检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
supported Elastic Load Balance Supported Not supported Elastic Volume Service Supported Supported Face Recognition Supported Not supported Graph Engine Service Supported Not supported Image Recognition Supported Not supported Identity Verification Solution Supported Not supported NAT
Supported Config Virtual Private Cloud SYS.VPC Supported Config Cloud Search Service SYS.ES Supported Config Relational Database Service SYS.RDS Supported Config Elastic Load Balance SYS.ELB Supported ELB TaurusDB SYS.GAUSSDB Supported Config GaussDB SYS.GAUSSDBV5 Supported GaussDB NAT
If not, the IP address may be unreachable due to firewall, NAT Gateway, or DNS configurations. For an HTTPS protocol, the endpoint must start with https:// and be a public IPv4 address, IPv6 address, or domain name.
If NAT 64 protection is enabled and IPv6 access is used, allow traffic from the 198.19.0.0/16 CIDR block to pass through. NAT64 will translate source IP addresses into the CIDR block 198.19.0.0/16 for ACL access control.
Gateway Private NAT Gateways Are in Specified VPCs Configuration change nat.privateNatGateways VPC Endpoint (VPCEP) VPC Endpoint Check for Specified Services Periodic Account Web Application Firewall (WAF) Protection Policies Must Be Configured for Domain Names Protected with WAF
Service Cloud Backup and Recovery Storage Disaster Recovery Service Scalable File Service Turbo Scalable File Service Volume Backup Service Cloud Server Backup Service Data Express Service Dedicated Distributed Storage Service Virtual Private Cloud Elastic IP Elastic Load Balance NAT
EIPs can be bound to or unbound from ECSs, BMSs, virtual IP addresses, NAT gateways, or load balancers. Various billing modes are provided to meet diversified service requirements. URI POST /v1/{project_id}/publicips Table 1 describes the parameters.
High performance requirements: Cloud Native 2.0 networks use VPC networks to construct container networks, eliminating the need for tunnel encapsulation or NAT when containers communicate.
Notes and Constraints If Network Address Translation (NAT) is used, you cannot obtain the IP addresses of the clients. If the client is a container, you can obtain only the IP address of the node where the container is located, but cannot obtain the IP address of the container.
Network resource cost Costs for network services such as Internet bandwidth, public IP addresses, NAT gateways, load balancers, and VPNs Database cost Costs for services such as relational databases and NoSQL databases.
Video Tutorial on Traffic Distribution Techniques This video shows how ELB uses network address translation (NAT) to distribute traffic.
You can also choose whether to clear resources used by the cluster, such as NAT gateways, security groups, and VPCEP resources.
versions later than Kubernetes 1.25, Kubelet uses IPTablesCleanup to migrate the Kubernetes-generated iptables chains used by the components outside of Kubernetes in phases so that iptables chains such as KUBE-MARK-DROP, KUBE-MARK-MASQ, and KUBE-POSTROUTING will not be created in the NAT
You can also choose whether to clear resources used by the cluster, such as NAT gateways, security groups, and VPCEP resources.
Egress visualization Data egresses: All data egresses on the cloud and on-premises are identified, including EIP, NAT, API Gateway, and ROMA.
aa-bb-cc indicates that the private IP address is used by a cloud server in the AZ aa-bb-cc. neutron:VIP_PORT: Virtual IP address neutron:LOADBALANCERV2: Shared load balancer neutron:LOADBALANCERV3: Dedicated load balancer network:endpoint_interface: VPC endpoint network:nat_gateway: NAT
If the cluster forwarding mode is iptables, run the iptables -t nat -L command to view the port. If the cluster forwarding mode is IPVS, run the ipvsadm -Ln command to view the port.
versions later than Kubernetes 1.25, Kubelet uses IPTablesCleanup to migrate the Kubernetes-generated iptables chains used by the components outside of Kubernetes in phases so that iptables chains such as KUBE-MARK-DROP, KUBE-MARK-MASQ, and KUBE-POSTROUTING will not be created in the NAT
OMS.106303 Delete NAT gateway failed. Try again or manually delete the NAT gateway. OMS.106705 Create LTS host group failed. Try again. If the fault persists, contact technical support or submit a service ticket. OMS.16008 Restart migration task failed.
NAT: indicates the NAT Internet access mode EIP: indicates the EIP Internet access mode BOTH: Both the Internet and EIP access modes are supported. internet_mode_list Array of strings Network access modes of desktops. is_attaching_eip Boolean Specifies whether an EIP is being bound
