Manage OceanBase data sources by using NineData

The Database DevOps module of NineData provides powerful features to help you quickly complete data management tasks in various environments. These features include data asset management, data query, SQL execution, data editing, data import and export, SQL approval workflow, SQL specification pre-check, approval process, and sensitive data protection.

Prerequisites

• You have registered a NineData account. You can click here to register a NineData account.
• You have installed OceanBase Database.
• You have been granted the read-only and DML/DDL privileges on the target data source.
• You have subscribed to NineData Database DevOps Professional Edition or Enterprise Edition, and your subscription is within the validity period.

Procedure

Step 1: Obtain the connection information of OceanBase Database

Contact the deployment personnel or administrator of OceanBase Database to obtain the connection information.

obclient -hxx.xx.xx.xx -P2883 -uroot@mysql#cluster -p**** -A

Step 2: Add an OceanBase for MySQL data source

1. Log in to the NineData console.

2. In the left-side navigation pane, choose Datasource > Datasource.

3. Click the Datasource tab, and then click Create Datasource on the tab. In the popup window for selecting the data source type, choose Database > OceanBase for MySQL. On the Create Datasource page, set the parameters based on the table below.

   The parameters are described as follows:

   Parameter	Description
   Name	The name of the data source. Use a meaningful name to facilitate future searching and management.
   Connection	The connection method for the data source. Valid values: IP Address: specifies to connect to the data source by using a public IP address. Gateway: specifies to connect to the data source by using the secure and convenient intranet access method provided by NineData. You first need to establish a connection to the host where the data source is located. SSH Tunnel: specifies to connect to the data source by using an SSH tunnel.
   Parameters when Connection is set to IP Address	Host: Enter the public IP address and port number of the data source.
   Parameters when Connection is set to Gateway	Gateway: Select the NineData gateway installed on the host where the data source is located. Host: You can use localhost (if the data source is on the same machine) or the internal IP address of the host where the data source is located.
   Parameters when Connection is set to SSH Tunnel	SSH Host: Enter the public IP address or domain name of the target server where the data source is located, as well as the corresponding port number, which is 22 by default. SSH Authentication Method: Select the authentication method for SSH. Valid values: Password: specifies to connect to the data source by using the login username and password of the server. When you select this method, specify the following parameters: SSH Username: the username for logging in to the target server where the data source is located. Password*: the password for logging in to the target server where the data source is located. Key (recommended): specifies to connect to the data source by using the SSH username and key file. When you select this method, specify the following parameters: SSH Username: the username for logging in to the target server where the data source is located. Key File: Click Upload to upload the private key file, which is a key file without an extension. Password: the password specified when the key file was generated. If you did not set a password during key generation, leave this field blank. Note After configuring SSH, click Connection Test on the right side. You might get either of the following results: Success message: indicates that the SSH tunnel is established. Error message:: indicates that the SSH tunnel fails to be established. In this case, troubleshoot the issue based on the error message and retry. Host: You can use localhost (if the data source is on the same machine) or the internal IP address of the host where the data source is located.
   DB Account	The username for the data source.
   DB Password	The password for the data source.
   Access Region	Select the region closest to the location of your data source to reduce network latency.
   Environment	Select the environment based on the actual business purpose of this data source as the environmental identifier. Default options include PROD and DEV. You can also create custom environments. Note In organization mode, database environments can also be applied to privilege strategy management. For example, the default Prod Admin role supports accessing only data sources in the PROD environment and cannot access data sources in other environments.
   Encryption	Specifies whether to enable SSL encryption for accessing the data source. By default, SSL encryption is enabled. If the data source enforces SSL encrypted connection, this switch must be turned on; otherwise, the connection will fail. Click the switch on the right to enable or disable encrypted transmission. Click the > icon on the left of Encryption to expand detailed configurations. SSL Options: Two options are supported: If Available: automatically detects the SSL status of the server. If SSL is enabled on the server, an SSL connection is used with priority. If SSL is not enabled on the server, a non-SSL connection is used. Require: always uses SSL to connect to the data source. If the server does not support this method or cannot establish an SSL connection for other reasons, the connection will fail. SSL Cipher: the SSL-Cipher encryption algorithm. Verify Server Certificate (SSL CA): If the OBServer node uses a self-signed CA-issued certificate, upload the root certificate of that CA. Verify Server Identity (SSL Identify): verifies the server information such as the name and IP address, to ensure that you are connecting to the genuine OBServer node and to avoid man-in-the-middle attacks. Authenticate Client: If the OBServer node requires the client to provide a certificate, upload the client certificate and key. The OBServer node will verify the information you uploaded to ensure the security of the connection. Note In most cases, if the OBServer node supports SSL encrypted connections, you only need to select Require without configuring other options. The system will automatically generate keys for you to establish a connection.

4. To ensure smooth connection, specify Access Region on the Create Datasource page and add the IP address of the NineData service displayed below the Access Region field to your server allowlist.

5. After you configure the parameters, click the Connection Test button on the right side of Create Datasource to test whether the data source can be accessed properly. If the message "Connection Successfully" appears, click Create Datasource to add the data source. If an error message appears, re-check the connection settings until the connection test succeeds.

What to do next

NineData will be ready for use after the connection is successful. For more information about how to use NineData, see NineData documentation.