VPC for ec2 instance running DB, connected via VPC Peering to another VPC with an ec2 instance running application

0

Hi,

I am looking for AWS recommended best practice for connecting an application running on EC2, with a DB, running on another EC2 instance.

I followed a recommendation to create two VPC instances, one for each EC2 (application, db), and connect them by using VPC Peering and security group rules (i.e., open specific ports for ingress and egress for each VPC).

A peer reviewer claims that this is "an obsolete, not recommended, pricy" approach "which is not required, and adds no benefits to the overhaul architecture".

The community's take on this issue is welcome. To VPC Peer, or not to VPC Peer - this is the question ...

Kobi
질문됨 일 년 전338회 조회
2개 답변
1

Hi, you could have a read to this architecture whitepaper: https://docs.aws.amazon.com/whitepapers/latest/serverless-multi-tier-architectures-api-gateway-lambda/three-tier-architecture-overview.html There are different cases depending on your scenario (https://docs.aws.amazon.com/whitepapers/latest/serverless-multi-tier-architectures-api-gateway-lambda/sample-architecture-patterns.html),but in general you could exploit reusing the same VPC and having subnets where you can deploy layers to. For instance for databases and EC2 accessing the database you may want to have in 2 separate private subnets.

Finally, searching for 3-layer architecture will usually lead you to clear aws architecture which you can assess if fit your case.

Hope it helps ;)

profile picture
전문가
답변함 일 년 전
0

If you only want to separate applications and databases, you can simply divide subnets within the same VPC.
An example of dividing a VPC would be to divide it by system or by environment (production, staging, etc.). (In the first place, in this case, it is often divided by AWS account.)
It is also cumbersome to manage because it will be necessary to create flow logs for each VPC.

profile picture
전문가
답변함 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠