yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
de9f8a7cc5b4e61816cbd4e52cc108c5f9fc3b4c
doc-exports/docs/css/umn/css_02_0033.html
zhengxiu 2125539080 css umn 25.1.0 version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: zhengxiu <zhengxiu@huawei.com>
Co-committed-by: zhengxiu <zhengxiu@huawei.com>
2025-07-04 09:10:17 +00:00

34 lines
10 KiB
HTML
Raw Blame History

<a name="css_02_0033"></a><a name="css_02_0033"></a>
<h1 class="topictitle1">How Do I Use a NAT Gateway to Access CSS from the Internet?</h1>
<div id="body8662426"><p id="css_02_0033__en-us_topic_0182065775_p225617612480">Perform the following operations:</p>
<p id="css_02_0033__en-us_topic_0182065775_p1382775919469">1.<a href="#css_02_0033__en-us_topic_0182065775_section9324115816273">Obtaining CSS Information</a></p>
<p id="css_02_0033__en-us_topic_0182065775_p4211510124712">2.<a href="#css_02_0033__en-us_topic_0182065775_section13091155184816">Configuring a NAT Gateway</a></p>
<p id="css_02_0033__en-us_topic_0182065775_p03553255472">3.<a href="#css_02_0033__en-us_topic_0182065775_section8868104118811">Modifying Security Group Rules</a></p>
<p id="css_02_0033__en-us_topic_0182065775_p19413113294712">4.<a href="#css_02_0033__en-us_topic_0182065775_section1474433184620">Accessing CSS from the Internet</a></p>
<div class="caution" id="css_02_0033__en-us_topic_0182065775_note17568164325815"><span class="cautiontitle"><img src="public_sys-resources/caution_3.0-en-us.png"> </span><div class="cautionbody"><p id="css_02_0033__en-us_topic_0182065775_p1456817432587">If your CSS clusters do not have the security mode enabled, do not access CSS through the NAT gateway. Otherwise, the cluster data will be exposed to the Internet.</p>
</div></div>
<div class="section" id="css_02_0033__en-us_topic_0182065775_section9324115816273"><a name="css_02_0033__en-us_topic_0182065775_section9324115816273"></a><a name="en-us_topic_0182065775_section9324115816273"></a><h4 class="sectiontitle">Obtaining CSS Information</h4><ol id="css_02_0033__en-us_topic_0182065775_ol1057104192814"><li id="css_02_0033__en-us_topic_0182065775_li1142971461017"><span>Log in to the CSS management console.</span></li><li id="css_02_0033__en-us_topic_0182065775_li174291147108"><span>On the <strong id="css_02_0033__b1236248194">Clusters</strong> page, click the name of a cluster. The <strong id="css_02_0033__b1323616481093">Basic Information</strong> page is displayed by default.</span></li><li id="css_02_0033__en-us_topic_0182065775_li1277611425215"><span>In the <strong id="css_02_0033__b10231195219920">Configuration Information</strong> area, view the <strong id="css_02_0033__b5231105212910">Private Network Address</strong>, <strong id="css_02_0033__b172313528912">VPC</strong>, and <strong id="css_02_0033__b1223115529916">Subnet</strong> information.</span><p><div class="fignone" id="css_02_0033__en-us_topic_0182065775_fig134706371098"><span class="figcap"><b>Figure 1 </b>Required information</span><br><span><img id="css_02_0033__image138191413172718" src="en-us_image_0000001933318582.png"></span></div>
</p></li></ol>
</div>
<div class="section" id="css_02_0033__en-us_topic_0182065775_section13091155184816"><a name="css_02_0033__en-us_topic_0182065775_section13091155184816"></a><a name="en-us_topic_0182065775_section13091155184816"></a><h4 class="sectiontitle">Configuring a NAT Gateway</h4><ol id="css_02_0033__en-us_topic_0182065775_ol77591530114918"><li id="css_02_0033__en-us_topic_0182065775_li1375953074918"><span>Create a NAT gateway.</span><p><ol type="a" id="css_02_0033__en-us_topic_0182065775_ol59561413185410"><li id="css_02_0033__en-us_topic_0182065775_li7956113115411">Log in to the console and choose <strong id="css_02_0033__b2913111714102">Service List</strong> &gt; <strong id="css_02_0033__b1891314177105">Networking</strong> &gt;<strong id="css_02_0033__b1891314173102">NAT Gateway</strong>. The <strong id="css_02_0033__b1991431710106">Network Console</strong> page is displayed. </li><li id="css_02_0033__en-us_topic_0182065775_li14487167105813">Click <strong id="css_02_0033__b2166343111614">Create Public NAT Gateway</strong>. On the displayed page, configure related parameters. <div class="note" id="css_02_0033__en-us_topic_0182065775_note812415314320"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="css_02_0033__en-us_topic_0182065775_p171244539318">Set <strong id="css_02_0033__b153692415102">VPC</strong> and <strong id="css_02_0033__b12536724111019">Subnet</strong> to the values you obtained in <a href="#css_02_0033__en-us_topic_0182065775_section9324115816273">Obtaining CSS Information</a>.</p>
</div></div>
</li><li id="css_02_0033__en-us_topic_0182065775_li13124853338">Click <strong id="css_02_0033__b1085619274109">Next</strong>, confirm the configurations, and click <strong id="css_02_0033__b978992381817">Create Now</strong>.</li></ol>
</p></li><li id="css_02_0033__en-us_topic_0182065775_li47201944144918"><span>Add DNAT rules.</span><p><ol type="a" id="css_02_0033__en-us_topic_0182065775_ol1863161917012"><li id="css_02_0033__en-us_topic_0182065775_li16313194014">On the <strong id="css_02_0033__b798615461109">Public NAT Gateways</strong> page, click the name of the NAT gateway you purchased. The details page is displayed.</li><li id="css_02_0033__en-us_topic_0182065775_li111007319014">Choose <strong id="css_02_0033__b828101175716">DNAT Rules</strong> &gt; <strong id="css_02_0033__b1628131165714">Add DNAT Rule</strong>. For details, see section "Adding a DNAT Rule" in the <em id="css_02_0033__i1618121511577">NAT Gateway User Guide</em>. When configuring DNAT rules, use the following settings:<div class="note" id="css_02_0033__en-us_topic_0182065775_note11391116388"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="css_02_0033__en-us_topic_0182065775_ul1114491713214"><li id="css_02_0033__en-us_topic_0182065775_li19145101773214"><strong id="css_02_0033__b620210174579">EIP</strong>: Create an EIP on the <strong id="css_02_0033__b9202141712570">EIPs</strong> page based on your service requirements.</li><li id="css_02_0033__en-us_topic_0182065775_li20961111823216"><strong id="css_02_0033__b29469183576">Outside Port</strong>: Custom.</li><li id="css_02_0033__en-us_topic_0182065775_li3843132011323"><strong id="css_02_0033__b153242214574">Private IP Address</strong>: private network IP address of CSS, which is the <strong id="css_02_0033__b103248219573">Private Network Address</strong> you obtained in <a href="#css_02_0033__en-us_topic_0182065775_section9324115816273">Obtaining CSS Information</a>.</li><li id="css_02_0033__en-us_topic_0182065775_li5682172283218"><strong id="css_02_0033__b094522219577">Inside Port</strong>: 9200.</li><li id="css_02_0033__en-us_topic_0182065775_li146955616335">If your cluster contains multiple private IP addresses, add one DNAT rule for each address.</li></ul>
</div></div>
</li><li id="css_02_0033__en-us_topic_0182065775_li1684810257">Click <strong id="css_02_0033__b7963358165715">OK</strong>.</li></ol>
</p></li></ol>
</div>
<div class="section" id="css_02_0033__en-us_topic_0182065775_section8868104118811"><a name="css_02_0033__en-us_topic_0182065775_section8868104118811"></a><a name="en-us_topic_0182065775_section8868104118811"></a><h4 class="sectiontitle">Modifying Security Group Rules</h4><ol id="css_02_0033__en-us_topic_0182065775_ol16401115415817"><li id="css_02_0033__en-us_topic_0182065775_li194019541588"><span>Log in to the CSS management console. In the navigation pane, click <strong id="css_02_0033__b015717312580">Clusters</strong>. On the displayed <strong id="css_02_0033__b1215713385818">Clusters</strong> page, click the name of the target cluster to go to the <strong id="css_02_0033__b51571139583">Basic Information</strong> page</span></li><li id="css_02_0033__en-us_topic_0182065775_li09471028123217"><span>On the <strong id="css_02_0033__b1318815617582">Basic Information</strong> page, click <strong id="css_02_0033__b1318966145817">Security Group</strong>.</span></li><li id="css_02_0033__en-us_topic_0182065775_li176233592335"><span>On the <strong id="css_02_0033__b1916013735817">Basic Information</strong> page of the security group, click the <strong id="css_02_0033__b1016019735815">Inbound Rules</strong> tab.</span></li><li id="css_02_0033__en-us_topic_0182065775_li11641141203715"><span>Click <strong id="css_02_0033__b1171191025819">Add Rule</strong> to add an inbound rule for port 9200.</span></li><li id="css_02_0033__en-us_topic_0182065775_li1950673353817"><span>Click <strong id="css_02_0033__b1630216395013">OK</strong>.</span></li></ol>
</div>
<div class="section" id="css_02_0033__en-us_topic_0182065775_section1474433184620"><a name="css_02_0033__en-us_topic_0182065775_section1474433184620"></a><a name="en-us_topic_0182065775_section1474433184620"></a><h4 class="sectiontitle">Accessing CSS from the Internet</h4><div class="p" id="css_02_0033__p46801624205319">Enter <strong id="css_02_0033__b272692245813">https://<em id="css_02_0033__i10725922175810">IP</em>:<em id="css_02_0033__i472532265815">port</em></strong> or <strong id="css_02_0033__b2072612265810">http://<em id="css_02_0033__i1472652295812">IP</em>:<em id="css_02_0033__i672612265817">port</em></strong> in the address box of the browser.<ul id="css_02_0033__en-us_topic_0182065775_ul9894834132019"><li id="css_02_0033__en-us_topic_0182065775_li112213396207"><strong id="css_02_0033__b14858142516582"><em id="css_02_0033__i1785852513586">IP</em></strong> and <strong id="css_02_0033__b385813250584"><em id="css_02_0033__i118581325115812">port</em></strong> are an EIP and port you set when you added DNAT rules.</li><li id="css_02_0033__en-us_topic_0182065775_li1930611428205">If you have enabled <strong id="css_02_0033__b168048294584">Security Mode</strong> for the cluster, enter <strong id="css_02_0033__b13804122916581">https://<em id="css_02_0033__i1180412975819">IP</em>:<em id="css_02_0033__i13804142925819">port</em></strong> and then enter the username and password that you set for security mode on the displayed page.</li><li id="css_02_0033__en-us_topic_0182065775_li17894143412204">If you have not enabled <strong id="css_02_0033__b122549326581">Security Mode</strong> for the cluster, just enter <strong id="css_02_0033__b1225423217583">http://<em id="css_02_0033__i10254832185818">IP</em>:<em id="css_02_0033__i18254103216585">port</em></strong>.</li></ul>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="css_02_0077.html">Accessing CSS Clusters</a></div>
</div>
</div>
View Git Blame Copy Permalink