Skip to main content

Using Gateway to Connect SQL Server Data Source

NineData supports accessing SQL Server data sources through a gateway, allowing you to connect SQL Server instances located in private or dedicated networks to NineData without exposing their public network addresses.

Prerequisites

  • The host where the gateway is deployed must be within the private network environment of the SQL Server data source and able to access the SQL Server through the internal network.
  • The host where the gateway is deployed must have access to the public network. If your host cannot access the public network and is within a local network, you can deploy a proxy gateway. For more information, please refer to Using Proxy Gateway.

Step 1: Deploy Gateway

This step is applicable to hosts that can access the public network. If your host cannot access the public network and is in the local area network, see Using Proxy Gateway to deploy the gateway.

  1. Log in to the NineData console on the host where the gateway needs to be deployed.

  2. In the left navigation pane, click >.

  3. Click in the upper right corner of the page.

  4. Configure the parameters based on the following table.

    ParameterDescription
    The name of the gateway. For easy searching and management, manual specification is supported.
    Select the operating system of the host where the gateway needs to be deployed, and the corresponding gateway installation method is displayed. The following operating systems are supported:
    • Windows(x86_64)
    • Linux(x86_64)
    • macOS
    Select the region closest to the host where the gateway is deployed to obtain relatively fast access speed.
    No configuration required.

  5. Install and configure the gateway on the host of the deployment end based on the installation method displayed below. After the configuration is completed, the connection diagram on the right side of the page changes from to .

  6. Click on , select the desired data source in the pop-up window, and proceed to Step 2.

Step 2: Connect to SQL Server data source

  1. On the page, configure the parameters according to the table below.

    ParameterDescription
    The name of the input data source. Please use a meaningful name for easy lookup and management.
    Select .
    Select the gateway ID deployed in Step 1.
    The access address and port of the SQL Server data source.
    • If SQL Server is installed on the local machine, enter localhost or 127.0.0.1 on the left side and the actual access port of SQL Server on the right side.
    • If SQL Server is installed on another host within the internal network, enter the internal IP of that host on the left side and the actual access port of SQL Server on the right side.
    Enter the login username of the SQL Server.
    Enter the login password of the SQL Server.
    Select the region closest to the location of your SQL Server host to effectively reduce network latency.
    Select according to the actual business purpose of the data source as an environment identifier for the data source. The default provides the and environments, and also supports you to create a custom environment.
    Note: In organization mode, the database environment can also be applied to permission policy management. For example, the default role only supports access to data sources in the environment and cannot access data sources in other environments. For more information, see Managing Roles.
    Specify whether to use SSL encryption for accessing the data source (enabled by default). If the data source requires an SSL encrypted connection, this switch must be enabled, otherwise the connection will fail.
    Click the switch on the right side to enable or disable encryption transmission. Click the > on the left side of to expand the detailed configuration.
    • (selected by default): When selected, the client will always trust the server certificate regardless of whether the certificate is issued by a trusted certificate authority. This makes the connection easier but also increases the risk of malicious attacks.
    • : If the SQL Server uses a certificate issued by a self-signed CA, this option needs to be selected, and the root certificate of the CA needs to be uploaded. NineData will verify the uploaded certificate, and if the certificate fails the verification, the connection will be rejected.
    • : Enter the hostname or domain name associated with the certificate issued by the CA organization, which is used to verify if the current connection's hostname matches the hostname in the certificate. If they do not match, the connection will be rejected to avoid Man-in-the-Middle Attack.
    Note: It is usually recommended to keep all configurations in this item at their default settings.

  2. After completing all the configurations, click on the located on the right side of to test if the data source can be accessed successfully. If you receive the prompt , you can click on to finish adding the data source. Otherwise, please recheck the connection settings until the connection test is successful.

Appendix: Using Proxy Gateway

If the host where the gateway needs to be deployed cannot access the public network, a proxy gateway is needed. You need to prepare two hosts in the same LAN that can access each other:

  • Host A: A host that can access the public network.
  • Host B: The host where the gateway needs to be deployed.

Create a gateway in Host A. The role of this gateway is to act as a proxy so that Host B can connect to the NineData server through the proxy.

Procedure

  1. Log in to the NineData console on Host A.

  2. In the left navigation bar, click > .

  3. Click in the upper right corner of the page.

  4. Configure the parameters according to the following table.

    ParameterDescription
    The name of the gateway, which can be manually specified for easy search and management.
    Select the operating system of the host where the gateway needs to be deployed, and the corresponding gateway installation method will be displayed. The following operating systems are supported:
    • Windows (x86_64)
    • Linux (x86_64)
    • macOS
    Select the region closest to the host where the gateway is deployed to obtain relatively fast access speed.
    No need to configure.

  5. Install and configure the gateway in Host A according to the installation method displayed below. After the configuration is completed, the connection diagram on the right side of the page will change from to .

  6. Click , and then click in the upper right corner of the page again.

  7. In , select the operating system of Host B.

  8. Click , select , and click the drop-down box below . Select the gateway created in Host A from the drop-down menu.

    tip

    At this point, the gateway process will automatically open a port on Host A for Host B's access. When the page prompts "xxx has enabled proxy function, port xxx", it means that the proxy gateway has been successfully opened.

  9. Install the gateway on Host B according to the installation steps displayed below.

  10. Wait for the connection diagram on the right side of the page to change from to .

  11. Click to enter Step 2.

Last updated on