Machine LearningBook ReviewsGithub

What Are AWS Elasitc Network Interfaces

ENI์— ๋Œ€ํ•ด ์•Œ์•„๋ณด์•„์š”

Reference: https://speakerdeck.com/twkiiim/amazon-vpc-deep-dive-eni-reul-almyeon-vpc-ga-boinda

ENI ๋ž€?

ENI (Elastic Network Interface)

  • VPC์—์„œ ๊ฐ€์ƒ ๋„คํŠธ์›Œํฌ์นด๋“œ์— ํ•ด๋‹นํ•˜๋Š” ๊ฐœ๋…

    • VPC ์•ˆ์˜ Private IP ๋ฒ”์œ„์— ์†ํ•˜๋Š” IP ์ฃผ์†Œ๋ฅผ ํ•œ ๊ฐœ ์ด์ƒ ๊ฐ€์งˆ ์ˆ˜ ์žˆ๋‹ค

      • ex) Primary, Secondary

  • EIP (Elastic IP) ๋ฅผ associate ํ•ด์„œ Public IP๋„ ๊ฐ€์งˆ ์ˆ˜ ์žˆ๋‹ค

  • Security Group ์ด attach๋˜๋Š” ๋Œ€์ƒ์ด๋‹ค

    • Security Group์€ ENI์— ๋ถ™๋Š”๋‹ค!

  • MAC Address ๋ฅผ ๊ฐ–๋Š”๋‹ค

  • Source/Destination check ๋„ ENI๊ฐ€ ๋‹ด๋‹นํ•œ๋‹ค

  • VPC Flow Logs๋„ ENI๋ฅผ ๊ธฐ๋ฐ˜์œผ๋กœ ์ƒ์„ฑ๋œ๋‹ค

  • ENI๋ฅผ ํ†ตํ•ด EC2์— access ๊ฐ€๋Šฅํ•˜๋‹ค

  • Public subnet์ด๋ฉด ENI์— EIP (Elastic IP)๋„ ๋ถ™์–ด์žˆ๋‹ค

  • Security Group๋„ ENI์— ์ ์šฉ๋œ๋‹ค

    • ๋ณต์ˆ˜๊ฐœ์˜ Security Group๋„ ์ ์šฉ ๊ฐ€๋Šฅํ•˜๋‹ค

Lambda๋กœ ENI ์ดํ•ดํ•˜๊ธฐ

VPC Lambda model์˜ ๋ณ€ํ™”

๊ณผ๊ฑฐ VPC Lambda

ํ˜„์žฌ VPC Lambda

VPC Lambda๊ฐ€ ๊ฐœ์„ ๋œ๋‹ค๋Š” ๊ณต์ง€ ๋ฅผ ๋ณด๋ฉด ์•„๋ž˜์™€ ๊ฐ™์€ ๋‚ด์šฉ์ด ์žˆ๋‹ค

Whatโ€™s changing
Starting today, weโ€™re changing the way that your functions connect to your VPCs. AWS Hyperplane, the Network Function Virtualization platform used for Network Load Balancer and NAT Gateway, has supported inter-VPC connectivity for offerings like AWS PrivateLink, and we are now leveraging Hyperplane to provide NAT capabilities from the Lambda VPC to customer VPCs.

The Hyperplane ENI is a managed network resource that the Lambda service controls, allowing multiple execution environments to securely access resources inside of VPCs in your account. Instead of the previous solution of mapping network interfaces in your VPC directly to Lambda execution environments, network interfaces in your VPC are mapped to the Hyperplane ENI and the functions connect using it.

์—ฌ๊ธฐ์„œ Hyperplane์ด๋ž€?

AWS Hyperplane

  • AWS ๋‚ด๋ถ€์—์„œ ์‚ฌ์šฉ๋˜๋Š” Load Balancing Service

  • S3 API์˜ Load Balancer๊ฐ€ ๊ธฐ๋ฐ˜์ด๋‹ค

  • EFS (Elastic File System) ์—์„œ๋Š” ์ดˆ๊ธฐ๋ถ€ํ„ฐ ์‚ฌ์šฉ๋จ

  • ๋‹ค์–‘ํ•œ ์„œ๋น„์Šค์— ์ด์šฉ๋˜๊ธฐ ์‹œ์ž‘ํ•จ

    • API Gateway์˜ VPC Link

    • NLB (Network Load Balancer)

    • NAT Gateway

    • VPC Lambda

  • EC2 Instance์˜ Fleet๊ตฌ์„ฑ์ด๋‹ค

    • ์ฆ‰, ํ•„์š”์— ๋”ฐ๋ผ scale up/down & in/out ๋œ๋‹ค

  • Hyperlane์— access ๊ฐ€๋Šฅํ•œ ENI๋Š” AWS ๋‚ด๋ถ€์— ์กด์žฌํ•œ๋‹ค

  • ์‚ฌ์‹ค์€ ์œ„์™€ ๊ฐ™์ด AWS Lambda ๋‚ด๋ถ€์—๋„ VPC๊ฐ€ ์กด์žฌํ•˜๋Š”๋ฐ, AWS๊ฐ€ ๊ด€๋ฆฌํ•˜๊ธฐ ๋•Œ๋ฌธ์— ๋ณด์ด์ง€ ์•Š๋Š”๋‹ค

  • VPC Lambda๋ฅผ ์„ค์ •ํ•˜๋ฉด์„œ Subnet ์„ ์„ ํƒํ•˜๊ฒŒ ๋˜๋Š”๋ฐ, ์ด๋•Œ ํ•ด๋‹น subnet ์•ˆ์— ENI ๊ฐ€ ์ž๋™์œผ๋กœ ์ƒ์„ฑ๋˜์–ด์„œ AWS Lambda ๋‚ด๋ถ€์˜ Hyperplane ENI ์™€ ์—ฐ๊ฒฐ๋œ๋‹ค!

VPC์™€ ์—ฐ๋™๋˜๋Š” ํƒ€ ์„œ๋น„์Šค๋“ค

  • VPC ๋ฐ Subnet์„ ์„ ํƒํ•ด์„œ ์ง์ ‘ ๋งŒ๋“  VPC์™€ ์—ฐ๋™๋œ๋‹ค

  • ํ•ด๋‹น Subnet์— ENI๊ฐ€ ์ž๋™์œผ๋กœ ์ƒ์„ฑ๋˜๊ณ , ์ด๋ฅผ ํ†ตํ•ด VPC ๋‚ด๋ถ€ resource์™€ ํ†ต์‹ ์ด ๊ฐ€๋Šฅํ•˜๋‹ค!!

PreviousResizing an Amazon EBS VolumeNextEstimate AWS Resource Costs

Last updated