Redshift 增强型 VPC 路由的目的?
Purpose of Redshift Enhanced VPC routing?
Redshift 增强型 VPC 路由的用途是什么?
我已阅读文档 https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html
但我不清楚。
创建 redshift 集群时,领导节点驻留在 VPC/子网中。
因此,它将始终使用 VPC 路由、安全组等来路由请求,对吗?
为什么 redshift 在执行“COPY”命令时不使用 VPC 流量?
增强型 VPC 路由强制流量通过您的 VPC。
禁用它后,即使您的集群位于 VPC 中,它也会通过 public Internet 路由流量,而不是通过 VPC。
这是因为它使用 VPC 外部的“内部”网络接口,无论集群本身是否在 VPC 中。
以下是 docs 的相关摘录:
In Amazon Redshift, network traffic created by COPY, UNLOAD, and Amazon Redshift Spectrum flow through a network interface. This network interface is internal to the Amazon Redshift cluster, and is located outside of your Amazon Virtual Private Cloud (Amazon VPC). By default, the network traffic is then routed through the public internet to reach its destination.
However, when you enable Amazon Redshift enhanced VPC routing, Amazon Redshift routes the network traffic through a VPC instead. Amazon Redshift enhanced VPC routing uses an available routing option, prioritizing the most specific route for network traffic. The VPC endpoint is prioritized as the first route priority. If a VPC endpoint is unavailable, Amazon Redshift routes the network traffic through an internet gateway, NAT instance, or NAT gateway.
Redshift 增强型 VPC 路由的用途是什么?
我已阅读文档 https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html 但我不清楚。
创建 redshift 集群时,领导节点驻留在 VPC/子网中。 因此,它将始终使用 VPC 路由、安全组等来路由请求,对吗? 为什么 redshift 在执行“COPY”命令时不使用 VPC 流量?
增强型 VPC 路由强制流量通过您的 VPC。
禁用它后,即使您的集群位于 VPC 中,它也会通过 public Internet 路由流量,而不是通过 VPC。
这是因为它使用 VPC 外部的“内部”网络接口,无论集群本身是否在 VPC 中。
以下是 docs 的相关摘录:
In Amazon Redshift, network traffic created by COPY, UNLOAD, and Amazon Redshift Spectrum flow through a network interface. This network interface is internal to the Amazon Redshift cluster, and is located outside of your Amazon Virtual Private Cloud (Amazon VPC). By default, the network traffic is then routed through the public internet to reach its destination.
However, when you enable Amazon Redshift enhanced VPC routing, Amazon Redshift routes the network traffic through a VPC instead. Amazon Redshift enhanced VPC routing uses an available routing option, prioritizing the most specific route for network traffic. The VPC endpoint is prioritized as the first route priority. If a VPC endpoint is unavailable, Amazon Redshift routes the network traffic through an internet gateway, NAT instance, or NAT gateway.