多个 ELB 的单个域
Single domain for multiple ELB
单个域名是否可以关联不同域的多个AWS ELB?
例如。我希望 example.com 指向我的第一个 ELB,api.example.com 指向我的第二个 ELB(来自不同的 AWS 账户)。
我尝试为 example.com 创建一个 A record,第一个 ELB 作为别名目标,为 api.example.com 创建另一个 A record,第二个 ELB 作为别名目标,但是只有 example.com 在工作。
对于两个ELB,我使用相同的域名给AWS cert manager注册SSL证书,不知道会不会有什么影响。
是的,您可以为同一域或不同域使用多个负载平衡器。对于 AWS 托管 SSL 证书,您需要所有域名都在同一个证书中,或者您可以为每个域名使用不同的 SSL 证书。我只想用 "example.com" 和 "*.example.com".
创建一个证书
您的问题是您正在为 api.example.com 使用名称为 example.com 的 SSL 证书。 SSL 证书必须包含与域名匹配的名称。
如果您没有在 EC2 实例上安装 SSL 证书,请在负载均衡器上设置 SSL 终止。这意味着为转发到端口 80 的端口 443 创建一个侦听器。
要在不同的帐户中使用 ELB 配置 Route53:
For ELB load balancers, do one of the following:
- If you used the same account to create your Amazon Route 53 hosted zone and your load balancer – Choose Alias Target and choose a load
balancer from the list. If you have a lot of load balancers, you can
type the first few characters of the DNS name to filter the list.
- If you used different accounts to create your Amazon Route 53 hosted zone and your load balancer – Enter the value that you got
in the procedure Getting the DNS Name for an ELB Load Balancer.
- If you used one AWS account to create the current hosted zone and a different account to create a load balancer, the load balancer will
not appear in the Alias Targets list.
- If you used one account to create the current hosted zone and one or more different accounts to create all of your load balancers,
the Alias Targets list shows No Targets Available under Elastic
Load Balancers.
In either case, the console prepends dualstack. to the DNS name. When
a client, such as a web browser, requests the IP address for your
domain name (example.com) or subdomain name (www.example.com), the
client can request an IPv4 address (an A record), an IPv6 address (a
AAAA record), or both IPv4 and IPv6 addresses (in separate requests).
The dualstack. designation allows Amazon Route 53 to respond with the
appropriate IP address for your load balancer based on which IP
address format the client requested.
问题是我忘记允许 ELB 的安全组上的所有传入流量...
单个域名是否可以关联不同域的多个AWS ELB?
例如。我希望 example.com 指向我的第一个 ELB,api.example.com 指向我的第二个 ELB(来自不同的 AWS 账户)。
我尝试为 example.com 创建一个 A record,第一个 ELB 作为别名目标,为 api.example.com 创建另一个 A record,第二个 ELB 作为别名目标,但是只有 example.com 在工作。
对于两个ELB,我使用相同的域名给AWS cert manager注册SSL证书,不知道会不会有什么影响。
是的,您可以为同一域或不同域使用多个负载平衡器。对于 AWS 托管 SSL 证书,您需要所有域名都在同一个证书中,或者您可以为每个域名使用不同的 SSL 证书。我只想用 "example.com" 和 "*.example.com".
创建一个证书您的问题是您正在为 api.example.com 使用名称为 example.com 的 SSL 证书。 SSL 证书必须包含与域名匹配的名称。
如果您没有在 EC2 实例上安装 SSL 证书,请在负载均衡器上设置 SSL 终止。这意味着为转发到端口 80 的端口 443 创建一个侦听器。
要在不同的帐户中使用 ELB 配置 Route53:
For ELB load balancers, do one of the following:
- If you used the same account to create your Amazon Route 53 hosted zone and your load balancer – Choose Alias Target and choose a load
balancer from the list. If you have a lot of load balancers, you can
type the first few characters of the DNS name to filter the list.- If you used different accounts to create your Amazon Route 53 hosted zone and your load balancer – Enter the value that you got in the procedure Getting the DNS Name for an ELB Load Balancer.
- If you used one AWS account to create the current hosted zone and a different account to create a load balancer, the load balancer will
not appear in the Alias Targets list.- If you used one account to create the current hosted zone and one or more different accounts to create all of your load balancers, the Alias Targets list shows No Targets Available under Elastic Load Balancers.
In either case, the console prepends dualstack. to the DNS name. When a client, such as a web browser, requests the IP address for your domain name (example.com) or subdomain name (www.example.com), the client can request an IPv4 address (an A record), an IPv6 address (a AAAA record), or both IPv4 and IPv6 addresses (in separate requests). The dualstack. designation allows Amazon Route 53 to respond with the appropriate IP address for your load balancer based on which IP address format the client requested.
问题是我忘记允许 ELB 的安全组上的所有传入流量...