检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
In addition, compared with the container tunnel network and VPC network, Cloud Native Network 2.0 does not require container tunnel encapsulation and NAT, and provides higher network performance.
mrs.mrs MRS Clusters Have Kerberos Enabled Configuration change mrs.mrs MRS Clusters Support Multi-AZ Deployment Configuration change mrs.mrs MRS Clusters Do Not Have EIPs Attached Configuration change mrs.mrs MRS Clusters Have KMS Encryption Enabled Configuration change mrs.mrs NAT
Check Item 2: Network Connection Between the Cluster and UCS For clusters connected through a public network: Check whether a public IP is bound to the cluster or a public NAT gateway is configured. Check whether the outbound traffic of the cluster security group is allowed.
Use PuTTY to log in to the NAT server with an elastic IP address bound. Ensure that user root and the key file (.ppk file) are used for authentication. Then, use SSH to switch to the SAP HANA node that works as the active node.
Tenant Administrator permission for the logging account Tenant Guest for all other accounts Network management group Centrally deploy and manage enterprise network connection resources, such as Enterprise Router, Virtual Private Network (VPN), Direct Connect (DC), and NAT Gateway.
This may include configurations of DNS, ELB, NAT, and Nginx.conf. Parse configuration files: For each configuration file, you need to compile scripts or use existing tools to parse the content.
or ECS EVS SYS.EVS √ Config or EVS DCS SYS.DCS √ Config Direct Connect SYS.DCAAS √ Config Virtual Private Cloud SYS.VPC √ Config CSS SYS.ES √ Config RDS SYS.RDS √ Config ELB SYS.ELB √ ELB TaurusDB SYS.GAUSSDB √ Config GaussDB(for openGauss) SYS.GAUSSDBV5 √ GaussDB(for openGauss) NAT
Network management team Enterprise Router, Domain Name Service (DNS), NAT Gateway, Elastic IP (EIP), Virtual Private Cloud (VPC), Direct Connect, Cloud Connect, Virtual Private Network (VPN), Cloud Firewall (CFW), Web Application Firewall (WAF), and Anti-DDoS Service (AAD) SecMaster
Check Item 2: Network Connection Between the Cluster and UCS Public network access Check whether a public IP is bound to the cluster or a public NAT gateway is configured. Check whether the outbound traffic of the cluster security group is allowed.
Ensure that the HANA ECSs/ECSs where SAP HANA, SAP HANA Studio, and NAT servers are to be deployed use the same key. Otherwise, SAP HANA installation will fail.
NAT64 is an IPv6 conversion mechanism that enables communication between the IPv6 and IPv4 hosts using network address translation (NAT). WAF can convert an IPv4 source site to an IPv6 website and converts external IPv6 access traffic to internal IPv4 traffic.
recommendations eipNum Number of EIPs Used for target recommendations elbNum Number of load balancers Used for target recommendations vpcNum Number of VPCs Used for target recommendations securityGroupNum Number of security groups Used for target recommendations natNum Number of NAT
If the cluster forwarding mode is iptables, run the iptables -t nat -L command to view the port. If the cluster forwarding mode is IPVS, run the ipvsadm -Ln command to view the port.
In containers, enabling this parameter can prevent the bandwidth of TCP connections that have been translated using NAT from being limited.
Kafka, Data Replication Service (DRS), Data Warehouse Service (DWS), Elastic Load Balance (ELB), Enterprise Router, Elastic Volume Service (EVS), FunctionGraph, GaussDB(for MySQL), GeminiDB, IoT Device Access (IoTDA), Intelligent EdgeFabric (IEF), ModelArts, MapReduce Service (MRS), NAT
If not, the IP address may be unreachable due to firewall, NAT Gateway, or DNS configurations. For an HTTPS protocol, the endpoint must start with https:// and be a public IPv4 address, IPv6 address, or domain name.
If NAT 64 protection is enabled and IPv6 access is used, allow traffic from the 198.19.0.0/16 CIDR block to pass through. NAT64 will translate source IP addresses into the CIDR block 198.19.0.0/16 for ACL access control.
EIPs can be bound to or unbound from ECSs, BMSs, virtual IP addresses, NAT gateways, or load balancers. Various billing modes are provided to meet diversified service requirements. URI POST /v1/{project_id}/publicips Table 1 describes the parameters.
High performance requirements: Cloud Native Network 2.0 uses VPC networks to construct container networks, eliminating the need for tunnel encapsulation or NAT when containers communicate.
versions later than Kubernetes 1.25, Kubelet uses IPTablesCleanup to migrate the Kubernetes-generated iptables chains used by the components outside of Kubernetes in phases so that iptables chains such as KUBE-MARK-DROP, KUBE-MARK-MASQ, and KUBE-POSTROUTING will not be created in the NAT
