知论的集群,您可以在其中托管AWS,Google Cloud或本地。
The only details that is not well clear, is that any other option not hosted in azure requires an extra level of management, because you have to play around with the resources(VM, Load Balancers, AutoScaling, OS Updates, and so on) to keep the cluster updated and running. 唯一不清楚的细节是,未托管在azure中的任何其他选项都需要额外的管理级别,因为您必须处理资源(VM,负载平衡器,AutoScaling,OS更新等),保持集群更新并运行。
Also, multi-region and multi-zone cluster were something left aside for a long time in the SF roadmap because it is something very complex to do and this is why they avoid recommend, but is possible. 另外,在SF路线图中,多区域和多区域集群很长一段时间都被搁置了,因为这是一件非常复杂的事情,这就是为什么他们避免推荐但还是有可能的。
If you want to go for AWS approach, I guide you to this tutorial: Create AWS infrastructure to host a Service Fabric cluster 如果您想采用AWS方法,那么我将指导您完成本教程: 创建AWS基础设施以托管Service Fabric集群
This is the first of a 4 part tutorial with guidance on how you can Setup a SF Cluster on AWS infrastructure. 这是一个分为4部分的教程的第一部分,其中包含有关如何在AWS基础设施上设置SF集群的指南。
Regarding the other resources hosted on Azure, You could still access then from AWS without any problems. 关于Azure上托管的其他资源,您仍然可以从AWS进行访问,而不会出现任何问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.