azure-templateskong

Connect to Kong from a different machine or network

IMPORTANT: By default, the database port for the nodes in this solution cannot be accessed over a public IP address. As a result, you will only be able to connect to your database nodes from machines that are running in the same network. For security reasons, we do not recommend making the database port accessible over a public IP address. If you must make it accessible over a public IP address, we recommend restricting access to a trusted list of source IP addresses using firewall rules. Refer to the FAQ for information on opening ports in the server firewall.

Connect from the same network

Run the following command to connect to Cassandra from a different machine (Remember that IP_SERVER, USER and PASSWORD are placeholders. Replace these values with the right ones):

$ cqlsh IP_SERVER -u USER -p PASSWORD

Connect from a different network

If you must connect to the application from a machine that is not running in the same network as the Kong cluster, you can follow these approaches (these are shown in order of preference, from the most secure to the less recommended solution):

  • Option 1: Peer both virtual networks to secure the connections between the two instances. Check the following guide to learn how to connect instances in different networks using network peering.
  • Option 2: Create an SSH tunnel to connect to the application using the public IP address. Refer to the FAQ for more information on this.

    NOTE: You should only access using an SSH tunnel if you wish to temporarily connect to, or use, the Kong console. This approach is not recommended to permanently connect your application to the Kong cluster, as a connectivity failure in the SSH tunnel would affect your application’s functionality.

  • Option 3: Make the server publicly accessible and restrict access to a trusted list of source IP addresses using firewall rules. Refer to the FAQ for information on opening ports in the server firewall. Once you have opened the port, execute the following to access Cassandra server:

    $ cqlsh IP_SERVER PORT -u USER -p PASSWORD
    

Learn more about Cassandra ports in the Cassandra official documentation.