Register | Login
Advertising
Register
Login
Most-Viewed Articles
New Articles
Publishing Log
Top Publishers
Top-Rated Authors
Top Searches
Trending Articles
Trending Searches
Animals
Arts
Business
Computers
Education
Finance
Games
Health
Home
Internet
News
Recreation
Science
Shopping
Society
Sports
Technology

Alibaba cloud interworking AWS global region solution

Posted by Berger Munoz on February 13th, 2021

1、 Back ground note our company is a global business company. In China, we use Alibaba cloud. Overseas, we use AWS. In China, we visit overseas region resources. That is perhaps one of the most basic requirements. At the operation and maintenance level, leaders require a set of platform to understand global management. In other words, all our operation and maintenance tools such as monitoring, publishing, springboard machines, and so forth are deployed only once In addition , each region has three VPCs, and VPCs are isolated automatically. At present, we've two regions overseas, namely six VPCs. If we want to pull a dedicated line from domestic Alibaba cloud to overseas to get into all overseas VPCs, we need to pull six dedicated lines. It seems a bit unrealistic. We all know that AWS launched a direct gateway service in October, and we just need to pull one dedicated line to aw The VPC interworking between the dedicated line and any overseas AWS region can be realized in virtually any overseas region of AWS https://docs.aws.amazon.com/zh_ cn/directconnect/latest/UserGuide/direct-connect- gateways. html 2、 Architecture diagram our domestic alicloud is in North China 2, and the two overseas AWS regions are distributed in California and Frankfurt, so we find the Singapore region of AWS whilst the access point of the dedicated line to determine a direct gate way in SingaporeThe other elements of AWS are respectively connected with this direct gateway 3. Implementation - Pick a dedicated line provider on the Alibaba side and start the implementation. The dedicated line manufacturers will have the operation manual configured on Alibaba cloud. Following the operation is completed according to the document, a boundary router will be generated in the boundary router of Alibaba cloud's high-speed channel physical dedicated line connection Two routing interfaces are generated in the router interface of high speed channel - private network connection, one is the boundary routing interface, and the other may be the VPC routing interface. a. In high speed channel physical dedicated line connection boundary router, select the boundary router generated just now. The operation to be done here is to incorporate a route. One route points to alicloud VPC, and another hop is the VPC routing interface; the other routes indicate the dedicated line, and another hop is the boundary routing interface Router interface --- select the VPC routing interface generated at the moment, configure the route, the target network segment is the VPC network segment of AWS, and the next hop may be the VPC routing interface generated just now C. configure the security band of alicloud, and release six VPC network segments of AWS to gain access to 2. AWS side A. create a new virtual private gateway in each region and associate with VPC (in Frankfurt and California) Usually do not operate) in the VPC control panel, create a virtual private gate way, and the ASN number can be utilized automatically then find the virtual private gate way built at the moment, and operate --- to attach toVPC may be associated with VPC B. to build a new direct connection gate way in Singapore, it ought to be noted that the ASN number of the direct connection gateway should be within the effective range (operated in Singapore) C. if the special line manufacturer opens a particular line for people, it'll be in AWS direct A virtual interface is opened in connect service. When we accept the virtual interface, we need to pay attention to the connection with the direct connection gate way built above. This is actually the most significant step. Before there is no direct connection gateway, it is always linked to the virtual private gate way, which limits the private line to only access the VPC linked to the virtual private gateway (operating in Singapore) D Following the gate way is successfully from the direct gate way, it will likely be displayed in the attachment of the virtual interface of the direct gate way (operating in Singapore) E. associate the virtual private gate way with the direct gate way (operating in Frankfurt and California respectively) when the status changes to "associated", it indicates that the bond has succeeded F. configure the route table of each VPC and add it to the route table of alicloud VPC Based on the policy, another hop is always to choose the virtual private gate way (operating in Frankfurt and California respectively) G, configure the EC2 security group, and add the alicloud VPC segment white list up to now, all of the configuration work has been completed, and we can visit any VPC in Frankfurt and California of AWS from alicloud. spoto aws machine learning certification

Like it? Share it!


Berger Munoz

About the Author

Berger Munoz
Joined: February 12th, 2021
Articles Posted: 1
Trending Articles | Register | Login
Copyright © 2010-2024 Uberant.com