i'm a beginner to Docker, hope everyone can help, much appreciated.
I downloaded a docker image from my company repository and i managed to create a container in my local machine from the image, let's named it mydb. It is created through command below:
docker run --name mydb -p 1521:1521 -d mycompany.com:5000/docker-db:20.0.04
I am able to access the database with following connection string through my sqldqveloper : system/abc123#127.0.0.1:1521/ORCL
Our company have a database server in AWS, let's name it awsdb. I can access it after vpn login.
I am able to access the database with following connection string in sqldqveloper :
system/abc123#awsdb.amazonaws.com:1521/awsdb
Question:
How can i create a database link in mydb to awsdb with database link "my_dblink"? eg. select sysdate from dual#my_dblink.
I try with following command:
CREATE PUBLIC DATABASE LINK my_dblink
CONNECT TO system
IDENTIFIED BY abc123
USING 'awsdb.amazonaws.com:1521/awsdb';
but it return error ORA-12543: TNS:destination host unreachable.
I tried remove the container and recreated it by set the net=host:
docker run --name mydb -p 1521:1521 -d --net=host mycompany.com:5000/docker-db:20.0.04
then now i can't even connect is with system/abc123#127.0.0.1:1521/ORCL
error ORA-12541 returned: no listener.
How can i open the connection between internal docker to AWS database server? Thank you.
First of all, I do believe you need to understand what you are trying to accomplish.
When you create a database link between two databases, the main requirement you must fulfil is to have network connectivity between both of them in the ports you are using. As one of them is stored in public cloud, at least you would need:
A network connection between the network where the docker is installed and the public cloud in AWS.
But, as your docker is installed in your local laptop, the AWS should be opened to Internet, something that it is a security issue and probably it is not enabled.
Moreover, you would need Firewall rules in all the ports you might need to use in this connectivity.
As you are using a VPN login that allows you to access the AWS Cloud resources because you are connecting through it ( probably using Active Directory and/or a certificate, perhaps even using SSO federation between your AD in your company and the resources in AWS ), the database can't connect using that.
Summarizing, that is not possible, and if I were someone in Security I would never allow it. The only option for you would be to create a docker with the database in AWS and then create the database link there.
Related
I want to host a database in Heroku server and also a django application. The problem is: To transfer data to my Heroku database i would need be connected to a VPN. Does Heroku provides a way to connect to a VPN in order to access another database, like AWS client VPN?
My infra would be like this:
Airflow running DAGs to pull data from a AWS database that requires VPN connection to source from it. I would transfer the data from this AWS database to my heroku database.
Is it possible?
Thank you
Another thing that i'm wondering is if it is possible to connect Heroku to AWS client VPN, in case Heroku does not have something similar or a way to do this step.
Yes Heroku does provides a VPN labelled as Heroku Private Spaces and Shield Spaces.
Here is the link
https://devcenter.heroku.com/articles/private-space-vpn-connection
Good day everyone, I have a Laravel application that is supposed to connect to a remote MYSQL database in production, and to ease deployment I am using docker. I have setup a GitHub actions workflow that is triggered when I push to master branch, the workflow essentially runs a couple of tests and then builds my app into an image and then pushes to docker hub.
To avoid database connection issues when composer dump-autoload is run during the build process, I allowed connection from any host (changed bind-address to 0.0.0.0 in mysql config) and also setup the mysql user to connect from any host. This seems to do the trick but my concern is obviously exposing my database service to the entire world. Fortunately its possible to setup my own dedicated server for Github actions, which means I can easily restrict my db service to that host. Would that be the Ideal solution or there is way to run the workflow without needing to connect to a database?.
Try to connect to remote database using an SSH Tunnel
ssh -N -L 3336:127.0.0.1:3306 [USER]#[REMOTE_SERVER_IP]
With this you do not need to publish MySQL to the world and could bind it to 127.0.0.1 on Remote host.
I am trying to connect to an oracle docker instance through a framework. The framework requires the table name and logical host name to be passed in.
I am able to connect to the docker instance using jdbc connection in java.
My question is how do i set the logical host name to this docker instance that i can use.
Things I have tried:
I tried by adding a logical host in /etc/hosts file in the image
using docker run command.
I tried passing in the docker name as the logical host
I tried giving the host name mentioned in tnsnames.ora file in the image
I am using Docker version 18.09.1, build 4c52b90 and Oracle v12.2.0.1. Any pointers would be helpful.
Thanks in advance!!
Have you considered to containerize the application that uses that framework? If you put all the containers in the same stack, using docker-compose or docker stack, you'll be able to reach each one of the services through the service name.
Check out the Creating an Oracle Database Docker image blog for more details.
I’ve now tried to create a serverless Aurora (MySQL compatible) database and connect to it for two days, and I just can’t seem to get it to work. Supposedly I should have been able to get it up and running in five minutes.
In any case, I created am Aurora Serverless database in the US East (N. Virginia) region (us-east-1), and have been able to connect to it with the AWS Query Editor. I also have an EC2 server in the same region, and have given the Aurora database the same security group (under RDS > Security Group), and in the security group I have opened for MYSQL/Aurora (TCP, 3306) from all sources. When I click the modify button on the database, there is also another (VPC) Security Group listed (rds-launch-wizard-4), which was created automatically. This one I also located under my EC2 dashboard and gave access to all ports from all sources (inbound), and to all ports (outbound). And there is a networking VPC & subnet group, which I don’t know what to do with, if anything.
I try to connect to the database, using this command line command:
mysql -h hest2.cluster-xxxxx.us-east-1.rds.amazonaws.com -P 3306 -u root –p
It generates an error “ERROR 2003 (HY000): Can't connect to MySQL server on” on both my EC2 instance, my local computer and on other online servers.
From the EC2 instance, try doing a telnet on the DB port to test if all your security group settings are applied correctly.
telnet hest2.cluster-xxxxx.us-east-1.rds.amazonaws.com 3306
If the connection does go through, then the issue is with your client code. Cross check that you have wired the right endpoint in your code.
If the telnet connection does not group (I'm guessing that it would not), then it is guaranteed that your security group settings are not set correctly. In order to debug this further, we would need more details on:
The list of vpc security groups associated with your cluster.
The details of each of these vpc security groups (You've mentioned that
you've opened up everything, but I'd like to see the exact rules in
place)
As for laptop and other servers - If they are outside the VPC, then it would not work. Aurora Serverless is accessible only from within the VPC as of now.
I have created an ec2 instance and followed all steps according to AWS documentation, But I am unable to connect to database from the php files in html folder. Below is the error
Warning: mysqli_connect(): (HY000/1130): Host
'ip-172-31-28-115.us-west-2.compute.internal' is not allowed to
connect to this MySQL server in /var/www/html/test/test.php on line 11
Unable to connect to MySQL
The Php files are not getting connected to the database that is created on instance.
Note: I also tried creating new user and granted privileges to the new user but no luck!
It would be great if you can assist us through problem, since we have already spent lot of time experimenting on this.
Things to check for MySQL connection:
--/etc/my.cnf to ensure that listening on the right port(s) ip(s). 3306 default.
--Open port 3306 in AWS to ensure that client can access
--Grant privs on database to user that is connecting.
--Examine mysql logs and apache error logs for errors.
can you try running this? I think it has to do with permissions.
GRANT ALL PRIVILEGES ON . TO 'root'#'%';
FLUSH PRIVILEGES;