Databases

Learn to connect and manage databases.

MariaDB

Humanitec has integrated support for both hosted PostgreSQL solutions (like Google CloudSQL, Aiven, Amazon RDS, etc), and self-managed deployments.

Google CloudSQL

Google CloudSQL uses a slightly different Humanitec Driver to other MariaDB providers, but this is transparent outside the resource definitions.

Prerequisites

  • You must have a CloudSQL instance running
  • You must have a Service Account with the Cloud SQL Client role
  • You must create a key for this service account in JSON format. See Google’s account keys documentation for more information. The access key must use the GCP Console/gcloud format (i.e., the first example in the linked documentation)
  • You must have the CloudSQL Admin API enabled for your project
  • You must have a user defined on the instance for Workloads to use when connecting to the database

Add A GCP Account

To integrate a CloudSQL account you need to add a Cloud Account (if you haven’t already).

  1. From the Cloud Accounts screen, click Google Cloud Platform in the Add accounts section
  2. In the modal dialog provide a unique name for the account in the Account name field
  3. In the Service account access key(JSON) field paste the account key for the service account that you wish to use
  4. Click Authorize

Add The Resource Definition

  1. From the Resource Management screen, click Add resource definition
  2. In the modal dialog click MariaDB
  3. Next, select the mariadb-cloudsql Driver
  4. Finally, provide the following information, then click Add progress
    1. In the ID field provide a unique ID for the resource
    2. In the Credentials field select the Cloud Account you created earlier
    3. In the Fully qualified CloudSQL instance name provide the instance name in the format <project-id>:<region>:<id>
    4. If the maintenance database name is not mariadb provide that in the Database name field
    5. In the User / Role and Password fields provide the credentials that Workloads should use when connecting to the database

Resource Matching

Now that the resource is defined you will need to add matching criteria.

  1. Click on the relevant row in the Resource Definition table
  2. Then switch to the Matching Criteria tab
  3. Click Add new Criteria
  4. Configure the matching rules as needed,
  5. Click Save

Other MariaDB

Unlike Google CloudSQL, most mariadb implementations use a single shared Driver.

Prerequisites

  • You must have a database instance/server running
  • If you are using a hosted MariaDB it is recommended provide a management service account with Database CRUD permissions. You will need to add this account via the Cloud Accounts screen
  • You must have a user defined on the instance for Workloads to use when connecting to the database

Add The Resource Definition

  1. From the Resource Management screen, click Add resource definition
  2. In the modal dialog click MariaDB
  3. Next, select the mariadb-cloudsql Driver
  4. Finally, provide the following information, then click Add progress
    1. In the ID field provide a unique ID for the resource
    2. (If you are using a management account) in the Credentials field select the Cloud Account you created earlier
    3. In the Fully qualified CloudSQL instance name provide the instance name in the format <project-id>:<region>:<id>
    4. In the User / Role and Password fields provide the credentials that Workloads should use when connecting to the database
    5. In the Hostname or IP field provide the Hostname or IP address that the Workloads can access the database on
    6. In the Port field provide the port number that the database is running on

Resource Matching

Now that the resource is defined you will need to add matching criteria.

  1. Click on the relevant row in the Resource Definition table
  2. Then switch to the Matching Criteria tab
  3. Click Add new Criteria
  4. Configure the matching rules as needed,
  5. Click Save

MySQL

Humanitec has integrated support for both hosted MySQL solutions (like Google CloudSQL, Aiven, Amazon RDS, etc), and self-managed deployments.

Google CloudSQL

Google CloudSQL uses a slightly different Humanitec Driver to other MySQL providers, but this is transparent outside the resource definitions.

Prerequisites

  • You must have a CloudSQL instance running
  • You must have a Service Account with the Cloud SQL Client role
  • You must create a key for this service account in JSON format. See Google’s account keys documentation for more information. The access key must use the GCP Console/gcloud format (i.e., the first example in the linked documentation)
  • You must have the CloudSQL Admin API enabled for your project
  • You must have a user defined on the instance for Workloads to use when connecting to the database

Add A GCP Account

To integrate a CloudSQL account you need to add a Cloud Account (if you haven’t already).

  1. From the Cloud Accounts screen, click Google Cloud Platform in the Add accounts section
  2. In the modal dialog provide a unique name for the account in the Account name field
  3. In the Service account access key(JSON) field paste the account key for the service account that you wish to use
  4. Click Authorize

Add The Resource Definition

  1. From the Resource Management screen, click Add resource definition
  2. In the modal dialog click MySQL
  3. Next, select the mysql-cloudsql Driver
  4. Finally, provide the following information, then click Add progress
    1. In the ID field provide a unique ID for the resource
    2. In the Credentials field select the Cloud Account you created earlier
    3. In the Fully qualified CloudSQL instance name provide the instance name in the format <project-id>:<region>:<id>
    4. If the maintenance database name is not mysql provide that in the Database name field
    5. In the User / Role and Password fields provide the credentials that Workloads should use when connecting to the database

Resource Matching

Now that the resource is defined you will need to add matching criteria.

  1. Click on the relevant row in the Resource Definition table
  2. Then switch to the Matching Criteria tab
  3. Click Add new Criteria
  4. Configure the matching rules as needed,
  5. Click Save

Other MySQL

Unlike Google CloudSQL, most mysql implementations use a single shared Driver.

Prerequisites

  • You must have a database instance/server running
  • If you are using a hosted MySQL it is recommended provide a management service account with Database CRUD permissions. You will need to add this account via the Cloud Accounts screen
  • You must have a user defined on the instance for Workloads to use when connecting to the database

Add The Resource Definition

  1. From the Resource Management screen, click Add resource definition
  2. In the modal dialog click MySQL
  3. Next, select the mysql-cloudsql Driver
  4. Finally, provide the following information, then click Add progress
    1. In the ID field provide a unique ID for the resource
    2. (If you are using a management account) in the Credentials field select the Cloud Account you created earlier
    3. In the Fully qualified CloudSQL instance name provide the instance name in the format <project-id>:<region>:<id>
    4. In the User / Role and Password fields provide the credentials that Workloads should use when connecting to the database
    5. In the Hostname or IP field provide the Hostname or IP address that the Workloads can access the database on
    6. In the Port field provide the port number that the database is running on

Resource Matching

Now that the resource is defined you will need to add matching criteria.

  1. Click on the relevant row in the Resource Definition table
  2. Then switch to the Matching Criteria tab
  3. Click Add new Criteria
  4. Configure the matching rules as needed,
  5. Click Save

PostgreSQL

Humanitec has integrated support for both hosted PostgreSQL solutions (like Google CloudSQL, Aiven, Amazon RDS, etc), and self-managed deployments.

Google CloudSQL

Google CloudSQL uses a slightly different Humanitec Driver to other Postgres providers, but this is transparent outside the resource definitions.

Prerequisites

  • You must have a CloudSQL instance running
  • You must have a Service Account with the Cloud SQL Client role
  • You must create a key for this service account in JSON format. See Google’s account keys documentation for more information. The access key must use the GCP Console/gcloud format (i.e., the first example in the linked documentation)
  • You must have the CloudSQL Admin API enabled for your project
  • You must have a user defined on the instance for Workloads to use when connecting to the database

Add A GCP Account

To integrate a CloudSQL account you need to add a Cloud Account (if you haven’t already).

  1. From the Cloud Accounts screen, click Google Cloud Platform in the Add accounts section
  2. In the modal dialog provide a unique name for the account in the Account name field
  3. In the Service account access key(JSON) field paste the account key for the service account that you wish to use
  4. Click Authorize

Add The Resource Definition

  1. From the Resource Management screen, click Add resource definition
  2. In the modal dialog click Postgres
  3. Next, select the postgres-cloudsql Driver
  4. Finally, provide the following information, then click Add progress
    1. In the ID field provide a unique ID for the resource
    2. In the Credentials field select the Cloud Account you created earlier
    3. In the Fully qualified CloudSQL instance name provide the instance name in the format <project-id>:<region>:<id>
    4. If the maintenance database name is not postgres provide that in the Database name field
    5. In the User / Role and Password fields provide the credentials that Workloads should use when connecting to the database

Resource Matching

Now that the resource is defined you will need to add matching criteria.

  1. Click on the relevant row in the Resource Definition table
  2. Then switch to the Matching Criteria tab
  3. Click Add new Criteria
  4. Configure the matching rules as needed,
  5. Click Save

Other Postgres

Unlike Google CloudSQL, most postgres implementations use a single shared Driver.

Prerequisites

  • You must have a database instance/server running
  • If you are using a hosted Postgres it is recommended provide a management service account with Database CRUD permissions. You will need to add this account via the Cloud Accounts screen
  • You must have a user defined on the instance for Workloads to use when connecting to the database

Add The Resource Definition

  1. From the Resource Management screen, click Add resource definition
  2. In the modal dialog click Postgres
  3. Next, select the postgres-cloudsql Driver
  4. Finally, provide the following information, then click Add progress
    1. In the ID field provide a unique ID for the resource
    2. (If you are using a management account) in the Credentials field select the Cloud Account you created earlier
    3. In the Fully qualified CloudSQL instance name provide the instance name in the format <project-id>:<region>:<id>
    4. In the User / Role and Password fields provide the credentials that Workloads should use when connecting to the database
    5. In the Hostname or IP field provide the Hostname or IP address that the Workloads can access the database on
    6. In the Port field provide the port number that the database is running on

Resource Matching

Now that the resource is defined you will need to add matching criteria.

  1. Click on the relevant row in the Resource Definition table
  2. Then switch to the Matching Criteria tab
  3. Click Add new Criteria
  4. Configure the matching rules as needed,
  5. Click Save

Relational Databases

Humanitec supports a range of Relational Database Management Systems (RDBMS) out of the box. In all of these systems there is a distinction between the database and the RDBMS server or instance.

Access Methods

The access method refers to how Humanitec connects to an RDBMS instance. Currently, 3 access methods are supported out of the box:

Direct

A direct connection is where Humanitec connects directly to the RDBMS instance. The instance must be accessible on the public internet for this to be possible. This is the default configuration when using Aiven managed databases, or public Amazon RDS and Azure Databases.

Over SSH

When connecting over SSH, Humanitec first connects to bastion host or jump server and then makes an onward connection from that server to the instance itself. This is a common way of administering private RDBMS instances, for example a private Amazon RDS instance running inside a private VPC.

Google Cloud SQL Proxy

Google provides their own proxy which can be used to securely connect to private Cloud SQL instances without the need of a dedicated bastion host.

The supported databases along with their access methods are summarized here:

PostgreSQL MySQL MariaDB SQL Server
Direct coming soon
Over SSH coming soon
Google Cloud SQL Proxy coming soon

Blob storage

DNS