v1

Databases And Persistence /

Access a database

As well as using a database within your project, you can access it locally for development, and expose it publicly to make it available online.

By default, a database will be given an internal address and only be accessible from services and jobs within the same project. You will still be able to access it locally using port forwarding through the Northflank CLI.

Deploy a database with TLS

You can choose to deploy with TLS on a database's network settings page. If enabled, the database will use TLS for all internal connections.

Some databases, such as MySQL, cannot enable or disable TLS after creation and will use the configuration they were created with.

Your deployments may require further configuration to connect to your database if TLS is enabled.

Expose a database publicly

Databases can be publicly exposed by selecting publicly accessible on their network settings page. The database must be deployed with TLS enabled to expose it publicly.

Exposing a database will make it available online via a network load-balancer and a TCP endpoint secured with TLS, and new public connection strings will be available in connection details.

Some databases, such as MySQL, cannot enable or disable TLS after creation and will use the configuration they were created with.

Access a database locally

You can forward a database for local access using the Northflank CLI.

Your database must be running in order to access it.

You can view and copy the command to connect to a specific database on its overview, in the local access section, or use the following commands:

  • To forward a specific database:

    sudo northflank forward addon --projectId [project-name] --addonId [addon-name]
  • To forward all ports in a project:

    sudo northflank forward all --projectId [project-name]

You can now connect to your database locally using the relevant connection strings or secrets from the connection details page.

Set IP policy rules

You can set IP policies from the security rules section on a database's network settings page. If you have not set any IP policies all external ingress traffic will be allowed to attempt to connect to the database, if it is publicly exposed.

You can restrict IP traffic to specific addresses by adding them to the policy rules. All external ingress traffic will be limited to the specified IP addresses.

© 2022 Northflank Ltd. All rights reserved.