This Quick Start Guide helps administrators and developers with installing, and accessing the OpenShift Database Access service. The OpenShift Database Access operator enables you to do the following:
-
Easy consumption of database-as-a-service (DBaaS) offerings from partners including Crunchy Bridge, CockroachDB, and Amazon’s Relational Database Services (RDS) directly from managed OpenShift clusters.
-
Easy management, monitoring, and control by administrators of cloud-hosted DBaaS including consumption, usage, and status.
- Installing the OpenShift Database Access operator
- Accessing the Database Access menu for configuring and monitoring
- Accessing the developer workspace and adding a database instance
- Connecting an application to a database instance using the topology view
- Appendix A: Find your Crunchy Data Bridge account credentials
- Appendix B: Find your CockroachDB account credentials
- Appendix C: Find your Amazon RDS account credentials
The OpenShift Database Access operator allows you to configure a connection to cloud-database providers, create new database instances, and connect database instances to applications for developers to use.
-
Either OpenShift Container Platform or Origin Kubernetes Distribution (OKD) 4.10 or higher.
-
From the OpenShift console home page, expand the Operators menu, and click OperatorHub.
-
On the OperatorHub page, type dbaas in the filter field to find the OpenShift Database Access operator.
-
Click on the OpenShift Database Access operator tile, and click the Install button.
-
On the Install Operator page, review the install strategy, and click the *Install button.
-
After the installation process completes, an alert message tells you the status of the installation. If successful, an alert message asks you refresh the OpenShift web console to the latest version. After the web console refresh, you have a new Data Services category on the navigational menu. If failure, a message displays the installation error to help you investigate the problem.
-
For more information about OpenShift Database Access, see the Reference Guide.
From the OpenShift console, you can access the OpenShift Database Access navigation menu. On the Database Access page, use the appropriate project namespace for importing a cloud-database provider account.
ℹ️
|
After creating a DBaaSPolicy as a non-administrative user, on the Operator details page, under the Provider Account Policy section, you will see a restricted access message. By selecting Current namespace only option, you can view the policies. |
-
Installation of the OpenShift Database Access operator.
-
A service account with either the Crunchy Data Bridge, or CockroachDB, or Amazon RDS cloud-hosted database provider.
-
Log into the OpenShift console.
-
Use the correct project namespace by following these sub-steps:
-
From the database inventory page you get a snapshot of the database environment. You can import a cloud-hosted database provider account, and create a new database instance by clicking the Configuration menu.
-
For more information about OpenShift Database Access, see the Reference Guide.
You can access the developer workspace in the OpenShift console to manage connectivity for database instances to applications.
-
Installation of the OpenShift Database Access operator.
-
Import at least one cloud-database provider account.
-
Log into the OpenShift console.
-
Access the developer workspace to select an existing project or create a new project, and choose a cloud-hosted database provider to add to your project:
-
Click on your cloud-hosted database provider’s tile.
-
Select a previously configured Provider Account for this database instance from the dropdown menu.
-
Select the database instance ID you want to use, and click Add to Topology.
-
Click Continue. Upon a successful connection, you go to the Topology page.
-
For more information about OpenShift Database Access, see the Reference Guide.
You can add a database to an application by making a connection to the database instance from the cloud-database provider. On the Topology page, you see the application pod, along with a representation of the connection of the database instance.
-
Installation of the OpenShift Database Access operator.
-
Import at least one cloud-database provider account.
-
When hovering the cursor over the deployment node, you can drag the arrow from the application to the new database instance to create a binding connector. You can also right-click on the deployment node, and click Create Service Binding to create a binding connector.
-
On the pop-up dialog, click Create. Once the binding is created, the application pod restarts. After the application pod restarts, your application now has database connectivity.
This binding visually represents the injection of database connection information and credentials into the application pod.
-
Use a service binding library based on your application’s framework to consume the service binding information and credentials.
-
See the OpenShift Database Access Reference Guide for more details on service bindings, and for working application examples by using the service binding libraries.
You need the Public API Key, and the Private API Secret to create a provider account resource for Crunchy Data Bridge.
-
From the Crunch Data Bridge Log in page, sign in to your account.
-
From your personal account home page, click Settings, and then click Settings from the navigation menu.
-
Copy the Application ID and Application Secret values for the import provider account fields.
You need the API Key to create a provider account resource for CockroachDB.
❗
|
Currently, access to the Service Accounts tab on the Access Management page is enabled by invite only from CockroachDB. To expose the Service Accounts tab on the Access Management page, you can request that this feature be enabled. Contact CockroachDB support and ask for the Cloud API to be enabled in the CockroachDB Cloud Console for your user account. Additionally, you can view this quick video tutorial from Cockroach Labs on creating an account. |
-
From the CockroachDB service account page, log in to your account.
-
From your service account home page, select Access from the navigation menu.
-
Click Service Accounts from the Access Management page.
-
Click Create Service Account.
-
Enter an Account name, select the Permissions, and click Create.
-
Enter an API key name, and click Create.
-
Copy the Secret key for the import provider account field, and click Done.
You need an Amazon Web Services (AWS) Access key ID, an AWS Secret access key, and know which AWS Region you are using to import an Amazon Relational Database Service (RDS) provider account for OpenShift Database Access. If you lose your AWS Access key ID, and your AWS Secret access key, new ones must be created.
ℹ️
|
Amazon only allows two secret access keys for each user. You might need to deactivate unused keys, or delete lost keys before you can create a new access key. |
❗
|
You are limited to one Amazon RDS provider account per OpenShift cluster. Using your AWS credentials on more than one OpenShift cluster breaks established connections on all OpenShift clusters, except for the last OpenShift cluster that established a connection. |
❗
|
OpenShift Database Access only supports RDS database instance deployments, and does not support database cluster deployments. |
❗
|
Database instances using a custom Oracle or custom SQL Server engine type are not supported. |
-
An Amazon Web Services (AWS) account name.
-
Sign in to Amazon’s Identity and Access Management (IAM) console with your AWS user account.
-
From the IAM console home page, expand the Access management menu, and click Users.
-
Select a user from the list.
-
On the user’s summary page, select the Security credentials tab, and click the Create access key button.
-
Copy the AWS Access key ID, and the AWS Secret access key.