Recommended way to connect to cloud hosted database

I am trying to write to an Azure hosted PostgreSQL database but get blocked by the Azure firewall because the Gitpod IP address is not whitelisted. I know there are a few options to get around this, but I am curious what is recommended?

Should I setup an hosted VPN?

Are there other, easier options I am not aware of? LoadBalancer? Static IP?

Do I need to self-host?

Obviously, from my questions you can tell I am not a network professional, just trying to get something pretty straightforward setup to run some Jupyter Notebooks.

Hey @nicksilver, welcome to the Gitpod community! :tada:

You can find all the installation methods and relevant scripts under the install directory.

Recommendation: We recommend choosing GCP or AWS to deploy and run a Gitpod instance. You can use our Terraform scripts to configure, deploy, and upgrade an instance.

Using the helm charts from the chart directory to configure and deploy Gitpod on Kubernetes is also a great approach. This will be more stable solution after the upcoming 0.6.0 release.

Thanks for the response @gtsiolis. I might be confusing things, but the issue I am trying to resolve (or just get recommendations on) is connecting the docker container to a cloud hosted database. Every time a workspace is spun-up, the container has a different IP address which I then I have to whitelist in a separate, manual step. I am quite sure there are better options…but I am not sure which road to go down.

I am not self-hosting Gitpod so I have no control over the assigned IP address.

Oh, I misread that @nicksilver! I think this is something you should configure on the Azure side. Have you seen the docs related to Firewall rules in Azure Database for PostgreSQL? :flashlight:

I have looked at that page. The issue I am having is actually clearly stated there under Firewall troubleshooting issues. Here’s what it says:

Dynamic IP address: If you have an Internet connection with dynamic IP addressing and you are having trouble getting through the firewall, you could try one of the following solutions:

  • Ask your Internet Service Provider (ISP) for the IP address range assigned to your client computers that access the Azure Database for PostgreSQL Server, and then add the IP address range as a firewall rule.

  • Get static IP addressing instead for your client computers, and then add the static IP address as a firewall rule.

Neither one of these options is available to me when I use Gitpod.

You’re right @nicksilver! FWIW, having a static IP is already available for self-hosted Gitpod.

I don’t think there’re any plans to support this for at the moment but I’ve added to track this feature request, feel free to upvote or come back to this in the future. :flags:

That’s great…thanks for adding the feature request. I’d consider the self-hosted option, but I am setting this up for an organization that uses Azure. I’m not sure they’re interested in using another service just to host Gitpod.

The only other idea I had was to setup a VPN and have the container connect to that on spin-up. If others have recommendations on this solution I’d love to hear them.

Thanks for the help!

Hi @nicksilver!

I just wanted to mention that Gitpod can be self-hosted on Azure as well. Maybe that’s helpful. :slight_smile:

1 Like

Thanks @jan…good to know!

1 Like

I’d also love this feature to be implemented. Even if there is a way to tie a static IP to a container.
Alternatively, an IP range per region could also be helpful.
I wouldn’t mind if the static IP the container is assigned is shared with other containers

Please up vote relevant issues.