检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Security Group Security Group and Security Group Rule Overview Default Security Groups Security Group Examples Common ECS Ports Managing a Security Group Managing Security Group Rules Managing Instances Added to a Security Group Security Group Migration Examples Parent Topic: Access
In this cluster, ECS-HA1 works as the active ECS and provides services accessible from the Internet using EIP-A. ECS-HA2 works as the standby ECS, with no services deployed on it. If ECS-HA1 goes down, ECS-HA2 takes over services, ensuring service continuity.
Deleting a Route Table ECS On the ECS console, locate the target ECS and delete it. Deleting an ECS Public NAT gateway On the public NAT gateway console, locate the target public NAT gateway and delete it.
Method: Log in to an ECS and ping an IP address in your on-premises data center. Parent topic: Connectivity
Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region.
This route forwards ECS traffic to the NAT gateway and then the ECSs can access the Internet using the EIP.
Scenario 1: Unbinding an EIP from an ECS and Binding a New EIP to the ECS Unbind an EIP. Go to the EIP list page. On the displayed page, locate the row that contains the target EIP, and click Unbind. Click Yes. Assign an EIP.
Values: When type is ecs, the value is an ECS ID. When type is eni, the value is an extension NIC ID. When type is vip, the value is a virtual IP address. When type is nat, the value a NAT gateway ID. When type is peering, the value is a VPC peering connection ID.
If an existing ECS in this subnet needs to use the new domain names, restart the ECS or run a command to restart the DHCP Client service or network service. NOTE: The command for updating the DHCP configuration depends on the ECS OS.
Can I Change the Security Group of an ECS? How Do I Configure a Security Group for Multi-Channel Protocols? Why Are Some Ports of ECSs Inaccessible?
ECS 2 Configure the two ECSs as follows: ECS Name: Set it as needed. In this example, the ECSs are named ECS-01 and ECS-02. ECS flavor: In this example, flow logs of the network interface attached to ECS-01 are collected. Select the ECS flavor that supports flow logs.
Configuring Policy-based Routes for an ECS with Multiple Network Interfaces If an ECS has multiple network interfaces, the primary network interface can communicate with external networks by default, but the extended network interfaces cannot.
ECS Configuration The TFTP daemon determines whether a configuration file specifies the port range. If you use a TFTP configuration file that allows the data channel ports to be configurable, it is a good practice to configure a small range of ports that are not listened on.
Figure 8 Connecting a VPC to an on-premises data center Helpful Link You can create a VPC and an ECS to set up an IPv4 private network on the cloud and then bind an EIP to the ECS to allow the ECS to access the Internet. For details, see Setting Up an IPv4 Network in a VPC.
For example, compute:aa-bb-cc indicates that the IP address is used by an ECS in the AZ aa-bb-cc.): IP address of an ECS NIC neutron:VIP_PORT: Virtual IP address compute:subeni: IP address of a supplementary network interface neutron:LOADBALANCERV2: IP address of a shared load balancer
If the active ECS goes down, the standby ECS becomes the active ECS and continues to provide services. Generally, ECSs use private IP addresses for internal network communication. A virtual IP address has the same network access capabilities as a private IP address.
To assign a virtual IP address to an ECS, the IP address configured in allowed_address_pairs must be an existing ECS NIC IP address. Otherwise, the virtual IP address cannot be used for communication.
in to the ECS and check whether the ECS port is opened.
If an existing ECS in this subnet needs to use the new domain names, restart the ECS or run a command to restart the DHCP Client service or network service. NOTE: The command for updating the DHCP configuration depends on the ECS OS.
Figure 1 Subnet DNS server addresses Figure 2 ECS /etc/resolv.conf file After the DNS server addresses of the subnet are changed, the nameserver configuration of the cloud servers does not take effect immediately. Table 1 shows how the DNS server address change takes effect.
