Azure Database for PostgreSQL 中的连接体系结构Connectivity architecture in Azure Database for PostgreSQL

本文介绍 Azure Database for PostgreSQL 的连接体系结构,以及如何在 Azure 内部和外部将流量从客户端定向到 Azure Database for PostgreSQL 数据库实例。This article explains the Azure Database for PostgreSQL connectivity architecture as well as how the traffic is directed to your Azure Database for PostgreSQL database instance from clients both within and outside Azure.

连接体系结构Connectivity architecture

可以通过网关连接到 Azure Database for PostgreSQL,该网关负责将传入连接路由到服务器在群集中的物理位置。Connection to your Azure Database for PostgreSQL is established through a gateway that is responsible for routing incoming connections to the physical location of your server in our clusters. 下图演示了流量流。The following diagram illustrates the traffic flow.

连接体系结构概述

客户端在连接到数据库时,会获得一个用于连接到网关的连接字符串。As client connect to the database, they get a connection string which connects to the gateway. 此网关有一个公共 IP 地址,用于侦听端口 5432。This gateway has a public IP address that listens to port 5432. 在数据库群集中,流量将转发到相应的 Azure Database for PostgreSQL。Inside the database cluster traffic is forwarded to appropriate Azure Database for PostgreSQL. 因此,为了通过某种方式(例如,通过公司网络)连接到服务器,必须打开客户端防火墙,使出站流量能够访问我们的网关。Therefore, in order to connect to your server, such as from corporate networks, it is necessary to open up the client side firewall to allow outbound traffic to be able to reach our gateways. 下面是一个按区域分类的可供我们的网关使用的 IP 地址的完整列表。Below you can find a complete list of the IP addresses used by our gateways per region.

Azure Database for PostgreSQL 网关 IP 地址Azure Database for PostgreSQL gateway IP addresses

下表列出了所有数据区域的 Azure Database for PostgreSQL 网关的主要 IP 和次要 IP。The following table lists the primary and secondary IPs of the Azure Database for PostgreSQL gateway for all data regions. 主 IP 地址是网关的当前 IP 地址,第二个 IP 地址是主 IP 地址故障时使用的故障转移 IP 地址。The primary IP address is the current IP address of the gateway and the second IP address is a failover IP address in case of failure of the primary. 如前所述,客户应该允许到这两个 IP 地址的出站流量。As mentioned, customers should allow outbound to both the IP addresses. 第二个 IP 地址不侦听任何服务,除非 Azure Database for PostgreSQL 激活该地址,使之接受连接。The second IP address does not listen in on any services until it is activated by Azure Database for PostgreSQL to accept connections.

区域名称Region Name 网关 IP 地址Gateway IP Addresses
中国东部China East 139.219.130.35139.219.130.35
中国东部 2China East 2 40.73.82.140.73.82.1
中国北部China North 139.219.15.17139.219.15.17
中国北部 2China North 2 40.73.50.040.73.50.0

后续步骤Next steps