amazon web services - How do I ensure traffic remains restricted to an availability zone? -
i'm looking @ 2 sets of auto-scaled, load balanced, servers, owned 2 aws clients, both deployed within same availability zone , communicating on http.
how make sure traffic between 2 sets of servers doesn't go out internet? latency within availability zone should very low.
multiple aws accounts
if wanting locate services in same availability zone different aws accounts, need determine how each account names each availability zone.
from regions , availability zones:
an availability zone represented region code followed letter identifier; example,
us-east-1a
. ensure resources distributed across availability zones region, independently map availability zones identifiers each account. example, availability zoneus-east-1a
might not same locationus-east-1a
account. there's no way coordinate availability zones between accounts.
well, there is way coordinate it. there 2 ways determine az mapping between aws accounts:
- contact aws support , ask zones map each other between accounts, or
- look @ spot pricing
spot pricing per-az, if @ prices spot instances in each account, you'll able figure out azs map each other. pick instance type , same-shaped graph!
guaranteeing traffic doesn't go on internet
if refer instances via private ip address, traffic never go on internet. if instances in different aws accounts and/or different vpcs, can use vpc peering connect vpcs (even between different accounts). can route traffic via private ip addresses , no traffic flow on internet.
rules vpc peering:
- same region
- non-overlapping ip addresses ranges
- can different aws accounts
Comments
Post a Comment