open mysql port to only frontend machine in Windows Azure
https://stackoverflow.com/questions/12851583
-
06-07-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian题
I have two virtual machines in my Azure deployment. The first is my frontend web VM instance and the second is a VM instance with a mysql database. Is it possible to define a network topology such that only my frontend instance can connect to my database instance? Adding an endpoint on the instance seems to open the port to the world.
解决方案
If you add the VMs to a Virtual Network you don't need to add an endpoint on the MySQL instance, just open up the necessary ports on the firewall for that particular instance. It won't expose any external endpoints.
I cover a similar scenario involving Couchbase in a few blog posts here and here.
EDIT:
With Linux VMs in the current preview phase, using a Virtual Network is not supported. The option to do so is blocked in the portal, but achievable with PowerShell cmdlets. It's unclear at this point if that's sufficient to achieve the same result as you can with Windows VMs.
