堆栈内存溢出
  简体   繁体   English

AWS - Fargate 任务的私有地址 static IP

[英]AWS - Private static IP address for Fargate task

 原文  2020-11-13 20:18:26       amazon-web-services/ amazon-ecs/ amazon-vpc/ aws-fargate/ aws-vpn

问题描述

I have the following situation.我有以下情况。 I have a VPC on AWS.我在 AWS 上有一个 VPC。 In this VPC, I have an ECS Fargate cluster with multiple different tasks running.在此 VPC 中,我有一个运行多个不同任务的 ECS Fargate 集群。 Additionally, I have a Site-to-Site VPN for one of my partners set up in this cluster.此外,我在这个集群中为我的一个合作伙伴设置了一个站点到站点 VPN。

Now, this partner has to send HTTP POST (SOAP in fact) requests to one of my Fargate tasks.现在,该合作伙伴必须向我的 Fargate 任务之一发送 HTTP POST(实际上是 SOAP)请求。 This should be possible only through VPN, so the task can't be public-facing.这应该只能通过 VPN 才能实现,因此该任务不能面向公众。 For some reason which I can't control this partner requires a static IP to which requests have to be sent, so ALB is not an option.出于某种我无法控制的原因,此合作伙伴需要 static IP 必须向其发送请求,因此 ALB 不是一个选项。 So I need a way to assign a private (within VPC) static IP to the Fargate task.所以我需要一种方法来将私有(VPC 内)static IP 分配给 Fargate 任务。

I've tried to achieve it with NLB, but not sure if I can send HTTP requests to NLB since it's L4 vs L7.我试图用 NLB 实现它,但不确定我是否可以向 NLB 发送 HTTP 请求,因为它是 L4 与 L7。 Now my only option seems to be an EC2 instance with NGINX which would simply forward all requests to the task's ALB.现在我唯一的选择似乎是带有 NGINX 的 EC2 实例,它会简单地将所有请求转发到任务的 ALB。 I don't like this option because I have not much experience with NGINX configuration.我不喜欢这个选项,因为我对 NGINX 配置经验不多。

Do you think there are any other options for me to achieve what I need?您认为我还有其他选择可以实现我的需要吗?

Thanks in advance提前致谢

1 个解决方案

解决方案1
 1 已采纳  2020-11-13 21:30:19

I've tried to achieve it with NLB, but not sure if I can send HTTP requests to NLB since it's L4 vs L7.我试图用 NLB 实现它,但不确定我是否可以向 NLB 发送 HTTP 请求,因为它是 L4 与 L7。

NLB is L3. NLB 是 L3。 But off course you can use it for HTTP or HTTPS .但当然你可以将它用于 HTTP 或 HTTPS The only difference is that you won't be able to setup http-type listener rules, because NLB is for TCP/UDP.唯一的区别是您将无法设置 http 类型的侦听器规则,因为 NLB 用于 TCP/UDP。 But it does not stop you from using it to distribute HTTP/HTTPS traffic among your fargate tasks.但它不会阻止您使用它在您的 fargate 任务之间分配 HTTP/HTTPS 流量。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 找不到使用公共 IP 地址在 Fargate 中运行的任务 - Task running in Fargate is not found with public IP address AWS Lambda 调用 Fargate 任务 - AWS Lambda invoking Fargate task AWS Fargate 私有 su.net,从 ECR 中提取 - AWS Fargate private subnet, pulling from ECR 域未指向我在 aws lightsail 中的静态 IP 地址 - Domain is not pointing to my static ip address in aws lightsail ECS Fargate - 容器是否可以访问自己的公共IP地址 - ECS Fargate - Can a container access its own Public IP address AWS ECS Fargate 任务:使用 AWS UI 设置请求超时 - AWS ECS Fargate Task: Set request timeout using AWS UI 从 AWS fargate 任务获取内存和 cpu 使用情况 - Get mem and cpu usage from AWS fargate task GPU 支持当前在 AWS-Fargate 集群中的任务 - GPU support for task currently within AWS-Fargate cluster AWS A 记录 static ip 还是平衡器? - AWS A record static ip or balancer? 如何在 AWS EC2 实例中的公共而非私有 IP 地址的端口 3000 上运行应用程序(以便可以在 inte.net 上访问) - How to run application on port 3000 on Public and Not Private IP Address in AWS EC2 Instance (so it can be accessed on the internet)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM