Skip to main content

Direct Connections

With a direct connection, Cluvio establishes a network connection directly to a database with a public IP address.

Direct ConnectionDirect Connection

Cluvio Agents

For database types which are not "cloud-native" (i.e. can be self-hosted), using Cluvio Agents to connect is generally preferred, since you do not need to expose your database to the internet. With Cluvio Agents you can even securely connect to databases on a local computer with internet access.

Database Server Setup

In order to connect directly to your database, there are a few requirements:

  1. The database needs to be reachable via a public DNS hostname or IP address. In most cases you will not be able to connect to a database running on your PC/laptop directly, using localhost, 127.0.0.1 or IP address behind a NAT router or within a private network on a cloud provider (typically IP addresses starting with 192.*, 172.*, 10.*). You also cannot use Windows WORKGROUP names (typically from ODBC strings for Microsoft SQL Server). For most of these cases, use a Cluvio Agent instead.

  2. The database needs to be accessible to Cluvio's servers. See firewall setup.

  3. For certain databases such as MySQL or MariaDB, the permission of the IP addresses may also need to be specified in the GRANT permissions for the database user used.

Encryption Recommended

Since the database-specific protocol will be used, you should make sure to enable/enforce encryption within your database configuration and select Require SSL in the datasource configuration in Cluvio. For the following databases the communication is always encrypted: Redshift, BigQuery, Snowflake, Athena and Databricks.

Firewall Setup

When using direct database connections, Cluvio's query executors connect to your database from specific IP addresses, depending on your Account Location (shown in Admin Settings). Your database firewall must allow inbound connections from these IP addresses to allow access.

To support a resilient setup that continues to work even during disaster recovery (DR) events, you must allow both the 3 primary IP addresses and the 3 disaster recovery IP addresses listed below.

EU:

# Primary IPs:
52.58.9.34
52.58.26.238
52.58.98.150

# Disaster Recovery IPs:
13.37.144.17
15.236.199.141
35.181.130.94

US:

# Primary IPs:
52.10.232.238
52.27.71.53
54.200.39.48

# Disaster Recovery IPs:
13.58.30.8
18.119.45.57
3.22.35.174

If your database is hosted on AWS (e.g., RDS, Redshift, or an EC2 instance), add the six relevant IP addresses (three primary + three disaster recovery) to the inbound rules of the database's Security Group.

Datasource Configuration

When you have set up your database server and the necessary firewall rules, you can configure your datasource. Open the datasource connection configuration and select Direct Connection as the connection mode.

image-600 image-600

Test your datasource connection by selecting Test Connection.