tencent cloud

フィードバック

Configuring Public Network Address

最終更新日:2024-11-05 10:18:18
    This document describes how to enable/disable the public network address in the TencentDB for Redis® console. You can use the system-assigned domain name and port to Accessing Database over Public Network, making it easier for you to test, manage, use, and develop the database on a daily basis.
    Note:
    The instance service downtime caused by public network errors won't be counted into the "Single Instance Service Downtime" in TencentDB for Redis® Service Level Agreement (SLA).
    Public network access may expose your instances to security threats, and service availability is not guaranteed by SLA. Therefore, we recommend that you access Redis over the public network only when testing, managing, or assisting in managing databases. In the production environment, access Redis over the private network.
    The public network bandwidth is 20 Mb/s, with a connection limit of 10,000. Even though Redis supports up to 100,000 connections, the public network can only connect to 10,000 clients.

    CLB Architecture Description

    Currently, when the public network address is enabled for a TencentDB for Redis® instance, it operates under a CLB architecture. The system will automatically create a lightweight CLB instance in the same region through the CLB Console to provide public network capabilities. The CLB architecture has a refined resource limitation policy, as outlined in the table below.
    Category
    Concurrent Connections
    New Connections
    Packet Volume
    Inbound Bandwidth
    Outbound Bandwidth
    CLB
    2,000
    200/s
    Unlimited
    20 Mbps
    20 Mbps
    
    Note:
    The CLB instance automatically created when the public network address is enabled is free to use.
    After the public network address is disabled, the corresponding CLB instance will be automatically deleted in the CLB console.
    Unlimited in the table above means no separate speed limit policy is configured; it is only influenced by physical linkage limitations (including the upstream switch, TGW cluster size, and LD device attributes).
    If higher performance is required, you can purchase Public Network Access Through CLB. For detailed instructions, see Public Network Access Through CLB.

    Notes

    When it is enabled, you can use the system-assigned domain name and port to access TencentDB for Redis® via public network. It takes about 5 minutes to take effect.
    After public network access is enabled, it will be controlled by the security group network access policy. Configure the source information for accessing the database in the inbound rules of the security group and allow the necessary protocol ports.
    Ensure that both the private and public network ports are allowed, with the default private network port being 6379. For detailed instructions, see Redis Security Group Configuration.
    Allow the CLB health check source IP range 100.64.0.0/10 to enable real-time health checks of the network linkage, ensuring security and stability.

    Use Limits

    Only instances in VPCs can enable the public network address. If an instance is in the classic network, switch it to VPC first before enabling public network access.
    Currently, the public network address feature is only available in the following regions: Chengdu, Beijing, Shanghai, and Guangzhou. For public network access in other regions, you can use one of the following methods to access Redis instances:

    Prerequisites

    To enable public network access, you need to disable password-free access.

    Enabling the Public Network Address

    1. Log in to the TencentDB for Redis® console, click an instance ID in the instance list, and enter the instance details page.
    2. Click Enable next to Public Network Address in the Network Info section.
    Note:
    After the public network access is enabled, it will be controlled by the security group policy. You should configure the database access source in the security group's inbound rules and open the protocol ports (both the private network port (6379 by default) and public network port) as instructed in Configuring Security Group.
    3. In the pop-up window, confirm that everything is correct and click OK.
    
    4. Return to the instance details page, where you can see the instance in the Enabling public network status. If the status stays the same for a long time, refresh the page.
    5. If Public Network Address shows an address comprising a domain name and port, the address is enabled successfully. Now you can use it to access Redis over the public network.

    Disabling the Public Network Address

    1. Log in to the TencentDB for Redis® console, click an instance ID in the instance list, and enter the instance details page.
    2. Click Disable next to Public Network Address in the Network Info section.
    3. In the pop-up window, confirm that everything is correct and click OK.
    4. Return to the instance details page, where you can see the instance in the Disabling public network status and Public Network Address display nothing.

    Subsequent Operations

    After the public network access is enabled, it is recommended to configure the CLB monitoring and alarm policy.
    1. Log in to the TCOP .
    2. Click Alarm Management > Alarm Configuration to access the alarm policy configuration page.
    3. Click Create Policy and configure the alarm policy as described below.
    
    Configuration Type
    Configuration Item
    Description
    Basic Info
    Policy Name
    Customize the policy name.
    Remarks
    Customize the policy remarks.
    Monitoring Type
    Select Cloud Product Monitoring .
    Policy Type
    Select Cloud Load Balancer > Public LB Instance > Client to LB monitor .
    Project
    Select DEFAULT PROJECT .
    Alarm Rule Configuration
    Alarm Object
    Select the instance ID to bind the alarm policy to the selected instance.
    Select the instance group to bind the alarm policy to the selected instance group.
    Select all objects to bind the alarm policy to all instances under the current account with the appropriate permissions.
    Trigger conditions
    The alarm trigger conditions consist of a meaningful condition based on metrics, comparison relationships, thresholds, statistical granularity, and the duration across N monitoring data points.
    Select Template: Use an existing alarm trigger condition template. Predefined templates are available for triggering alarms. To create a template, click Add Trigger Condition Template and follow the console guidance. For more information, see Configure Trigger Condition Template.
    Configure manually: Customize the selection of monitoring metrics and event alarm trigger conditions. Configure alarm metrics, statistical granularity, alarm thresholds, alarm severity, and alarm frequency based on business needs.
    Note:
    Metric Alarm: Metrics that need to be configured include client_new_conn, client_connum, client_outpkg, and client_inpkg. For more information on these metrics, see CLB Monitoring Metrics.
    Event Alarm: You can select the events to be configured based on actual needs.
    4. Click Next: Configure Alarm Notification to configure the alarm notification rules. You can choose from system preset notification templates or user-defined templates. Up to three notification templates can be bound to each alarm policy. For more information, see Notification Templates.
    
    5. After the above information is configured, click Complete to successfully create the alarm policy. For more information, see CLB Alarm Policy.

    Related APIs

    API
    Description
    Enables public network access
    Disables public network access
    お問い合わせ

    カスタマーサービスをご提供できるため、ぜひお気軽にお問い合わせくださいませ。

    テクニカルサポート

    さらにサポートが必要な場合は、サポートチケットを送信して弊社サポートチームにお問い合わせください。24時間365日のサポートをご提供します。

    電話サポート(24 時間365日対応)