Distributed transaction whitelists allow for distributed transactions between an ECS instance and an ApsaraDB for RDS instance.

For more information about related best practices, see Connect Kingdee K/3 WISE to ApsaraDB RDS for SQL Server.

Prerequisites

The ApsaraDB for RDS instance must be one of the following editions:
  • SQL Server 2012/2016 Enterprise Edition (High-availability Edition)
  • SQL Server 2012/2016 Standard Edition

RDS settings

  1. Log on to the ApsaraDB for RDS console.
  2. In the upper-left corner of the page, select the region where the target ApsaraDB for RDS instance is located.
  3. Find the instance and click the instance ID.
  4. In the left-side navigation pane, click Data Security.
  5. Click Edit on the right. In the dialog box that appears, enter the IP address of the ECS instance.
    Note
    • If the ECS and ApsaraDB for RDS instances belong to the same VPC, enter the private IP address of the ECS instance. You can view the private IP address on the Instance Details page.
    • If the ECS and ApsaraDB for RDS instances do not belong to the same VPC, enter the public IP address of the ECS instance and apply for a public endpoint for the ApsaraDB for RDS instance. For more information, see Apply for a public endpoint for an RDS for SQL Server instance.
  6. Click OK.
  7. Click the Whitelist for Distributed Transaction tab.
  8. Click <uicontrol data-spm-anchor-id="a2762.11472859.0.i130.2a23203bxY1y9R">Create Whitelist.
  9. Set the parameters listed in the following table.
    Parameter Description
    Whitelist Name The whitelist name must be 2 to 32 characters in length and can contain digits, lowercase letters, and underscores (_). It must start with a lowercase letter and end with a lowercase letter or digit.
    Whitelist Enter the IP address and Windows computer name of the ECS instance, and separate them with a comma (,). Example: 192.168.1.100,k3ecstest.

    Enter multiple entries in different lines.

    Note You can view the computer name by choosing Control Panel > System and Security > System.
  10. Click OK.

ECS settings

  1. Log on to the ECS console.
  2. In the upper-left corner of the page, select the region where the target ECS instance is located.
  3. Find the instance and click the instance ID.
  4. In the left-side navigation pane, click Security Groups.
  5. Click Add Rules on the right.
  6. In the upper-right corner of the page, click Add Security Group Rule.
  7. Set the parameters listed in the following table.
    Parameter Description
    Rule Direction Select Inbound.
    Action Select Allow.
    Protocol Type Select Customized TCP.
    Port Range Enter 135.
    Note 135 is the fixed port of the RPC service.
    Priority Enter 1.
    Authorization Type Select IPv4 CIDR Block.
    Authorization Objects View the two IP addresses displayed on the Whitelist for Distributed Transaction tab of the Data Security page. Enter them in the Authorization Objects field. >
    Description The description must be 2 to 256 characters in length and cannot start with http:// or https://.
  8. Click OK.
  9. Add another security group rule by entering 1024/65535 in the Port Range field and specifying the other parameters in the same way as the previous rule.