Network type | Data source environment | Relationship between the data source and the resource group | Common logic for establishing a network connection | Sample configuration |
VPC | Alibaba Cloud | Same Alibaba Cloud account and same region | Associate the resource group with the VPC in which the data source is deployed. | Scenario 1: Establish a network connection between a resource group and a data source that belong to the same Alibaba Cloud account and reside in the same region |
| Use a network connection tool, such as a CEN instance, an Express Connect circuit, or a VPN gateway, to perform one of the following operations: 1. Establish a network connection between the VPC in which the data source is deployed and a VPC in the region in which the resource group resides. 2. Establish a network connection between the VPC in which the data source is deployed and a VPC within the Alibaba Cloud account to which the resource group belongs. Associate the resource group with the VPC that is connected to the VPC in which the data source is deployed. Note If you select an advanced security group when you associate a resource group with a VPC, you must add the following security group rules to the advanced security group on the Security Groups page in the ECS console after the association: Outbound rule: Add the IP address of the data source that the resource group needs to access as the authorization object. Inbound rule: Add the CIDR block of the vSwitch with which the resource group is associated as the authorization object.
Add a route that points to the IP address of the data source for the resource group in the DataWorks console. For more information, see General reference: Add a route.
| |
Environment other than Alibaba Cloud | Scenario 4: Establish a network connection between a resource group and a data source that resides in a data center |
Internet | Internet | By default, serverless resource groups cannot access the Internet. If you want to use a serverless resource group to access a data source over the Internet, you must configure an NAT gateway for the VPC with which the resource group is associated. This way, the resource group can use the EIP associated with the NAT gateway to access the data source over the Internet. Old-version resource groups can access the Internet and can directly connect to the data source over the Internet.
| Scenario 5: Establish a network connection between a resource group and a data source that is deployed on the Internet |