On Mon, Mar 4, 2024 at 2:16 PM Bryan Davis <bd808@wikimedia.org> wrote:
>
> On Mon, Mar 4, 2024 at 12:43 PM Tim Moody <tim@timmoody.com> wrote:
> >
> > I am trying to reach a remote mysql database from a vps using python. The destination server has created an opening in the firewall for the request, but I am still getting network unreachable errors. I gave the ip of the proxy for the vps, obtained with ping, as the expected ip. I now tried accessing a web site I control from the same vps also in python using requests.get, and in the web server log I see the request coming from what looks to be a gateway (xxx.xxx.xxx.1, rather than the proxy xxx.xxx.xxx.nnn) Is this to be expected and can I rely on the address for such requests?
>
> Please, please, please do not expose MySQL/MariaDB to the general
> internet. Instead I would suggest that you use an ssh tunnel to
> connect your workstation with the remote instance. See
> https://wikitech.wikimedia.org/wiki/Help:Toolforge/Database#Connecting_to_the_database_replicas_from_your_own_computer
> for how this can be done in a specific case. For your case really just
> the target host (login.toolforge.org -> your instance) and database
> server should need to change.

I completely misread the direction of our connection. I apologize.

Yes, outbound connections from a Cloud VPS instance to the internet
will show as coming from the shared outbound NAT gateway IP at the
remote. The only change from this is if the Cloud VPS instance has a
"floating IP" that gives it a direct route to the Internet.

Bryan
--
Bryan Davis                                        Wikimedia Foundation
Principal Software Engineer                               Boise, ID USA
[[m:User:BDavis_(WMF)]]                                      irc: bd808
_______________________________________________
Wikitech-l mailing list -- wikitech-l@lists.wikimedia.org
To unsubscribe send an email to wikitech-l-leave@lists.wikimedia.org
https://lists.wikimedia.org/postorius/lists/wikitech-l.lists.wikimedia.org/