简体繁体 English

AWS fargate 记录到 cloudwatch 会导致 NAT 流量 - 如何避免

[英]AWS fargate logging to cloudwatch causes NAT traffic - how to avoid

原文 2022-10-03 20:07:34 9 1 amazon-web-services/ amazon-ecs/ aws-fargate/ amazon-cloudwatchlogs/ aws-nat-gateway

We got a substantial increase in AWS cost this month which we can track down to ec2-other / EU-NatGateway-Bytes.本月我们的 AWS 成本大幅增加，我们可以追踪到 ec2-other / EU-NatGateway-Bytes。 Our best guess is that this is due to a fargate task that got into trouble and generated a lot of cloudwatch messages.我们最好的猜测是，这是由于 fargate 任务遇到麻烦并生成了大量 cloudwatch 消息。 What's unclear is why cloudwatch messages should go through the NAT gateway.不清楚的是为什么 cloudwatch 消息应该 go 通过 NAT 网关。 That seems unnecessary.这似乎是不必要的。 An alternative could be efs access but there the same applies: why using NAT.另一种方法是 efs 访问，但同样适用：为什么使用 NAT。

Afaik this is really a rather 'vanilla' ecs task, pulling the docker image from ecr Afaik 这真的是一个相当“普通”的 ecs 任务，从 ecr 中提取 docker 图像

Any tips where to look for a possible misconfiguration?在哪里寻找可能的错误配置的任何提示？

Tx!! TX!!

Peter彼得

1 个解决方案

Resources in private VPC su.nets have to go through the NAT Gateway to access anything outside the VPC.私有 VPC su.net 中的资源必须通过 NAT 网关 go 才能访问 VPC 之外的任何内容。 AWS CloudWatch Logs happens to exist outside the VPC. AWS CloudWatch Logs 恰好存在于 VPC 之外。

If you want to avoid this, then you need to create VPC Interface Gateway for CloudWatch Logs , to provide a private connection between your VPC and CloudWatch Logs.如果您想避免这种情况，则需要为 CloudWatch Logs 创建 VPC Interface Gateway ，以在您的 VPC 和 CloudWatch Logs 之间提供私有连接。

AWS EKS Fargate 记录到 AWS Cloudwatch：日志组未创建 - AWS EKS Fargate logging to AWS Cloudwatch: log groups are not creating

如何让 AWS Fargate 将 production.log 发送到 Cloudwatch - How do I get AWS Fargate to send production.log to Cloudwatch

为 AWS Fargate 设置 Cloudwatch 警报高阈值和低阈值 - Set the Cloudwatch Alarm High and Low thresholds for AWS Fargate

AWS ECS Fargate，将日志发送到多个目的地（CloudWatch Logs 和 Elasticsearch） - AWS ECS Fargate, send logs to multiple destinations (CloudWatch Logs and Elasticsearch)

如何降低NAT流量成本——Lambda和SQS - How to reduce NAT traffic costs - Lambda and SQS

重新创建/重新附加 AWS Lambda 控制台日志记录到 CloudWatch - Recreating/reattaching AWS Lambda console logging to CloudWatch

如何在 EKS Fargate 中使用 Fluentbit 设置自定义日志记录？ - How to setup customized logging with Fluentbit in EKS Fargate?

如何在 AWS 中创建 NAT 网关？ - How to create a NAT Gateway in AWS?

如何从触发的 Fargate 任务访问 CloudWatch 事件数据？ - How to access CloudWatch Event data from triggered Fargate task?

如果 AWS Fargate 任务在启用 VPC 终端节点和 NAT 网关的私有 su.net 中预配置，会发生什么情况？ - What will happen if AWS Fargate Tasks are provisioned in private subnet with VPC Endpoints and NAT Gateway enabled?

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS EKS Fargate 记录到 AWS Cloudwatch：日志组未创建 - AWS EKS Fargate logging to AWS Cloudwatch: log groups are not creating 如何让 AWS Fargate 将 production.log 发送到 Cloudwatch - How do I get AWS Fargate to send production.log to Cloudwatch 为 AWS Fargate 设置 Cloudwatch 警报高阈值和低阈值 - Set the Cloudwatch Alarm High and Low thresholds for AWS Fargate AWS ECS Fargate，将日志发送到多个目的地（CloudWatch Logs 和 Elasticsearch） - AWS ECS Fargate, send logs to multiple destinations (CloudWatch Logs and Elasticsearch) 如何降低NAT流量成本——Lambda和SQS - How to reduce NAT traffic costs - Lambda and SQS 重新创建/重新附加 AWS Lambda 控制台日志记录到 CloudWatch - Recreating/reattaching AWS Lambda console logging to CloudWatch 如何在 EKS Fargate 中使用 Fluentbit 设置自定义日志记录？ - How to setup customized logging with Fluentbit in EKS Fargate? 如何在 AWS 中创建 NAT 网关？ - How to create a NAT Gateway in AWS? 如何从触发的 Fargate 任务访问 CloudWatch 事件数据？ - How to access CloudWatch Event data from triggered Fargate task? 如果 AWS Fargate 任务在启用 VPC 终端节点和 NAT 网关的私有 su.net 中预配置，会发生什么情况？ - What will happen if AWS Fargate Tasks are provisioned in private subnet with VPC Endpoints and NAT Gateway enabled?

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM