Enable External Access to a PostgreSQL Database
Introduction
This tutorial shows how to use a Network Load Balancer (NLB) to access a PostgreSQL database hosted in a private LAN within the IONOS Cloud. The database instances are connected to a private LAN; hence, NLB acts as a reverse proxy, forwarding traffic from a public IP address to the private IP address of the database. This setup lets you connect using your existing tools and workflows from outside the IONOS Cloud environment.
Overview
This tutorial demonstrates the use of the following:
Component
Description
Virtual Data Center (VDC)
Provides an isolated cloud environment to deploy the PostgreSQL database.
PostgreSQL Database
The database instance is running privately and is accessible only within the VDC's internal network.
NLB
Acts as a reverse proxy to route traffic from a public IP address to the private database.
Before You begin
To enable secure external access to a PostgreSQL database in the IONOS Cloud using an NLB, ensure you have the following configuration values:
Component
Value (Example)
Purpose
Public Listener IP
85.x.x.x
Public IP address assigned to the NLB.
Listener Port
5432
Port exposed on the NLB for PostgreSQL access.
Target Private IP
10.7.226.4
Internal IP address of the PostgreSQL database.
Target Port
5432
Port on which the database listens.
Protocol
TCP
Network protocol used by PostgreSQL.
LAN (Database Subnet)
LAN 1
Private LAN where the database is hosted.
NLB LANs
LAN 3 (Public), LAN 2 (Private)
LANs connected to the NLB—one for public access, one for internal routing.
Reserve IP Addresses
Execution
The configuration enables the NLB to forward external PostgreSQL traffic to your private database instance. The execution process is divided into the following steps:
Create an NLB
To create a Network Load Balancer that acts as a reverse proxy to connect to your PostgreSQL database, follow these steps:
1. In the DCD, open the data center where your PostgreSQL is already deployed.
2. Drag the Network Load Balancer element into the workspace.
3. In the Settings tab, configure the following:
Primary IPv4: Assign the public IP address reserved earlier to enable external access.
4. In the Forwarding rules tab, create a rule by providing the following information:
Name: A name for your forwarding rule.
Algorithm:
Round Robin.Protocol:
TCP.Listener IP: The public IP address.
Listener Port:
5432.
5. Select Create to create the forwarding rule.
Result: A forwarding rule is successfully created.
6. Select Add target to add targets for your forwarding rule and provide the following information:
Target IP: Internal IP address of the PostgreSQL database.
Target Port:
5432.Weight:
1.Proxy Protocol:
none.
7. Select Add Target to create the new target.
Result: A target is successfully created for your forwarding rule.
8. Provision your changes.
Result: The NLB has been successfully created. You can now access the PostgreSQL instance through the public IP address attached to the load balancer.
Verify connectivity
To confirm that the external connection to your PostgreSQL database is working, use a terminal or PostgreSQL client from your local system:
nc -vz <85.x.x.x> 5432Replace the following:
<85.x.x.x>with your public IP.
Result: You see the database is accepting connections.
Connection to 85.x.x.x 5432 port [tcp/postgresql] succeeded!
Summary
You have successfully configured secure external access to a Managed PostgreSQL database hosted in the IONOS Cloud by using an NLB. The NLB acts as a reverse proxy, forwarding traffic from a public IP address to the private database located in your VDC.
Last updated
Was this helpful?