forked from docs/doc-exports
chenxiaoxiong
f9e2808b7c
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com> Co-authored-by: chenxiaoxiong <chenxiaoxiong@huawei.com> Co-committed-by: chenxiaoxiong <chenxiaoxiong@huawei.com>
35 lines
9.9 KiB
HTML
35 lines
9.9 KiB
HTML
<a name="dataartsstudio_03_0033"></a><a name="dataartsstudio_03_0033"></a>
|
|
|
|
<h1 class="topictitle1">How Do I Connect the On-Premises Intranet or Third-Party Private Network to CDM?</h1>
|
|
<div id="body8662426"><div class="p" id="dataartsstudio_03_0033__en-us_topic_0108275483_p16369731493">Many enterprises deploy key data sources on the intranet, such as databases and file servers. CDM runs on the cloud. To migrate the intranet data to the cloud using CDM, use any of the following methods to connect the intranet to the cloud:<ul id="dataartsstudio_03_0033__en-us_topic_0108275483_ul167593228301"><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li975922253011">If the destination data source is an on-premises database, you need the Internet or Direct Connect. When using the Internet, ensure that an EIP has been bound to the CDM cluster, the security group of CDM allows outbound traffic from the host where the off-cloud data source is located, the host where the data source is located can access the Internet, and the connection port has been enabled in the firewall rules.</li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li197591622103018">Establish a VPN between the on-premises data center and the VPC where the service resides.</li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li1775982253013">Leverage Network Address Translation (NAT) or port forwarding to access the network in proxy mode.</li></ul>
|
|
</div>
|
|
<div class="p" id="dataartsstudio_03_0033__en-us_topic_0108275483_p287793601493">The following describes how to use the port forwarding tool to access intranet data. The process is as follows:<ol id="dataartsstudio_03_0033__en-us_topic_0108275483_ol1733413692948"><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li5424593892948">Use a Windows computer as the gateway. The computer must be able to access both the Internet and the intranet.</li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li2383231792952">Install the port mapping tool IPOP on the computer.</li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li744357792955">Configure port mapping using the tool.</li></ol>
|
|
<div class="notice" id="dataartsstudio_03_0033__en-us_topic_0108275483_note464742110406"><span class="noticetitle"><img src="public_sys-resources/notice_3.0-en-us.png"> </span><div class="noticebody"><p id="dataartsstudio_03_0033__en-us_topic_0108275483_p4182679210406">If the intranet database is exposed to the public network for a long time, security risks exist. Therefore, after data migration is complete, stop port mapping.</p>
|
|
</div></div>
|
|
</div>
|
|
<div class="section" id="dataartsstudio_03_0033__en-us_topic_0108275483_section1329589093527"><h4 class="sectiontitle">Scenario</h4><p id="dataartsstudio_03_0033__en-us_topic_0108275483_p617966901493">Suppose that the MySQL database on the intranet is migrated to DWS. </p>
|
|
<p id="dataartsstudio_03_0033__en-us_topic_0108275483_p3696239394451">In the figure, the intranet can be either an enterprise's data center or the intranet of the virtual data center on a third-party cloud.</p>
|
|
<div class="fignone" id="dataartsstudio_03_0033__en-us_topic_0108275483_fig014831163019"><span class="figcap"><b>Figure 1 </b>Network topology example</span><br><span><img id="dataartsstudio_03_0033__en-us_topic_0108275483_image131481118308" src="en-us_image_0000002234237092.png" title="Click to enlarge" class="imgResize"></span></div>
|
|
</div>
|
|
<div class="section" id="dataartsstudio_03_0033__en-us_topic_0108275483_section3970219094610"><h4 class="sectiontitle">Procedure</h4><ol id="dataartsstudio_03_0033__en-us_topic_0108275483_ol213892694644"><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li504089494644"><span>Use a Windows computer as the gateway. Configure both the intranet and Internet IP addresses on the computer. Conduct the following test to check whether the gateway computer can fulfill service needs.</span><p><ol type="a" id="dataartsstudio_03_0033__en-us_topic_0108275483_ol444582894720"><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li5590807194720">Run the <strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b131252973815652">ping</strong> command on the computer to check whether the intranet address of the MySQL database is pingable. For example, run <strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b179040028115719">ping 192.168.1.8</strong>.</li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li2273290594728">Run the <strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b84235270615753">ping</strong> command on another computer that can access the Internet to check whether the public network address of the gateway computer is pingable. For example, run <strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b197667454917020">ping 202.</strong><em id="dataartsstudio_03_0033__en-us_topic_0108275483_i111299415117020">xx</em><strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b178431542117020">.</strong><em id="dataartsstudio_03_0033__en-us_topic_0108275483_i170062534217020">xx</em><strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b33281468417020">.10</strong>.</li></ol>
|
|
</p></li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li4325532594738"><span>Download the port mapping tool IPOP and install it on the gateway computer.</span></li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li56510264101422"><span>Run the port mapping tool and select <span class="uicontrol" id="dataartsstudio_03_0033__en-us_topic_0108275483_uicontrol124543092417232"><b>PORT Map</b></span>. See <a href="#dataartsstudio_03_0033__en-us_topic_0108275483_fig30424171101712">Figure 2</a>.</span><p><ul id="dataartsstudio_03_0033__en-us_topic_0108275483_ul42218597101859"><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li40392362102010"><strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b84235270617343">Local IP</strong> and <strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b84235270617347">Local Port</strong>: Configure these two parameters to the public network address and port number of the gateway computer respectively, which must be entered when creating MySQL links on CDM.</li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li60982200101859"><strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b8423527061762">Mapping IP</strong> and <strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b8423527061765">Map Port</strong>: Configure these two parameters to the IP address and port number of the MySQL database on the intranet.</li></ul>
|
|
<div class="fignone" id="dataartsstudio_03_0033__en-us_topic_0108275483_fig30424171101712"><a name="dataartsstudio_03_0033__en-us_topic_0108275483_fig30424171101712"></a><a name="en-us_topic_0108275483_fig30424171101712"></a><span class="figcap"><b>Figure 2 </b>Configuring port mapping</span><br><span><img id="dataartsstudio_03_0033__en-us_topic_0108275483_image48438763101712" src="en-us_image_0000002234077236.png" title="Click to enlarge" class="imgResize"></span></div>
|
|
</p></li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li29003462102044"><span>Click <span class="uicontrol" id="dataartsstudio_03_0033__en-us_topic_0108275483_uicontrol74656296217645"><b>ADD</b></span> to add a port mapping relationship.</span></li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li41547911102141"><span>Click <span class="uicontrol" id="dataartsstudio_03_0033__en-us_topic_0108275483_uicontrol156866949517732"><b>START</b></span> to start mapping and receive data packets.</span><p><p id="dataartsstudio_03_0033__en-us_topic_0108275483_p211078431493">Then, you can use the EIP to read data from the MySQL database on the intranet on CDM and import the data to DWS.</p>
|
|
<div class="note" id="dataartsstudio_03_0033__en-us_topic_0108275483_note26028831102626"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ol type="a" id="dataartsstudio_03_0033__en-us_topic_0108275483_ol58659177102716"><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li46606669102716">To access the on-premises data source, you must also bind an EIP to the CDM cluster.</li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li56883029102719">Generally, DWS is accessible within the same VPC. When creating a CDM cluster, you must ensure that the VPC of the CDM cluster must be the same as that of DWS. In addition, it is recommended that CDM and DWS be in the same intranet and security group. If their security groups are different, you also need to enable data access between the security groups.</li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li61905180102728">Port mapping can be used to migrate data between databases on the intranet or the SFTP servers.</li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li17044857102728">For Linux computers, port mapping can also be implemented using IPTABLE.</li><li id="dataartsstudio_03_0033__en-us_topic_0108275483_li50180290102728">When the FTP server on the intranet is mapped to the public network using port mapping, you need to check whether the PASV mode is enabled. In this case, the client and server are connected through a random port. Therefore, in addition to port 21 mapping, you also need to configure the port range mapping in PASV mode. For example, you can specify the <strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b1947607254173059">vsftp</strong> port range by configuring <strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b842352706172857">pasv_min_port</strong> and <strong id="dataartsstudio_03_0033__en-us_topic_0108275483_b84235270617291">pasv_max_port</strong>.</li></ol>
|
|
</div></div>
|
|
</p></li></ol>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="dataartsstudio_03_0027.html">DataArts Migration (CDM Jobs)</a></div>
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script language="JavaScript">
|
|
<!--
|
|
initImageViewer('.imgResize');
|
|
var msg_imageMax = "view original image";
|
|
var msg_imageClose = "close";
|
|
//--></script> |