Distributed transaction whitelists allow for distributed transactions between an Elastic Compute Service (ECS) instance and an ApsaraDB RDS for SQL Server instance.

For more information about related best practices, see Connect Kingdee K/3 WISE to ApsaraDB RDS for SQL Server.

Prerequisites

The RDS instance runs one of the following SQL Server versions on RDS High-Availability Edition: 2012 SE, 2012 EE, 2014 SE, 2016 SE, 2016 EE, and 2017 SE.

Configure the RDS instance

  1. Log on to the ApsaraDB for RDS console.
  2. In the top navigation bar, select the region where the target RDS instance resides.
  3. Find the target RDS instance and click its ID.
  4. In the left-side navigation pane, click Data Security.
  5. On the Whitelist Settings tab, select a whitelist and click Edit to the right. In the dialog box that appears, enter the IP address of the ECS instance.
    Note
    • If the ECS and RDS instances belong to the same VPC, enter the private IP address of the ECS instance. You can view the private IP address of the ECS instance on the Instance Details page of the ECS instance in the ECS console.
    • If the ECS and RDS instances belong to different VPCs, enter the public IP address of the ECS instance. In addition, you must apply for a public endpoint for the RDS instance. For more information, see Apply for a public endpoint for an RDS SQL Server instance.
  6. Click OK.
  7. Click the Whitelist for Distributed Transaction tab.
  8. Click Create Whitelist.
  9. Configure the following parameters.
    Parameter Description
    Group Name Enter the name of the whitelist. The name must be 2 to 32 characters in length. It can contain digits, lowercase letters, and underscores (_). It must start with a lowercase letter and end with a lowercase letter or digit.
    Whitelist Enter the IP address of the ECS instance and the name of the Windows-based computer where the ECS instance resides. Make sure that you separate the IP address and the computer name with a comma (,). Example: 192.168.1.100,k3ecstest.

    Enter multiple entries in different lines.

    Note You can view the computer name by choosing Control Panel > System and Security > System.
  10. Click OK.

Configure the ECS instance

  1. Log on to the ECS console.
  2. In the left-side navigation pane, click Instances. In the top navigation bar, select the region where the target ECS instance resides.
  3. Find the target ECS instance and click its instance ID.
  4. In the left-side navigation pane, click Security Groups.
  5. Find the target security group and in the Actions column and click Add Rules.
  6. In the upper-right corner of the page, click Add Security Group Rule.
  7. Configure the following parameters.
    Parameter Description
    Rule Direction Select Inbound.
    Action Select Allow.
    Protocol Type Select Custom TCP.
    Port Range Enter 135.
    Note Port 135 is the fixed port of the RPC service.
    Priority Enter 1.
    Authorization Type Select IPv4 CIDR Block.
    Authorization Objects View the two IP addresses displayed on the Whitelist for Distributed Transaction tab of the Data Security page in the ApsaraDB for RDS console. Enter them in the Authorization Objects field.
    Description The description must be 2 to 256 characters in length and cannot start with http:// or https://.
  8. Click OK.
  9. Add another security group rule. This rule has the same parameter settings as the previous rule except the Port Range parameter that is set to 1024/65535.