How can we use google cloud database for local.net web application without deployed .net app on google cloud?
You can connect directly to Cloud SQL using either of the following options:
whitelisting your IP address and connect using the Public IP of your instance
you can run the Cloud SQL proxy locally which will forward the traffic to the instance
Related
my app is deployed and responds (however, no db connection) but, the pages that do not connect to the database work correctly, including calls to the web service api
my mysql database is running and has a public ip address (also, added my ip address as an authorized network)
i can connect to the google database from my local laptop using the mysql workbench and the instance i created is fully loaded and ready
i am able to run my .net core 3.1 project from my local machine and it runs using the Google MySQL instance via the public ip address
unsure why i am able to run my app locally using the google mysql instance from my laptop but the app from within the google hosting network itself does not.
google claims it should work by default?
however, the only way i have gotten it to work is by adding 0.0.0.0/0 to the allowed network. seems "dirty" that way. but, if i must.
connection string is "Server=34.125.xxx.xxx;Database=testdb;Uid=root;Password=testpword"
error message
You have already gone through the issue yourself. You have tried to make 0.0.0.0/0 an authorized network and it worked! what does this mean? This simply means that you need to authorize the AppEngine outbound NAT gateway cidr to access your CloudSQL instance and it worked because this NAT cidr is included in 0.0.0.0/0 as you may already know.
but the thing is, this is not the best option to secure your connection to CloudSQL.
As quoted from the documentation:
Using the Cloud SQL Auth proxy is the recommended method for authenticating connections to a Cloud SQL instance because it's the most secure method.
The CloudSQL Auth proxy provides secure access to your instances without a need for Authorized networks or for configuring SSL.
See the CloudSQL Auth proxy documentation here
Also,
You do not need to use the Cloud SQL Auth proxy or configure SSL to connect to Cloud SQL from App Engine standard environment or App Engine flexible environment.
See
Connecting from AppEngine standard environment to CloudSQL
and Connecting from AppEngine flexible environment to CloudSQL
I'm having trouble connecting with my .NET 5 web app to an Azure SQL DB.
The weird thing is that I can connect to the DB using Azure Data Studio.
I've configured the Azure SQL Server firewall to accept connections from my IP address, and all of the Inbound/Outbound IP addresses of my Azure App Service.
Before adding my local IP address to the firewall, I could not connect with Azure Data Studio, so that works as intended, but then I use the connection string provided by Azure itself (in ADO.NET format, since I'm using Entity Framework) inside my web app, and the app can't connect to the DB (it times out with A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 40 - Could not open a connection to SQL Server)).
I can't really understand why my localhost instance can't connect, as the IP address trying to connect to the db is the same as when I use Azure Data Studio!
And also the App Service instance in Azure can't connect either (in the SQL Server's firewall I've also enabled connectivity from Azure App Services!!).
The connection string is of the form
Server=tcp:[my server].database.windows.net;Initial Catalog=[my db];Persist Security Info=False;User ID=[my username];Password=[my password];MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;
Any hints?
EDIT:
to recap as requested,
dotnet run locally doesn't connect
containerized app service doesn't connect
Azure Data Studio locally does connect
I've found out the issue in the meantime, but I don't understand the cause:
dotnet run from WSL doesn't work; if I run the app from Windows it does work!!
I've therefore changed the App Service to build from source instead of running a containerized image, and it also does work.
Why would running the app locally from WSL instead of Windows result in the Azure SQL Server's firewall blocking me?! Is WSL exposed to the internet with a different IP address?
And why does the same happen to an Azure App Service that runs the containerized version of my app?
Since you can access the server from the same machine, it is not a firewall issue.
There are two possibilities you could check:
The connection string that your program is using is not what you expect. Try logging the connection string.
The server is configured to use named pipes and not tcp. Azure Data Studio is configured to use named pipes and therefore works. Try checking the server configuration.
Now I develop a WPF application that access to Azure SQL Server and work in Windows10 Tablet for my client.
I registered my client IP address of my PC for development,so the application can access to the sql server in development.
But it does not work in the tablet in other network. I know, I have to register its ip address too.
Now I have a problem.. of course, my client use his own network and I can't confirm the ip address he use!
To resolve this problem, I tried to use Azure AD autehntication with token.
(refer to https://learn.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication , https://techcommunity.microsoft.com/t5/azure-sql-database/azure-ad-service-principal-authentication-to-sql-db-code-sample/ba-p/481467 and so on)
My Application suceeded to login with Azure AD authentication in my PC for development, but in other network it failed yet..
Does it mean that I have to register the ip address in which the application works in any authentication method?
(If yes, it means that all user have to tell his own ip address to developer. No Way!!)
or I need to allow all range of ip address for this application?
I hope your help, thanks
If I understand your question correctly there are two questions:
1. How to make sure that dev machine has access to Azure SQL Database ?
For this, there is no other way. You will have to enable the IP addresses (or range of addresses) from which you want to access the Azure SQL database. If it is not allowed, you will not be able to connect to it.
You can enable this either while creating the SQL Azure instance OR you can also configure these IP addresses later as and when you need.
If you ask me what is the best way, I would suggest to use your local SQL Server for development. That way you do not need to configure all the IP addresses from all the networks from where you can work. This is also very handy as you have database on your machine.
Are you using central database and many people using it, then you have option to either setup a SQL Server which is available to the development team.
Alternatively, if you are interested to use Azure SQL for your development (which I would not recommend), then you can also try setting up a proxy service which just forwards the request to Azure SQL. That way making sure that all requests are coming from one IP.
2. How to make sure that your deployed application will always be able to access Azure SQL database?
It depends on how the application is deployed. If the application is going to be deployed in Azure, then you may want to enable access from other Azure services to Azure SQL instance. This is also setting which you can enable while creating SQL Azure database OR You can configure it after creating the SQL Azure instance.
If the application is not on Azure but database is on Azure, you will have to update the firewall to allow connections from the application.
I hope this provides you enough insights to get to your solution.
I am hosting my site on a shared server and wants to move my database to azure for better manageability. I created a database and added some data on azure platform. I tried to connect to that database through my local computer and it works. But when I am trying the same connection string on a shared hosting servers it gives me resource not found 505 error. Why?
For security reasons when you setup an Azure SQL DB it only allows connections from IP Addresses that you specify. Before recent enhancements to the portal, this required you to manually add your local IP Address and a loopback for anything hosted on Azure.
Since you are hosting your web site on a 3rd party provider you probably just need to find out the IP Address where your site is hosted and add that to the 'whitelist' of IP addresses that Azure SQL DB maintains. After you do that, it should just work.
I am working on an C# application which would use the remote MySQL database located in my website hosted on a Linux server with PHP & MySQL support.
I tried to connect directly to the MySQL database, but was not able to connect due to restrictions at my hoster side.
can somebody help me please, can i do that with this restrictions ?
You need access to port 3306 on the remote machine. You can test if you have access to this port using telnet or similar
telnet ip 3306
These are the solutions you have:
A) Create local dev environment: You don't provide much information. If my guess is correct you are developing locally and later you plan to deploy your c# application to web server, that also will contain mysql db.
Install mysql in your local machine
Get a copy of the DB.
Configure your C# program to connect to your local mysql (localhost:3306)
When you deploy code it to your web server, it will connect also to your "localhost 3306" that will be the mysql installed into the web server.
B) Use VPN to access mysql: If A is not applicable another solution consist in installing some kind of VPN between web server containing mySQL and the pc running your application. Once VPN is setup and you can access port 3306 (by telnet as explained before), then your app will work.
C) Open ports to access mysql: The most easy solution is asking for administrator to open ports for you. 99% of the times the answer will be no, so I will not follow this route. (Maybe there is some kind of solution in your web provider that allows to open specific ports for a given IP, but I doubt it)
You can't. The server needs to have allowed remote connections and if this isn't possible, than you're out of your luck.
But, there may be another way... If you can create a web service on the server you're able to connect from, you should be able to communicate with the data in mysql virtually from anywhere.
You can try to create a way of API, if your server blocks incoming connections from web, just overload MySQL Functions you need to use with PHP and "echo" results as a server, parse them as a client with your c# application, it is the only way to organize such a system, or, you can allow incoming connection to MySQL, then watch on this article on CodeProject