Manage datasources

NineData supports adding data sources of various types in multiple environments with unified management console, providing Database DevOps, backup and recovery, data replication, database comparison and other functions for the data sources.

Prerequisite

Supported cloud vendors: Alibaba Cloud, Tencent Cloud, Huawei Cloud, AWS, China Mobile Cloud, Baidu Cloud
Supported data source: MySQL, SQL Server, PostgreSQL, KingBase, Oracle, Dameng, OceanBase Oracle, OceanBase MySQL, DB2, Redis, ClickHouse, MongoDB, Kafka, Elasticsearch, Doris, SelectDB, Greenplum, Redshift (AWS instance), GaussDB (Huawei Cloud Instance), DWS (Huawei Cloud Instance), openGauss, StarRocks, SingleStore, Sybase, TiDB, Hive, AnalyticDB for PostgreSQL (Alibaba Cloud Instance), GreatSQL, GBase, GaiaDB (Baidu Cloud Instance), GaiaDB-X (Baidu Cloud Instance)
To ensure smooth connectivity of the service, please first select the option on the page. Then, add the NineData service IP address located at the position in the diagram below to the allowlist of your server. For instructions on how to add a allowlist in a self-built database in the IDC, refer to Appendix 2. For adding a allowlist in cloud provider servers or databases, please refer to the official documentation of each respective cloud provider.
Please make sure you still have available data source quota, otherwise, you won't be able to input a new data source. You can quickly check the remaining quota on the NineData console page in the upper right corner.

Adding Self-Built Data Source

Log in to the NineData Console.
On the left navigation pane, click > .
Click tab, and click on the page. In the popup window for selecting the data source type, choose > (the type of data source to be added), and configure the parameters based on the table below on the page.
tip
If you make a mistake during the operation, you can click the icon at the top of the page to make a new selection.

Relational Databases

Parameter	Description
	Enter a name for the data source to facilitate future searching and management.
	Choose the connection method for the data source. Options include , , and SSH Tunnel. : Connect using a public network address. : Use NineData's secure and convenient intranet access method. You need to establish a connection to the host where the data source is located using the method described in adding a gateway. SSH Tunnel: Connect through an SSH tunnel.
Configuration under for	: Enter the public network connection address and port of the data source.
Configuration under for	: Choose the NineData gateway installed on the host where the data source is located. : You can use localhost (if the data source is on the same machine) or the internal IP of the data source's host.
Configuration under for SSH Tunnel	: Enter the public IP or domain name of the target server where the data source is located, along with the corresponding port number (default SSH port is 22). : Choose the authentication method for SSH. : Connect using (server's login name) and (server's login password). : Enter the login username for the target server where the data source is located. : Enter the login password for the target server where the data source is located. (recommended): Connect using and . : Enter the login username for the target server where the data source is located. : Click on to upload the private key file, which is the key file without an extension. If you haven't created it yet, see Generate SSH Tunnel Key File. : Enter the passphrase you set when generating the key file. If you didn't set a passphrase during key generation, leave this field blank. After configuring SSH, click on the right side of . You might get either of the following results: Success message : Indicates a successful SSH tunnel connection. Error message: Indicates a connection failure. Troubleshoot the issue based on the error message and retry. : You can use localhost (if the data source is on the same machine) or the internal IP of the data source's host.
	Choose the deployment architecture of MySQL. : MySQL database deployed on a standalone server, only require filling in one connection address and port. : MySQL database deployed with disaster recovery architecture, typically consists of one primary node and one or more disaster recovery nodes. You can click the button below to input addresses and ports of multiple nodes. : MySQL database deployed with read-write splitting architecture, typically consists of one write node (master node) and multiple read nodes (slave nodes). You can click the button below to input addresses and ports of multiple nodes.
	Username for the data source.
	Password for the data source.
	Choose the region closest to the location of your data source to reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.
	Whether to access the data source using SSL encryption (default enabled). If the data source enforces SSL encrypted connection, this switch must be turned on, otherwise the connection will fail. Click on the switch on the right to enable or disable encrypted transmission. Click on the > on the left of to expand detailed configurations. : Supports the following two options. : Automatically detects the SSL status of the server. If SSL is enabled on the server, it will prioritize an SSL connection. If SSL is not enabled on the server, it will use a non-SSL connection. : Always use SSL to connect to the data source. If the server does not support this method or cannot establish an SSL connection for other reasons, the connection will fail. : Specifies the SSL-Cipher encryption algorithm. : If the MySQL server uses a self-signed CA-issued certificate, upload the root certificate of that CA here. : Check to verify the server's name and IP address, etc., to ensure that you are connecting to the genuine MySQL server and to avoid Man-in-the-Middle Attacks. : If the MySQL server requires the client to provide a certificate, upload the client's certificate and key here. The MySQL server will verify the information you uploaded to ensure the security of the connection. Note: In most cases, if the MySQL server supports SSL encrypted connections, you only need to select , and no further configuration is needed. The system will automatically generate keys for you to establish a connection. For more SSL configuration methods, please refer to the official documentation: Configuring MySQL Encrypted Connections.

Parameter	Description
	Enter the name of the data source for easy identification and management. Use meaningful names whenever possible.
	Select the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source through a public network address. : NineData's secure and convenient intranet access method. Host the data source first, and refer to Add Gateway for access details. SSH Tunnel: Access the data source through an SSH tunnel.
Configuration when is set to	: Public connection address and port of the data source.
Configuration when is set to	: Select the NineData gateway installed on the host where the data source resides. : Can be set to localhost (data source on the same machine) or the internal IP of the host where the data source is located.
Configuration when is set to SSH Tunnel	: Enter the public IP or domain name of the target data source server and the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). : Enter the login username of the target data source server. : Enter the login password of the target data source server. (recommended): Connect using and . : Enter the login username of the target data source server. : Click on to upload the private key file, which is a key file without an extension. If you haven't created one yet, see Generate SSH Tunnel Key File. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, click on the right . You may get one of two results: Success message : Indicates the SSH Tunnel is established. Error message: Indicates connection failure. Troubleshoot the issue based on the error message and retry. : Can be set to localhost (data source on the same machine) or the internal IP of the host where the data source is located.
	Username for the data source.
	Password for the data source.
	Select the region closest to the location of your data source to effectively reduce network latency.
	Select based on the actual business purpose of the data source as an environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, the database environment can also be applied to role-based access control. For example, the default role only supports access to data sources in the environment and cannot access data sources in other environments. For more information, see Manage Roles.
	Whether to use SSL encryption when accessing the data source (default is on). If the data source requires SSL encryption, this switch must be turned on, or the connection will fail. Click the switch on the right to turn encryption transmission on or off. Click the > on the left of to expand detailed configurations. (default selected): If selected, the client will always trust the server certificate, regardless of whether it is issued by a trusted certificate authority. This makes the connection easier but increases the risk of malicious attacks. : If the SQL Server server uses a certificate issued by a self-signed CA, this option must be selected, and the root certificate of the CA must be uploaded. NineData will verify the uploaded certificate, and if it cannot be verified, the connection will be rejected. : Enter the hostname or domain associated with the certificate issued by the CA. This is used to verify whether the hostname of the current connection matches the hostname in the certificate. If they do not match, the connection is rejected to avoid Man-in-the-Middle Attacks. Note: In most cases, all configurations can be left at their default settings. For more information on SSL configuration, see the official documentation: Configure SQL Server Encrypted Connection.

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. : NineData's secure and efficient intranet access method. The data source's host needs to be connected. Refer to add gateway for the connection method. SSH Tunnel: Access the data source via SSH tunnel.
Configuration options for	: Public connection address and port of the data source.
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
	Enter the PostgreSQL login username.
	Enter the PostgreSQL login password.
	Choose the region closest to the location of your PostgreSQL host to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.
	Whether to use SSL encryption for accessing the data source (default off). If the data source requires SSL encryption, you must enable this switch, otherwise the connection will fail. Click the switch on the right to turn encryption on or off. Click the > on the left of to expand detailed configuration. : Supports the following four modes. Prefer: Automatically detect the SSL status of the server. Use SSL connection if the server has it, otherwise use non-SSL connection. Require: Always use SSL connection. If the server doesn't support this or connection fails for any reason, the connection will fail. Verify-CA: Upload CA certificate to verify server certificate issued by a trusted authority, preventing Man-in-the-Middle Attacks. Optionally, upload client user certificate and key to verify your identity and encrypt communication with the server. Verify-full: In addition to Verify-CA, checks whether the server certificate's subject (e.g., hostname, IP address) matches the actual connected server to ensure security. : Required for of Verify-CA or Verify-Full, specify the CA certificate to verify the server certificate. (optional): If the server requests client certificate, you must upload client certificate to verify your identity. includes user certificate (.pem) and key (.pk8). : If the uploaded client key file is password-protected, enter the password here. Leave it blank if no password was set. For more SSL configuration options, refer to the official documentation: Configure PostgreSQL SSL Connections.

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. : NineData's secure and efficient intranet access method. The data source's host needs to be connected. Refer to add gateway for the connection method. SSH Tunnel: Access the data source via SSH tunnel.
Configuration options for	: Public connection address, port, and SIDUsed to uniquely identify a specific Oracle database instance. (Service NameA logical identifier for identifying and accessing Oracle database instances, associated with a specific SID. By configuring different Service Names, multiple logical identifiers can be associated with the same database instance.).
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host, along with SID (Service Name).
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host, along with SID (Service Name).
	Enter the Oracle login username.
	Enter the Oracle login password.
	Select the role to use after logging in to Oracle. Default: Includes basic privileges for general database operations. SYSDBA: Has the highest privilege role with complete control over the database. SYSOPER: Includes specific database operation privileges, such as starting and stopping the database instance, backing up and recovering the database, etc.
	Choose the region closest to the location of your Oracle host to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	The name of the input data source for easy identification and management. Please use meaningful names whenever possible.
	Choose the data source's access method. It supports two methods: through or . : Access the data source through a public network address. : A secure and fast intranet access method provided by NineData. You need to first connect the host where the data source is located. For connection instructions, see Add Gateway.
Configuration options for selecting	: Public network connection address and port of the data source.
Configuration options for selecting	: Choose the NineData gateway installed on the host where the data source is located. : Can be set as localhost (if the data source is on the local machine) or the intranet IP and port of the data source's host.
	Enter the login username for OceanBase Oracle.
	Enter the login password for OceanBase Oracle.
	Choose the region closest to the location of your OceanBase Oracle host to reduce network latency effectively.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	Enter the name of the data source for easy identification and management. Please use a meaningful name.
	Select the access method for the data source. Supports three options: , , and SSH Tunnel. : Access the data source via a public address. : NineData's secure and convenient internal access method. The data source host needs to be connected first. See Adding a Gateway for the connection method. SSH Tunnel: Access the data source via an SSH tunnel.
Configuration for	: Public connection address and port of the data source.
DATABASE	Specify the name of the database to connect to.
Configuration for Selection of	: Select the NineData gateway installed on the host where the data source is located. : Can be set to localhost (if the data source is on the same machine) or the internal IP address of the host where the data source is located, along with the port.
Configuration for Selection of SSH Tunnel	: Enter the public IP address or domain name of the target data source server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (i.e., the server's login name) and (i.e., the server's login password). : Enter the login username of the target data source server. : Enter the login password of the target data source server. (recommended): Connect using and . : Enter the login username of the target data source server. : Click to upload the private key file, which is a key file without an extension. If you have not created it yet, see Generate SSH Tunnel Key File for instructions. : Enter the passphrase set during the key file generation. Leave this blank if you did not set a password during key generation. Note: After configuring SSH, click on the right. You may see two possible outcomes: : Indicates a successful SSH Tunnel connection. Error message prompt: Indicates a connection failure. Troubleshoot the issue based on the error message and retry. : Can be set to localhost (if the data source is on the same machine) or the internal IP address of the host where the data source is located, along with the port.
	Enter the login username for DB2.
	Enter the login password for DB2.
	Select the region closest to the location of your DB2 host to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	Enter a name for the data source to facilitate future searching and management.
	Choose the connection method for the data source. Options include , , and SSH Tunnel. : Connect using a public network address. : Use NineData's secure and convenient intranet access method. You need to establish a connection to the host where the data source is located using the method described in adding a gateway. SSH Tunnel: Connect through an SSH tunnel.
Configuration under for	: Enter the public network connection address and port of the data source.
Configuration under for	: Choose the NineData gateway installed on the host where the data source is located. : You can use localhost (if the data source is on the same machine) or the internal IP of the data source's host.
Configuration under for SSH Tunnel	: Enter the public IP or domain name of the target server where the data source is located, along with the corresponding port number (default SSH port is 22). : Choose the authentication method for SSH. : Connect using (server's login name) and (server's login password). : Enter the login username for the target server where the data source is located. : Enter the login password for the target server where the data source is located. (recommended): Connect using and . : Enter the login username for the target server where the data source is located. : Click on to upload the private key file, which is the key file without an extension. If you haven't created it yet, see Generate SSH Tunnel Key File. : Enter the passphrase you set when generating the key file. If you didn't set a passphrase during key generation, leave this field blank. After configuring SSH, click on the right side of . You might get either of the following results: Success message : Indicates a successful SSH tunnel connection. Error message: Indicates a connection failure. Troubleshoot the issue based on the error message and retry. : You can use localhost (if the data source is on the same machine) or the internal IP of the data source's host.
	Username for the data source.
	Password for the data source.
	Choose the region closest to the location of your data source to reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	Enter a name for the data source to facilitate future searching and management.
	Choose the connection method for the data source. Options include , , and SSH Tunnel. : Connect using a public network address. : Use NineData's secure and convenient intranet access method. You need to establish a connection to the host where the data source is located using the method described in adding a gateway. SSH Tunnel: Connect through an SSH tunnel.
Configuration under for	: Enter the public network connection address and port of the data source.
Configuration under for	: Choose the NineData gateway installed on the host where the data source is located. : You can use localhost (if the data source is on the same machine) or the internal IP of the data source's host.
Configuration under for SSH Tunnel	: Enter the public IP or domain name of the target server where the data source is located, along with the corresponding port number (default SSH port is 22). : Choose the authentication method for SSH. : Connect using (server's login name) and (server's login password). : Enter the login username for the target server where the data source is located. : Enter the login password for the target server where the data source is located. (recommended): Connect using and . : Enter the login username for the target server where the data source is located. : Click on to upload the private key file, which is the key file without an extension. If you haven't created it yet, see Generate SSH Tunnel Key File. : Enter the passphrase you set when generating the key file. If you didn't set a passphrase during key generation, leave this field blank. After configuring SSH, click on the right side of . You might get either of the following results: Success message : Indicates a successful SSH tunnel connection. Error message: Indicates a connection failure. Troubleshoot the issue based on the error message and retry. : You can use localhost (if the data source is on the same machine) or the internal IP of the data source's host.
	Username for the data source.
	Password for the data source.
	Choose the region closest to the location of your data source to reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	Enter a name for the data source to facilitate future searching and management.
	Choose the connection method for the data source. Options include , , and SSH Tunnel. : Connect using a public network address. : Use NineData's secure and convenient intranet access method. You need to establish a connection to the host where the data source is located using the method described in adding a gateway. SSH Tunnel: Connect through an SSH tunnel.
Configuration under for	: Enter the public network connection address and port of the data source.
Configuration under for	: Choose the NineData gateway installed on the host where the data source is located. : You can use localhost (if the data source is on the same machine) or the internal IP of the data source's host.
Configuration under for SSH Tunnel	: Enter the public IP or domain name of the target server where the data source is located, along with the corresponding port number (default SSH port is 22). : Choose the authentication method for SSH. : Connect using (server's login name) and (server's login password). : Enter the login username for the target server where the data source is located. : Enter the login password for the target server where the data source is located. (recommended): Connect using and . : Enter the login username for the target server where the data source is located. : Click on to upload the private key file, which is the key file without an extension. If you haven't created it yet, see Generate SSH Tunnel Key File. : Enter the passphrase you set when generating the key file. If you didn't set a passphrase during key generation, leave this field blank. After configuring SSH, click on the right side of . You might get either of the following results: Success message : Indicates a successful SSH tunnel connection. Error message: Indicates a connection failure. Troubleshoot the issue based on the error message and retry. : You can use localhost (if the data source is on the same machine) or the internal IP of the data source's host.
	Username for the data source.
	Password for the data source.
	Choose the region closest to the location of your data source to reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	Enter the name of the data source. To facilitate subsequent searching and management, please use a meaningful name.
	Choose the method to connect to the data source. Three methods are supported: , , and SSH Tunnel. : Connect to the data source via a public address. : A secure and fast intranet access method provided by NineData. To use this, you must first connect the host where the data source is located. See Add Gateway for the connection method. SSH Tunnel: Connect to the data source via an SSH tunnel.
Configuration options for when selecting	: The public connection address and port of the data source.
Configuration options for when selecting	: Select the NineData gateway installed on the host where the data source is located. : This can be written as localhost (if the data source is on the same machine) or the internal IP of the host where the data source is located.
Configuration options for when selecting SSH Tunnel	: Enter the public IP or domain name of the server where the target data source is located, and the corresponding port number (the default port for SSH service is 22). : Choose the authentication method for SSH. : Connect using (the server's login name) and (the server's login password). : Enter the login username of the server where the target data source is located. : Enter the login password of the server where the target data source is located. (recommended): Connect using and . : Enter the login username of the server where the target data source is located. : Click to upload the private key file, which is a key file without a suffix. If you have not created one yet, see Generate SSH Tunnel Key File. : Enter the password set when generating the key file. If you did not set a password during the key generation process, leave this field blank. Note: After configuring SSH, you need to click on the right. You may encounter the following two results: Prompt : Indicates that the SSH Tunnel has been successfully established. Error message: Indicates a connection failure. You need to troubleshoot the error based on the prompt and try again. : This can be written as localhost (if the data source is on the same machine) or the internal IP of the host where the data source is located.
	Choose the deployment architecture of the data source. : A standalone database that requires only one connection address and port. : A disaster recovery architecture database, usually consisting of a primary node and one or more disaster recovery nodes. You can click the button below to add multiple node addresses and ports. : A read-write separation architecture database, usually consisting of a write node (primary node) and multiple read nodes (replicas). You can click the button below to add multiple node addresses and ports.
	The username of the data source.
	The password of the data source.
	Choose the region closest to your data source location to effectively reduce network latency.
	Select based on the actual business use of this data source as the environment identifier of the data source. The default environments provided are and , and it also supports you creating a custom environment. Note: In Organization Mode, the database environment can also be used for permission policy management. For example, the default role can only access data sources in the environment and cannot access data sources in other environments. For more information, see Manage Roles.
	Whether to use SSL encryption to access the data source (enabled by default). If the data source enforces SSL encrypted connections, this switch must be turned on, otherwise the connection will fail. Click the switch on the right to enable or disable encrypted transmission. Click the > to the left of to expand detailed configurations. : Supports the following two methods. : Automatically detect the SSL status of the server. If the server has SSL enabled, it will prioritize connecting via SSL. If the server does not have SSL enabled, it will connect without SSL. : Always connect to the data source using SSL. If the server does not support this method or cannot establish an SSL connection for other reasons, the connection will fail. : Specify the SSL-Cipher encryption algorithm. : If the server uses a self-signed CA certificate, you need to upload the root certificate of the CA here. : Check this to verify the server's name and IP address to ensure that you are connecting to the actual server, avoiding man-in-the-middle attacks. : If the server requires the client to provide a certificate, you need to upload the client's certificate and key here. The server will verify the information you upload to ensure the security of the connection. Note: Usually, if the server supports SSL encrypted connections, you only need to select , and no other options need to be configured. The system will automatically generate a key for the connection.

Parameter	Description
	Enter the name of the data source. To facilitate subsequent searching and management, please use a meaningful name.
	Choose the method to connect to the data source. Three methods are supported: , , and SSH Tunnel. : Connect to the data source via a public address. : A secure and fast intranet access method provided by NineData. To use this, you must first connect the host where the data source is located. See Add Gateway for the connection method. SSH Tunnel: Connect to the data source via an SSH tunnel.
Configuration options for when selecting	: The public connection address and port of the data source.
Configuration options for when selecting	: Select the NineData gateway installed on the host where the data source is located. : This can be written as localhost (if the data source is on the same machine) or the internal IP of the host where the data source is located.
Configuration options for when selecting SSH Tunnel	: Enter the public IP or domain name of the server where the target data source is located, and the corresponding port number (the default port for SSH service is 22). : Choose the authentication method for SSH. : Connect using (the server's login name) and (the server's login password). : Enter the login username of the server where the target data source is located. : Enter the login password of the server where the data source is located. (recommended): Connect using and . : Enter the login username of the server where the target data source is located. : Click to upload the private key file, which is a key file without a suffix. If you have not created one yet, see Generate SSH Tunnel Key File. : Enter the password set when generating the key file. If you did not set a password during the key generation process, leave this field blank. Note: After configuring SSH, you need to click on the right. You may encounter the following two results: Prompt : Indicates that the SSH Tunnel has been successfully established. Error message: Indicates a connection failure. You need to troubleshoot the error based on the prompt and try again. : This can be written as localhost (if the data source is on the same machine) or the internal IP of the host where the data source is located.
	Choose the deployment architecture of the data source. : A standalone database that requires only one connection address and port. : A disaster recovery architecture database, usually consisting of a primary node and one or more disaster recovery nodes. You can click the button below to add multiple node addresses and ports. : A read-write separation architecture database, usually consisting of a write node (primary node) and multiple read nodes (replicas). You can click the button below to add multiple node addresses and ports.
	The username of the data source.
	The password of the data source.
	Choose the region closest to your data source location to effectively reduce network latency.
	Select based on the actual business use of this data source as the environment identifier of the data source. The default environments provided are and , and it also supports you creating a custom environment. Note: In Organization Mode, the database environment can also be used for permission policy management. For example, the default role can only access data sources in the environment and cannot access data sources in other environments. For more information, see Manage Roles.
	Whether to use SSL encryption to access the data source (enabled by default). If the data source enforces SSL encrypted connections, this switch must be turned on, otherwise the connection will fail. Click the switch on the right to enable or disable encrypted transmission. Click the > to the left of to expand detailed configurations. : Supports the following two methods. : Automatically detect the SSL status of the server. If the server has SSL enabled, it will prioritize connecting via SSL. If the server does not have SSL enabled, it will connect without SSL. : Always connect to the data source using SSL. If the server does not support this method or cannot establish an SSL connection for other reasons, the connection will fail. : Specify the SSL-Cipher encryption algorithm. : If the server uses a self-signed CA certificate, you need to upload the root certificate of the CA here. : Check this to verify the server's name and IP address to ensure that you are connecting to the actual server, avoiding man-in-the-middle attacks. : If the server requires the client to provide a certificate, you need to upload the client's certificate and key here. The server will verify the information you upload to ensure the security of the connection. Note: Usually, if the server supports SSL encrypted connections, you only need to select , and no other options need to be configured. The system will automatically generate a key for the connection.

NoSQL Databases

Redis
MongoDB

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Select the deployment type of your Redis database. : Standalone deployment. : High availability solution based on master-slave replication. In sentinel mode, there are multiple Redis instances and several sentinel processes in the system. If the master node fails, a sentinel will automatically promote one of the slave nodes to be the new master, ensuring high availability of the system. : Data is distributed across multiple nodes in the cluster, with automatic data sharding and migration between nodes. Each node is responsible for processing a portion of the data, providing high performance and availability.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. (not supported for and ): Secure and efficient intranet access method provided by NineData. The host of the data source needs to be connected. Refer to add gateway for the connection method. SSH Tunnel (not supported for and ): Access the data source via SSH tunnel.
Configuration options for	: Public connection address and port of the data source. : Specify the name of the master node to be monitored in the sentinel configuration using the `master-name` parameter. : In sentinel mode, addresses and ports of the sentinel processes, which monitor the status of master and slave nodes. Sentinels take corresponding measures in case of failures or the need for failover. Click to add multiple sentinel nodes. : In cluster mode, addresses and ports of all Redis nodes. Click to add multiple Redis nodes. Add all nodes here, as missing nodes may result in the inability to perform certain cluster-related operations.
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
	Username of the data source. For some older versions of instances from certain cloud providers, there may be authentication issues. If you have confirmed that the account password is correct but still receive authentication failures, please leave this field blank. Instead, try entering the username and password in the `<username>@<password>` or `<username>:<password>` format (formats may vary for different cloud providers) in the field. For example: `example_user@abcdefg` or `example_user:abcdefg`.
	Password of the data source.
	Choose the region closest to the location of your data source to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.
	Whether to use SSL encryption when accessing the data source (default is off). If the data source requires a mandatory SSL encrypted connection, this switch must be turned on; otherwise, the connection will fail. Click the switch on the right to enable or disable encrypted transmission. Click the > on the left of to expand detailed configurations. : Supports the following two options. : Automatically detects the SSL status of the server. If the server has SSL enabled, it will prioritize an SSL connection. If the server does not have SSL enabled, it will use a non-SSL connection. : Always use SSL to connect to the data source. If the server does not support this method or cannot establish an SSL connection for other reasons, the connection will fail. : If the server uses a self-signed CA-issued certificate, upload the root certificate of the CA here. : If the server requires the client to provide a certificate, upload the client's certificate and key here. The MySQL server will verify the information you upload to ensure the security of the connection. For more SSL configuration methods, please refer to the official documentation: Configuring Redis Encrypted Connections.

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Select the deployment architecture of your MongoDB data source. Three architectures are supported: : Enter the connection address and port number of the standalone MongoDB database. : Enter the connection addresses and port numbers of the primary and secondary nodes. Click to add multiple connection address input boxes. : Enter the connection addresses and port numbers of the mongos nodes. To ensure stable connections, it is recommended to enter all mongos nodes. Click to add multiple connection address input boxes.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. : Secure and efficient intranet access method provided by NineData. The host of the data source needs to be connected. Refer to add gateway for the connection method. SSH Tunnel : Access the data source via SSH tunnel.
Configuration options for	: Public connection address and port of the data source.
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
	Choose the deployment architecture type of MongoDB. : Standalone deployment architecture, only requires filling in one connection address and port. : Replica set deployment architecture, typically consists of one primary node and multiple secondary nodes. You can click the button below to input addresses and ports of multiple nodes. : Sharded cluster deployment architecture, composed of one or more shard nodes (mongos). You can click the button below to input addresses and ports of multiple shard nodes (mongos).
Read Preference	is optional when is set. Configure which node to distribute read traffic to. Default: Default configuration, read traffic will be distributed to the Primary node. Primary: Distribute read traffic to the Primary node. Primary Preferred: When the Primary node is available, distribute read traffic to the Primary node; otherwise, distribute to other available nodes. Secondary: Distribute read traffic to the Secondary node. Secondary Preferred: When the Secondary node is available, distribute read traffic to the Secondary node; otherwise, distribute to other available nodes. Nearest: Automatically determine the nearest node and distribute read traffic to it.
	The authentication database name your account belongs to, default is `admin`.
	Username of the data source.
	Password of the data source.
	Choose the region closest to the location of your data source to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.
	Whether to use SSL encryption to access the data source. If the data source enforces SSL encryption, you must enable this switch, otherwise the connection will fail. Refer to the official documentation for SSL configuration: Configure MongoDB SSL Connection.

Data Warehouse

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. : Secure and efficient intranet access method provided by NineData. The host of the data source needs to be connected. Refer to add gateway for the connection method. SSH Tunnel : Access the data source via SSH tunnel.
Configuration options for	: Public connection address and port of the data source.
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
	Username of the data source.
	Password of the data source.
	Choose the region closest to the location of your data source to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.
	Whether to use SSL encryption to access the data source. If the data source enforces SSL encryption, you must enable this switch, otherwise the connection will fail. Refer to the official documentation for SSL configuration: Configure ClickHouse SSL Connection.

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. : Secure and efficient intranet access method provided by NineData. The host of the data source needs to be connected. Refer to add gateway for the connection method. SSH Tunnel : Access the data source via SSH tunnel.
Configuration options for	: Enter the public connection address and port number of the data source.
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry.
	Data source username.
	Data source password.
	Choose the region closest to the location of your data source to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. : Secure and efficient intranet access method provided by NineData. The host of the data source needs to be connected. Refer to add gateway for the connection method. SSH Tunnel : Access the data source via SSH tunnel.
Configuration options for	: Enter the public connection address and port number of the data source.
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry.
	Data source username.
	Data source password.
	Choose the region closest to the location of your data source to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. : Secure and efficient intranet access method provided by NineData. The host of the data source needs to be connected. Refer to add gateway for the connection method. SSH Tunnel : Access the data source via SSH tunnel.
Configuration options for	: Enter the public connection address and port number of the data source.
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry.
	Data source username.
	Data source password.
	Choose the region closest to the location of your data source to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. : Secure and efficient intranet access method provided by NineData. The host of the data source needs to be connected. Refer to add gateway for the connection method. SSH Tunnel : Access the data source via SSH tunnel.
Configuration options for	: Enter the public connection address and port number of the data source.
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry.
	Data source username.
	Data source password.
	Choose the region closest to the location of your data source to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	Enter a name for the data source to facilitate future searching and management.
	Choose the connection method for the data source. Options include , , and SSH Tunnel. : Connect using a public network address. : Use NineData's secure and convenient intranet access method. You need to establish a connection to the host where the data source is located using the method described in adding a gateway. SSH Tunnel: Connect through an SSH tunnel.
Configuration under for	: Enter the public network connection address and port of the data source.
Configuration under for	: Choose the NineData gateway installed on the host where the data source is located. : You can use localhost (if the data source is on the same machine) or the internal IP of the data source's host.
Configuration under for SSH Tunnel	: Enter the public IP or domain name of the target server where the data source is located, along with the corresponding port number (default SSH port is 22). : Choose the authentication method for SSH. : Connect using (server's login name) and (server's login password). : Enter the login username for the target server where the data source is located. : Enter the login password for the target server where the data source is located. (recommended): Connect using and . : Enter the login username for the target server where the data source is located. : Click on to upload the private key file, which is the key file without an extension. If you haven't created it yet, see Generate SSH Tunnel Key File. : Enter the passphrase you set when generating the key file. If you didn't set a passphrase during key generation, leave this field blank. After configuring SSH, click on the right side of . You might get either of the following results: Success message : Indicates a successful SSH tunnel connection. Error message: Indicates a connection failure. Troubleshoot the issue based on the error message and retry. : You can use localhost (if the data source is on the same machine) or the internal IP of the data source's host.
	Username for the data source.
	Password for the data source.
	Choose the region closest to the location of your data source to reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.

Parameter	Description
	Enter the name of the data source for easy identification and management. Please use meaningful names whenever possible.
	Choose the connection method for the data source. Supports three methods: : Connect to the data source via the public address. : NineData's secure and convenient intranet access method. The host where the data source resides needs to be connected first. For connection instructions, see Adding a Gateway. SSH Tunnel: Connect to the data source via an SSH tunnel.
Configuration when selecting for	: The public connection address and port of the data source. Clicking on will display the section, where you can enter HDFS connection information. Once entered, data interaction between NineData and Hive will bypass Hive, greatly improving data exchange rates.
Configuration when selecting for	: Select the NineData gateway installed on the host where the data source resides. : Can be written as localhost (data source is on the local machine) or the internal IP of the host where the data source resides. Clicking on will display the section, where you can enter HDFS connection information. Once entered, data interaction between NineData and Hive will bypass Hive, greatly improving data exchange rates.
Configuration when selecting SSH Tunnel for	: Enter the public IP or domain name of the target data source server, along with the corresponding port number (the default port for SSH service is 22). : Choose the authentication method for SSH. : Connect using (the username of the server) and (the password of the server). : Enter the username of the server where the target data source resides. : Enter the password of the server where the target data source resides. (recommended): Connect using and . : Enter the username of the server where the target data source resides. : Click to upload the private key file, which is a key file without an extension. If you haven't created one yet, see Generating SSH Tunnel Key Files. : Enter the passphrase set during key file generation. If no passphrase was set during key generation, leave this field blank. Note: After SSH configuration, click on the right. You may see one of two results: Success message : Indicates that the SSH tunnel is successfully established. Error message: Indicates connection failure. Troubleshoot the issue based on the error message and try again. : Can be written as localhost (data source is on the local machine) or the internal IP of the host where the data source resides. Clicking on will display the section, where you can enter HDFS connection information. Once entered, data interaction between NineData and Hive will bypass Hive, greatly improving data exchange rates.
	Choose the authentication method for connecting to Hive. : No authentication, connect directly. Kerberos: If Kerberos authentication is enabled in Hive, this option must be selected. After selection, you also need to enter and upload and .
	Choose the region closest to your data source to effectively reduce network latency.
	Choose the environment identifier for the data source based on its actual business purpose. Default options include and . You can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports access to data sources in the environment and cannot access data sources in other environments. For more information, see Managing Roles.

Other Databases

Kafka
Elasticsearch

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. : Secure and efficient intranet access method provided by NineData. The host of the data source needs to be connected. Refer to add gateway for the connection method. SSH Tunnel : Access the data source via SSH tunnel.
Configuration options for	Broker List: Kafka cluster composed of multiple broker connection addresses. Each broker is an independent Kafka server instance. Enter the public connection address and port number of the Kafka data source below. If there are multiple brokers, click to continue filling in.
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. Broker List: Enter the intranet connection address and port number of the Kafka data source. Broker can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry. Broker List: Enter the intranet connection address and port number of the Kafka data source. Broker can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
	Choose the authentication mode for Kafka. PLAINTEXT: No authentication required, data is transmitted in plain text. Typically used in development and testing environments. SASL/PLAIN (default): SASL-based authentication method that requires a username and password. Data is transmitted in plain text. Recommended for use on encrypted networks. SASL/SCRAM-SHA-256: SASL-based authentication method that requires a username and password. Passwords are hashed using the SHA-256 algorithm for added security. SASL/SCRAM-SHA-512: SASL-based authentication method that requires a username and password. Passwords are hashed using the SHA-512 algorithm for higher security.
	Kafka username.
	Kafka password.
	Choose the region closest to the location of your data source to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.
	Whether to access the data source using SSL encryption (default off). If the data source enforces SSL encrypted connections, this switch must be turned on, otherwise the connection will fail. Click on the > on the left of to expand the detailed configuration: Trust Store: Trusted certificates issued by the CA organization, i.e., the server certificate. This certificate is used to verify the identity of the server, ensuring that the Kafka server you are connecting to is trusted. Trust Store Password: Password protecting the Trust Store certificate. Key Store: Certificate used to verify the user's identity, i.e., the client certificate. This certificate ensures that the user connecting to Kafka is a trusted user. Key Store Password: Password protecting the Key Store certificate. For SSL configuration methods, please refer to the official documentation: Configuring Kafka Encrypted Connections.

Parameter	Description
	Enter the name of the input data source. Please use a meaningful name for easy future lookup and management.
	Choose the access method for the data source. Supports three methods: , , and SSH Tunnel. : Access the data source via public IP address. : Secure and efficient intranet access method provided by NineData. The host of the data source needs to be connected. Refer to add gateway for the connection method. SSH Tunnel : Access the data source via SSH tunnel.
Configuration options for	: Enter the public connection address and port number of the data source.
Configuration options for	: Choose the NineData gateway installed on the host where the data source resides. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
Configuration options for SSH Tunnel	: Enter the public IP or domain name of the target data source's server, along with the corresponding port number (default port for SSH service is 22). : Choose the SSH authentication method. : Connect using (server login name) and (server login password). (recommended): Connect using and . : Enter the login username of the target data source's server. : Upload the private key file by clicking . This is the key file without an extension. If you haven't created it yet, refer to generate SSH Tunnel key file. : Enter the passphrase set during key file generation. Leave it blank if no passphrase was set during key generation. Note: After configuring SSH, you need to click the on the right. Two outcomes are possible: prompt: Indicates the successful establishment of the SSH Tunnel. Error message prompt: Indicates connection failure. Troubleshoot the issue based on the error message and retry. : Can be set as localhost (data source is on the local machine) or the intranet IP of the data source's host.
	Data source username.
	Data source password.
	Choose the region closest to the location of your data source to effectively reduce network latency.
	Select the actual business purpose of this data source as the environmental identifier. Default options include and , and you can also create custom environments. Note: In organization mode, database environments can also be applied to permission policy management. For example, the default role only supports accessing data sources in the environment and cannot access data sources in other environments. For more information, see manage roles.
	Choose whether to use SSL encryption for accessing the data source (default: off). If the data source requires SSL encryption, you must enable this option, otherwise the connection will fail. Click the switch on the right to toggle encryption on or off. Click on the left of to expand detailed configuration, then click to upload the CA Cert certificate. For more SSL configuration methods, refer to the official documentation: Configure Elasticsearch encrypted connections.

Once all configurations are complete, click the button on the right side of to test whether the data source can be accessed properly. If the prompt shows , click to finish adding the data source. If not, please review the connection settings until the connection test succeeds.