vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/css/umn/css_01_0181.html
Wuwan, Qi 050b395397 CSS UMN 23.2.1 20230926 
Reviewed-by: Kacur, Michal <michal.kacur@t-systems.com>
Co-authored-by: Wuwan, Qi <wuwanqi1@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-committed-by: Wuwan, Qi <wuwanqi1@noreply.gitea.eco.tsi-dev.otc-service.com>
2024-01-10 14:23:15 +00:00

227 lines
18 KiB
HTML
Raw Blame History

<a name="css_01_0181"></a><a name="css_01_0181"></a>
<h1 class="topictitle1">Scenario</h1>
<div id="body0000001463358273"><p id="css_01_0181__en-us_topic_0000001463358273_p16921115418492">CSS integrates shared load balancers and allows you to bind public network access and enable the VPC Endpoint service. Dedicated load balancers provide more functions and higher performance than shared load balancers. This section describes how to connect a cluster to a dedicated load balancer.</p>
<div class="p" id="css_01_0181__en-us_topic_0000001463358273_p156616495323">Advantages of connecting a cluster to a dedicated load balancer:<ul id="css_01_0181__en-us_topic_0000001463358273_ul4633558183713"><li id="css_01_0181__en-us_topic_0000001463358273_li5633135813710">A non-security cluster can also use capabilities of the Elastic Load Balance (ELB) service.</li><li id="css_01_0181__en-us_topic_0000001463358273_li17634145883713">You can use customized certificates for HTTPS bidirectional authentication.</li><li id="css_01_0181__en-us_topic_0000001463358273_li063495816379">Seven-layer traffic monitoring and alarm configuration are supported, allowing you to view the cluster status at any time.</li></ul>
</div>
<p id="css_01_0181__en-us_topic_0000001463358273_p10265850101218">There are eight service forms for clusters in different security modes to connect to dedicated load balancers. <a href="#css_01_0181__en-us_topic_0000001463358273_table4446327845">Table 1</a> describes the load balancer capabilities for the eight service forms. <a href="#css_01_0181__en-us_topic_0000001463358273_table1537163912019">Table 2</a> describes the configurations for the eight service forms.</p>
<div class="notice" id="css_01_0181__en-us_topic_0000001463358273_note1298816116154"><span class="noticetitle"><img src="public_sys-resources/notice_3.0-en-us.png"> </span><div class="noticebody"><p id="css_01_0181__en-us_topic_0000001463358273_p10988201114155">You are not advised to connect an ELB that has bound the public network to a non-security cluster. Non-security clusters can be accessed over HTTP without security authentication. A load balancer with an EIP allows access to such clusters over the Internet, which may bring security risks.</p>
</div></div>
<div class="tablenoborder"><a name="css_01_0181__en-us_topic_0000001463358273_table4446327845"></a><a name="en-us_topic_0000001463358273_table4446327845"></a><table cellpadding="4" cellspacing="0" summary="" id="css_01_0181__en-us_topic_0000001463358273_table4446327845" frame="border" border="1" rules="all"><caption><b>Table 1 </b>ELB capabilities for different clusters</caption><thead align="left"><tr id="css_01_0181__en-us_topic_0000001463358273_row4446127145"><th align="left" class="cellrowborder" valign="top" width="18.94%" id="mcps1.3.5.2.6.1.1"><p id="css_01_0181__en-us_topic_0000001463358273_p54462271544">Security Mode</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="27.060000000000002%" id="mcps1.3.5.2.6.1.2"><p id="css_01_0181__en-us_topic_0000001463358273_p114467271947">Service Form Provided by ELB for External Systems</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.5.2.6.1.3"><p id="css_01_0181__en-us_topic_0000001463358273_p3582618154718">ELB Load Balancing</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.5.2.6.1.4"><p id="css_01_0181__en-us_topic_0000001463358273_p1582618134712">ELB Traffic Monitoring</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.5.2.6.1.5"><p id="css_01_0181__en-us_topic_0000001463358273_p11582218134710">ELB Two-way Authentication</p>
</th>
</tr>
</thead>
<tbody><tr id="css_01_0181__en-us_topic_0000001463358273_row2447527049"><td class="cellrowborder" rowspan="2" valign="top" width="18.94%" headers="mcps1.3.5.2.6.1.1 "><p id="css_01_0181__en-us_topic_0000001463358273_p1044715275413">Non-security</p>
</td>
<td class="cellrowborder" valign="top" width="27.060000000000002%" headers="mcps1.3.5.2.6.1.2 "><p id="css_01_0181__en-us_topic_0000001463358273_p1544712276420">No authentication</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.5.2.6.1.3 "><p id="css_01_0181__en-us_topic_0000001463358273_p5447162710417">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.5.2.6.1.4 "><p id="css_01_0181__en-us_topic_0000001463358273_p1044719276412">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.5.2.6.1.5 "><p id="css_01_0181__en-us_topic_0000001463358273_p2044717271411">No</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row9447132710410"><td class="cellrowborder" valign="top" headers="mcps1.3.5.2.6.1.1 "><p id="css_01_0181__en-us_topic_0000001463358273_p544711271341">One-way authentication</p>
<p id="css_01_0181__en-us_topic_0000001463358273_p1230643764014">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.5.2.6.1.2 "><p id="css_01_0181__en-us_topic_0000001463358273_p20447327145">Yes</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.5.2.6.1.3 "><p id="css_01_0181__en-us_topic_0000001463358273_p94474272045">Yes</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.5.2.6.1.4 "><p id="css_01_0181__en-us_topic_0000001463358273_p124471227649">Yes</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row11447172714420"><td class="cellrowborder" rowspan="2" valign="top" width="18.94%" headers="mcps1.3.5.2.6.1.1 "><p id="css_01_0181__en-us_topic_0000001463358273_p1044712271441">Security mode + HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="27.060000000000002%" headers="mcps1.3.5.2.6.1.2 "><p id="css_01_0181__en-us_topic_0000001463358273_p17447727547">Password authentication</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.5.2.6.1.3 "><p id="css_01_0181__en-us_topic_0000001463358273_p64471927643">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.5.2.6.1.4 "><p id="css_01_0181__en-us_topic_0000001463358273_p44474277417">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.5.2.6.1.5 "><p id="css_01_0181__en-us_topic_0000001463358273_p17448827543">No</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row1944819273415"><td class="cellrowborder" valign="top" headers="mcps1.3.5.2.6.1.1 "><p id="css_01_0181__en-us_topic_0000001463358273_p9448142715417">One-way authentication + Password authentication</p>
<p id="css_01_0181__en-us_topic_0000001463358273_p194314694019">Two-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.5.2.6.1.2 "><p id="css_01_0181__en-us_topic_0000001463358273_p14481627746">Yes</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.5.2.6.1.3 "><p id="css_01_0181__en-us_topic_0000001463358273_p204481827847">Yes</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.5.2.6.1.4 "><p id="css_01_0181__en-us_topic_0000001463358273_p164481127447">Yes</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row24487273416"><td class="cellrowborder" valign="top" width="18.94%" headers="mcps1.3.5.2.6.1.1 "><p id="css_01_0181__en-us_topic_0000001463358273_p166041448144519">Security mode + HTTPS</p>
</td>
<td class="cellrowborder" valign="top" width="27.060000000000002%" headers="mcps1.3.5.2.6.1.2 "><p id="css_01_0181__en-us_topic_0000001463358273_p1144818274413">One-way authentication + Password authentication</p>
<p id="css_01_0181__en-us_topic_0000001463358273_p7932175719401">Two-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.5.2.6.1.3 "><p id="css_01_0181__en-us_topic_0000001463358273_p144812279410">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.5.2.6.1.4 "><p id="css_01_0181__en-us_topic_0000001463358273_p13448192715420">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.5.2.6.1.5 "><p id="css_01_0181__en-us_topic_0000001463358273_p84481327041">Yes</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><a name="css_01_0181__en-us_topic_0000001463358273_table1537163912019"></a><a name="en-us_topic_0000001463358273_table1537163912019"></a><table cellpadding="4" cellspacing="0" summary="" id="css_01_0181__en-us_topic_0000001463358273_table1537163912019" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Configuration for interconnecting different clusters with ELB</caption><tbody><tr id="css_01_0181__en-us_topic_0000001463358273_row09703912017"><td class="cellrowborder" rowspan="2" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p4971395012"><strong id="css_01_0181__en-us_topic_0000001463358273_b1660122818293">Security Mode</strong></p>
</td>
<td class="cellrowborder" rowspan="2" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p1498173913020"><strong id="css_01_0181__en-us_topic_0000001463358273_b74619364295">Service Form Provided by ELB for External Systems</strong></p>
</td>
<td class="cellrowborder" colspan="3" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p998039105"><strong id="css_01_0181__en-us_topic_0000001463358273_b693411512291">ELB Listener</strong></p>
</td>
<td class="cellrowborder" colspan="3" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p49815391007"><strong id="css_01_0181__en-us_topic_0000001463358273_b20236164692918">Backend Server Group</strong></p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row1698239900"><td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p12981439009"><strong id="css_01_0181__en-us_topic_0000001463358273_b13935131517299">Frontend Protocol</strong></p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p59813911010"><strong id="css_01_0181__en-us_topic_0000001463358273_b7936115112915">Port</strong></p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p29815391301"><strong id="css_01_0181__en-us_topic_0000001463358273_b993710153296">SSL Parsing Mode</strong></p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p3982391908"><strong id="css_01_0181__en-us_topic_0000001463358273_b20937115112917">Backend Protocol</strong></p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p13981391409"><strong id="css_01_0181__en-us_topic_0000001463358273_b993881572917">Health Check Port</strong></p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p99818391903"><strong id="css_01_0181__en-us_topic_0000001463358273_b793819151290">Health Check Path</strong></p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row598183911015"><td class="cellrowborder" rowspan="3" valign="top" width="8.719128087191281%"><p id="css_01_0181__en-us_topic_0000001463358273_p99803912018">Non-security</p>
</td>
<td class="cellrowborder" valign="top" width="19.22807719228077%"><p id="css_01_0181__en-us_topic_0000001463358273_p11985396010">No authentication</p>
</td>
<td class="cellrowborder" valign="top" width="11.028897110288971%"><p id="css_01_0181__en-us_topic_0000001463358273_p898839007">HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="11.028897110288971%"><p id="css_01_0181__en-us_topic_0000001463358273_p49813391206">9200</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%"><p id="css_01_0181__en-us_topic_0000001463358273_p99813391800">No authentication</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%"><p id="css_01_0181__en-us_topic_0000001463358273_p4981339104">HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%"><p id="css_01_0181__en-us_topic_0000001463358273_p10981139206">9200</p>
</td>
<td class="cellrowborder" rowspan="3" valign="top" width="13.998600139986003%"><p id="css_01_0181__en-us_topic_0000001463358273_p10981397015">/</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row18350141410368"><td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p5239619173617">One-way authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p1423951923613">HTTPS</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p323913196364">9200</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p17239161973619">One-way authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p1239191923614">HTTP</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p172391919143613">9200</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row0981739509"><td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p13983397012">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p109812391505">HTTPS</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p10988392017">9200</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p13988391301">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p17984391502">HTTP</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p9981239300">9200</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row209818396010"><td class="cellrowborder" rowspan="3" valign="top" width="8.719128087191281%"><p id="css_01_0181__en-us_topic_0000001463358273_p698193919017">Security mode + HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="19.22807719228077%"><p id="css_01_0181__en-us_topic_0000001463358273_p1798163912012">Password authentication</p>
</td>
<td class="cellrowborder" valign="top" width="11.028897110288971%"><p id="css_01_0181__en-us_topic_0000001463358273_p59813391003">HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="11.028897110288971%"><p id="css_01_0181__en-us_topic_0000001463358273_p7981139706">9200</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%"><p id="css_01_0181__en-us_topic_0000001463358273_p1399439404">No authentication</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%"><p id="css_01_0181__en-us_topic_0000001463358273_p189963915011">HTTP</p>
</td>
<td class="cellrowborder" valign="top" width="11.998800119988001%"><p id="css_01_0181__en-us_topic_0000001463358273_p3991639302">9200</p>
</td>
<td class="cellrowborder" rowspan="5" valign="top" width="13.998600139986003%"><p id="css_01_0181__en-us_topic_0000001463358273_p11991339305">/_opendistro/_security/health</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row20476103783617"><td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p742154233610">One-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p6421542143614">HTTPS</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p24211542133615">9200</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p342114263613">One-way authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p8421184263616">HTTP</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p184221742153617">9200</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row69910397017"><td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p69917391408">Two-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p139917390018">HTTPS</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p189913393018">9200</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p199912391900">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p18991539306">HTTP</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p7991039505">9200</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row2099203914015"><td class="cellrowborder" rowspan="2" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p699639209">Security mode + HTTPS</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p79916391501">One-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p49916392009">HTTPS</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p7991139501">9200</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p159912391107">One-way authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p69923912010">HTTPS</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p19919391908">9200</p>
</td>
</tr>
<tr id="css_01_0181__en-us_topic_0000001463358273_row1639069153714"><td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p72910157371">Two-way authentication + Password authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p16291915153720">HTTPS</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p2029121518379">9200</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p42921563718">Two-way authentication</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p1529101519373">HTTPS</p>
</td>
<td class="cellrowborder" valign="top"><p id="css_01_0181__en-us_topic_0000001463358273_p12918156373">9200</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="css_01_0184.html">(Optional) Interconnecting with a Dedicated Load Balancer</a></div>
</div>
</div>
View Git Blame Copy Permalink