Rackspace limits access for Cloud Databases to their ServiceNet. How can I securely and efficiently connect to a database instance there from AWS (over the public internet)?
Asked
Active
Viewed 546 times
0
-
IPSec, SSH tunnel, etc. – EEAA Jan 05 '16 at 02:52
-
Would a simple SSH port binding type of setup be sufficient? – Andy Fleming Jan 05 '16 at 02:55
-
If by port binding you mean port forwarding, perhaps. Depends on your requirements. For ad-hoc connections, it's probably ok. For long-term usage, though, IPSec is the way to go. Of course, it goes without saying that having your DB and application separated like this is a pretty bad idea. – EEAA Jan 05 '16 at 02:57
-
IPSec sounds like it might be the right fit. It wouldn't be for primary application usage. Looking at options for migrating data elegantly. Thanks! – Andy Fleming Jan 05 '16 at 03:02
1 Answers
5
You can use a Cloud Load Balancer to access your Cloud Database over public internet.
Here is a link to the documentation
Here is a link to the documentation if you want to use SSL
Note: Do not add additional nodes behind the load balancer. If you require HA or replication you can create an HA group, or add a replica in your Cloud Control Panel.
QuentinMoss
- 822
- 7
- 15
-
Does enabling SSL on the database instance require all connections to be over SSL? Or does it just make it available in addition? – Andy Fleming Jan 05 '16 at 23:15
-
1SSL is already enabled, you just need to use it. I suggest taking a moment and reading the SSL documentation: "You can also set up restrictions on a *user* to require SSL when communicating with the database. MySQL supports the GRANT statement modifier REQUIRE SSL. For example, to restrict database_user to have read, write, and delete permissions for prod_database only when connected with an SSL connection, log in to MySQL as root and then issue the following command..." – QuentinMoss Jan 05 '16 at 23:19