Inter-region Peering - II

us-east-1ap-northeast-2进行Peering,在ap-northeast-2,依然使用一开始创建出来的四个VPC:

  • IT Control Tower : Seoul-VPC-HQ (HQ = headquarter)
  • Production Workload : Seoul-VPC-PRD
  • Staging Workload : Seoul-VPC-STG
  • Dev Workload : Seoul-VPC-Dev

它们的IP段如下:

image-20231206212513560

我们将把us-east-1的DEV VPC与ap-northeast-2的DEV VPC打通

在us-east-1创建Peering

复制首尔地区的 Transit Gateway ID:

image-20231207155144963

us-east-1,进入VPC - Transit Gateway - Transit Gateway Attachments,选择Create Transit Gateway attachment

image-20231207155233572

Name tag设置为IAD-TO-SEOUL;tgw ID - 选择在us-east-1创建的 IAD-TGW; 类型 选择Peering Connection;区域选择ap-northeast-2;Transit Gateway(accepter)- 输入上面复制出来的 Transit Gateway ID:

image-20231207155516649

操作完成后,连接将在 US-EAST-1 区域处于 Pending Acceptance 状态,直到被首尔区域 (ap-northeast-2) 的 TGW 接受

image-20231207155637573

接受peering

进入ap-northeast-2, Seoul Region VPC - Transit Gateway - Transit Gateway attachments。有一个Transit Gateway Attachment,但它处于pending acceptance状态:

image-20231207160026305

选择Accept Transit Gateway attachment

image-20231207160049189

它将转换为pending状态,并在 7-8 分钟后更改为可用。同时更改attachment的名称标签以使其更易于识别:

image-20231207160210244

等待一段时间,当Attachment变为Available状态时,点击 Transit Gateway - Transit Gateway route tables, 找到TGW-RT-East-to-West ,创建新的Association:

image-20231207160552157

创建关联2

创建完成后:

image-20231207160653229

us-east-1创建associate

选择弗吉尼亚地区的 VPC - Transit Gateway - Transit Gateway route table,然后选择创建association:

image-20231207160757511

image-20231207160826952

Inter-region Peering至此已经完成。但是,由于未配置相互的路由,两个region还无法进行通信。