Platform

Use cases

Resources

← Back to Changelog

23rd August 2021

Public Access for Managed Databases and Storage

Today we are excited to announce public network support for Northflank Addons (databases such as MySQL, PostgreSQL, MongoDB & Redis and S3 compatible MinIO storage).

  • Connect to your databases outside of Northflank
  • Easily connect to popular tooling such as Retool, Segment and database UIs without needing to use Northflank CLI proxy
  • External access is routed via Northflank’s highly performant DNS and load-balancers
  • Traffic is encrypted end-to-end with TLS from client to the database
  • Fine-grained network access controls for increased security

Northflank continues to level up the DBaaS experience across multiple popular OSS databases with consistent capability. You are now able to access your addons securely within the same project, via northflank forward and now for production workloads via load-balancers when workloads are deployed externally.

Public access can be enabled on addons deployed with TLS which can be configured in Network Settings. Once enabled, you will notice new external connection strings in Connection Details. You can configure them to be automatically inherited from your jobs and services.

Configurable security rules are also included in this release. Similar to IP and Basic Auth security rules that are available for services, you can specify certain IP addresses from which external ingress traffic will be allowed. We recommend always configuring IP policies as this brings another layer of security to your data.

Security rules

Example connection scripts

// Connect to a publicly accessible MongoDB with inherited environment variables
// Inherit 'EXTERNAL_SRV' and 'DATABASE' via a Secret Group


import MongoClient from  'mongodb'

let db = {}
let client = {}

const MONGO_CONNECTION_STRING = process.env.EXTERNAL_SRV
const MONGO_DATABASE = process.env.DATABASE

const INIT_MONGODB = async () => {
    try {
        console.log('Connecting to database')
        client = await MongoClient.connect(MONGO_CONNECTION_STRING, { useUnifiedTopology: true });
        db = client.db(MONGO_DATABASE)
        console.log('Connected to database');
    } catch (err) {
        console.log(err);
    }
}

export default async () => {
    await INIT_MONGODB();
}

export { db, client }
// Connect to a publicly accessible PostgreSQL with inherited environment variables
// Inherit 'EXTERNAL_POSTGRES_URI' via a Secret Group

import pg from 'pg'
const { Pool } = pg;

const POSTGRESQL_CONNECTION_STRING = process.env.EXTERNAL_POSTGRES_URI

let client = {};

const pool = new Pool({
    connectionString: POSTGRESQL_CONNECTION_STRING,
})

const INIT_POSTGRES = async () => {
    try {
        console.log('Connecting to database');
        client = await pool.connect();
        console.log('Connected to database');
    } catch (err) {
        console.log(err);
    }
};

export default async () => {
    await INIT_POSTGRES();
}

export { client }
// Connect to a publicly accessible Redis with inherited environment variables
// Inherit 'HOST' and 'REDIS_MASTER_URL' via a Secret Group

import redis from 'redis'

const REDIS_CONNECTION_STRING = process.env.REDIS_MASTER_URL
const REDIS_HOST = process.env.HOST

let client = redis.createClient({url: REDIS_CONNECTION_STRING, tls: {
        servername: REDIS_HOST
    }});

const INIT_REDIS = async () => {
    try {
        console.log('Connecting to database');
        await client.on('connect', function() {
          console.log('Connected to database');
        });
    } catch (err) {
        console.log(err);
    }
};

export default async () => {
    await INIT_REDIS();
}

export { client }

Share this article with your network