A network load balancer enables you to connect to a DB system over the
internet. It is a security risk to make the DB system accessible over the internet. Restrict
the authorized public IP addresses to a single IP address or a small range of IP addresses,
and use in-transit encryption. It is recommended to use a VPN connection.
Connecting to a DB System
Use the network load balancer to connect to the DB system over the internet.
Using the Console
Use the Console to create a network load balancer that enables you to
connect to a DB system over the internet.
Do the following to connect to a DB system over the internet, that is, using
a public IP address:
- Create a network load balancer to redirect traffic to the DB system.
See Creating a Network Load Balancer.
- Configure the backend of the load balancer to route traffic to the DB
system. See Configuring the Backend of the Network Load Balancer.
Do not add more than one DB system in the
backend of the load balancer. Writing data to multiple backends results in
having inconsistent data across DB systems. If you need public access to more DB
systems, create one load balancer for each DB system.
- Add ingress rules to the public security list of your VCN to allow
traffic to the MySQL port. See Adding Ingress Rules.
If the DB system is in a different subnet, add
ingress rules to that subnet. You can view the subnet of your DB system in the
DB System Details page. Also, ensure you configure Source CIDR
to include the load balancer IP address and specify the correct port in
Destination Port Range.
- Connect to your DB system using the public IP address of the network
load balancer using a command-line client such as MySQL Shell:
mysqlsh <UserName>@<NLBPublicIPAddress>
Optionally,
you can add another listener and backend to the MySQL X Protocol port. The
default port is 33060. Configure an equivalent listener, backend, and security
rules for the X Protocol port.
Creating a Network Load
Balancer
A network load balancer redirects traffic to the DB system.
Using the Console
Use the Console to create a network load balancer.
- Open the navigation menu, select Networking, and then select Load
Balancers.
- Choose your compartment from the List Scope.
- Click Create Load Balancer, select Network Load Balancer, and
then click Create Load Balancer.
- In the Create Network Load Balancer panel, on the Add Details
section, provide the following details:
- Load Balancer Name: Specify a name for the load
balancer.
- Choose Visibility Type: Select Public.
- Assign a public IP address: Select Reserved IPv4
Address, and select one of the following:
- Select existing reserved IP address: Select
an existing reserved IP address.
- Create new reserved IP address: Create new
reserved IP address from one of your IP address pools.
- Choose Networking:
- Virtual Cloud Network in <Compartment>: Select the same VCN
as your DB system. You can view the VCN details in the DB
System Details page.
- Subnet in <Compartment>: Select the
public subnet. The subnet need not be same as the DB
system. If you have used the VCN Wizard to create the VCN, the
traffic routes from the public subnet to the private
subnet.
- Click Next.
- Configure Listener:
- Listener Name: Specify a listener name.
- Specify The Type Of Traffic Your Listener Handles: Select
TCP.
- Ingress Traffic Port: Select Specify the
port. The default MySQL protocol port is 3306. Optionally, you can
later create an additional listener to another port such as 33060 for
the MySQL X protocol. Confirm that you have equivalent listener,
backend, and security rules configured to the X protocol port.
- Click Next.
- Choose Backends:
- Backend Set Name: Specify a backend set name.
- Select Backend Servers:
- Add Backends: Do not add backend servers.
- Preserve Source IP: Select the check
box.
- Specify Health Check Policy:
- Protocol: Select TCP.
- You do not need to change the default value of other
fields.
- Click Next.
- Review your settings, and click Create Network Load Balancer.
- Once the network load balancer is created, ensure that the Overall
Health and Backend Sets Health is OK (green).
Configuring the Backend of the
Network Load Balancer
Configure the backend of the network load balancer to route traffic to the
DB system. Do not add more than one DB system in the backend of the load balancer. Writing
data to multiple backends results in having inconsistent data across DB systems. If you need
public access to more DB systems, create one load balancer for each DB system.
Using the Console
Use the Console to configure the backend of the load balancer.
- Open the navigation menu, select Networking, and then select Load
Balancers.
- Choose your compartment from the List Scope.
- From the list of load balancers, click the name of your load balancer to open
the Load Balancer Details page.
- In the Load Balancer Details page, under Resources, click
Backend Sets.
- Click the name of the your backend set to open the Backend Sets
page.
- Under Resources, click Backends.
- Click Add Backends.
- In the Add Backends panel, provide the following information:
- Backend Type: Select IP Addresses.
- IP Address: Specify the private IP address of the DB
system. You can find the private IP address of the DB system and the
port details under Endpoint section of the DB System
Details page.
- Port: Specify the MySQL port. The default port is
3306.
Note
- Click Add Backends.