Implementing Public Network Access with Iptables-Based Forwarding
Last updated: 2023-03-02 14:43:00
Overview
CTSDB doesn't support direct public network access for the time being. You can use a CVM instance with a public IP for port forwarding so as to access CTSDB over the public network.
Notes
Because iptables-based forwarding may be unstable, we recommend that you do not access instances over the public network in the production environment.
Directions
1. Log in to a CVM instance and enable the IP forwarding feature. For more information, see Logging In To Linux Instance (Web Shell).
Notes
The CVM instance and the database must be under the same Tencent Cloud account and in the same VPC in the same region.
echo 1 > /proc/sys/net/ipv4/ip_forward
2. Configure the forwarding rule. The sample code below forwards access requests originally to
26.xx.x.2:10001 (CVM instance public IP with a custom port as desired) to the CTSDB instance with the private IP 10.x.x.5:9200:iptables -t nat -A PREROUTING -p tcp --dport 10001 -j DNAT --to-destination 10.x.x.5:9200iptables -t nat -A POSTROUTING -d 10.x.x.5 -p tcp --dport 9200 -j MASQUERADE
3. Configure the security group to open the public port of the CVM instance. We recommend that you configure a security group rule to allow only the source which needs to connect to the Redis instance. For more information, see Adding Security Group Rules.
4. To connect to the CTSDB instance over the private network at its public IP (
26.xx.xx.2:10001 in the sample code), you can use the same way as the private network connection. For more information, see Connecting to Instance.
Yes
No
Was this page helpful?