[Docs RFC]How to have a service in a VPC with a read replica outside of the VPC #3521
Comments
billy-the-fish
added
documentation
|
@erimatnor, are you ok with putting this solution in our docs, possibly as a section in https://docs.timescale.com/use-timescale/latest/vpc/. |
|
I brought this to @thanasisk attention. Here's his reply:
|
All replicas should be on same security levels.
My solution was to set up an NGINX reverse proxy on an EC2 instance in a public subnet with a security group configured to allow traffic originating from Vitally’s static IP addresses through our VPC and into Timescale’s VPCs.
In case it helps others, here's the commands I followed to get it running on a Amazon Linux 2 AMI (HVM) - Kernel 5.10, SSD Volume Type EC2 instance:
sudo yum update -y # Update Yum
sudo yum install docker -y # Install Docker
sudo systemctl start docker # Start Docker
sudo docker run hello-world # Ensure docker works
sudo systemctl enable docker # Enable Docker to start on boot
sudo usermod -a -G docker $(whoami) # Add user to docker group
newgrp docker # Refresh group
sudo docker run -d --name nginx-base -p 5432:5432 nginx:latest # Run Nginx
nano nginx.conf # Load provided nginx.conf below
docker cp nginx.conf nginx-base:/etc/nginx/nginx.conf # Copy nginx.conf to container
sudo docker exec nginx-base nginx -t # Test Nginx config
sudo docker exec nginx-base nginx -s reload # Reload Nginx
And this is the NGINX config I used
Untitled
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
Click to expand in-line (41 lines)
The text was updated successfully, but these errors were encountered: