问题
We have large number of applications that uses one ElasticCache instance (Redis) which is located outside the VPC (a classic instance). Some Applications are located with in VPCs and Some are outside VPC (Classic instances). How can we connect all applications to the cache ?
We have no issue connecting applications outside VPC to the cache as the cache is also located outside VPC There is a smaller number of applications inside VPCs that cannot connect to the cache.
Thanks.
回答1:
Its is not possible to directly access the classic-cluster from a VPC instance. The workaround would be configuring NAT on the classic instance.
NAT need to have a simple tcp proxy
YourIP=1.2.3.4
YourPort=80
TargetIP=2.3.4.5
TargetPort=22
iptables -t nat -A PREROUTING --dst $YourIP -p tcp --dport $YourPort -j DNAT \
--to-destination $TargetIP:$TargetPort
iptables -t nat -A POSTROUTING -p tcp --dst $TargetIP --dport $TargetPort -j SNAT \
--to-source $YourIP
iptables -t nat -A OUTPUT --dst $YourIP -p tcp --dport $YourPort -j DNAT \
--to-destination $TargetIP:$TargetPort
More details: https://docs.aws.amazon.com/AmazonElastiCache/latest/UserGuide/Access.Outside.html
来源:https://stackoverflow.com/questions/38066908/connecting-to-elasticache-outside-vpc-instance-from-a-ec2-inside-vpc