Configure and add DataV Proxy Service - DataV - Alibaba Cloud Documentation Center

The DataV Proxy Service addresses common data access and transmission issues in visualization projects, such as data security and cross-origin requests. It enables connections to self-managed databases without exposing their public IP addresses, thus enhancing security. This topic explains how to configure the DataV Proxy Service and add it to DataV-Board 7.0.

Background information

DataV Proxy is a configuration tool for the DataV Proxy Service, facilitating DataV's access to databases without public endpoints, thereby ensuring data security.

How it works

Users execute query operations in DataV, which sends the encrypted SQL query string and database ID value to the DataV Proxy application.
DataV Proxy deciphers the encrypted information, connects to the specified database, and sends the SQL query string.
The database processes the SQL query and sends the results back to DataV Proxy.
DataV Proxy relays the query results back to DataV.

Scenarios

The proxy service is typically used in scenarios such as:

Cross-origin requests
- Overcoming browser same-origin policy restrictions, allowing frontend applications to fetch data from services with different domain names.
- Routing requests through a proxy server, enabling smooth access to cross-origin resources for clients.
Data security
- Authentication and authorization: Verifying requests to ensure only authorized users can access the data.
- Data encryption: Securing data in transit to prevent interception or tampering.
- Concealing sensitive information: The proxy service can obscure the actual address and structure of the backend database, minimizing the risk of direct exposure.

Limitations

All versions support the DataV Proxy Service.

Prerequisites

The database to be accessed must be ready.

Important

You must first add the whitelist IP address of the corresponding area to your data source whitelist to ensure that DataV-Board can access your database normally. For more information, see configure database whitelist.

Configure DataV proxy

Before adding the DataV Proxy Service, you must configure DataV Proxy.

Step 1: Start DataV proxy

Deploy DataV Proxy based on your business requirements (e.g., on ECS or a local environment) and initiate the service.

Windows:
1. Download the DataV Proxy installation package.
2. Save it to your desired location, extract it, and double-click the datav_proxy_win32_x64.exe file to automatically set up the proxy and start the service.
Linux/Mac:
1. Execute the following command to download the DataV Proxy application.
```
wget https://sh-conf.oss-cn-shanghai.aliyuncs.com/doc_files/datav_proxy.zip                        
```
2. Unpack the installation package and navigate to the project directory.
3. Execute the following command to launch the service. By default, DataV Proxy starts on port 8001.
```
chmod 777 ./*    //Indicates that all users have read, write, and execute permissions on the files and subdirectories in the current directory. 
sh exec.sh start
```
  Note
  - To set a different port number and start the service, run the sh exec.sh start -p [port number] command, such as sh exec.sh start -p 8080.
  - To stop the service, run the sh exec.sh stop command.

Step 2: Access the DataV proxy configuration page

Once the service is running, access http://{domain name/IP address of the server}:port (e.g., http://10.10.10.10:8001) in a browser to reach the DataV Proxy configuration page.

Note

For first-time access, register according to the interface prompts. After successful registration, log on to the service.

Domain name/IP: The domain name or IP address of the server where DataV Proxy is installed. Configure the corresponding domain name according to your network environment. Use the intranet IP when in an intranet environment.
Port: The port on which the DataV Proxy service is running.

Step 3: Configure DataV proxy data source

Create the necessary data source type according to your business needs, enabling DataV Proxy to access the corresponding database. DataV Proxy supports multiple data source types. This topic uses RDS MySQL as an example to demonstrate data source configuration steps.

Note

Parameters for different data sources may vary. Refer to the actual interface for specific details.

Configure an IP address whitelist.
To facilitate DataV Proxy's access to the database, add the IP address where the DataV Proxy service is located to the RDS MySQL database's whitelist.
On the DataV Proxy configuration page's left-side navigation pane, click Datasource Config, select mysql, and click Add.

In the New Data Source dialog box, enter the required parameter information.

Parameter	Description
id	Custom data source ID. It must be unique.
host	The IP address or domain name of the server where the database is located. You need to enter the Public Address of the RDS MySQL instance here, which can be obtained on the instance basic information page of the RDS Management Console. For example, `rm-bp1xxxxxxxxxxxxxhmo.mysql.rds.aliyuncs.com`.
user	The username used to log on to the database.
password	The password that is used to log on to the database.
database	Database name.
port	The port number of the database. The RDS MySQL port number is usually `3306`.
maxPoolSize	The maximum number of database connections allowed in the connection pool.
timeout	The maximum time to wait for obtaining a connection, in ms.

Test the data source connectivity.
- Click SQL Test to input SQL statements in the pop-up dialog box and verify that the database data meets the requirements.
- Click Connection Pool Information to check the number of connections to the database.

Step 4: Other configurations

In the DataV Proxy configuration page's left-side navigation pane, complete the following configurations:

Key and cross-domain settings:
- Key: This is used to configure parameters when adding the DataV Proxy Service. Click Generate new Key/Secret with one click to create a new Access Key and Access Secret.
  Important
  Initially, the key field is blank. Clicking Generate new Key/Secret with one click for the first time generates the original key. Subsequent clicks will produce a new key, rendering the old one invalid.
- Cross-domain settings: Set cross-domain Origins to http://datav.aliyun.com to allow DataV-Board to access the current proxy service.
Query log: Check specific log information as needed.
Important
On Linux and Mac, you can specify the range of log lines and include keywords for the search.

Configure browser

Adjust the relevant browser settings according to the network environment from which you are accessing the proxy service.

Access in public network environment

For access in a public network environment, use a browser like Chrome or Firefox to visit http://datav.aliyun.com/.

Access in intranet environment

If you're using an intranet address to access the proxy service with a high-version Chrome browser, follow these steps:

Adjust the browser's CORS settings for private network requests.

Chrome version 94 and above: Navigate to chrome://flags/#block-insecure-private-network-requests, change the status to disable, and restart the browser to prevent it from blocking requests to the private network from an insecure context (HTTP).
Chrome version 108 and above: Go to chrome://flags/#unsafely-treat-insecure-origin-as-secure, input the HTTP address of DataV-Board in unsafely-treat-insecure-origin-as-secure, and restart the browser. This treats http://datav.aliyun.com as a secure origin (HTTPS), allowing it to use features normally restricted to secure contexts.

Set up DataV Proxy to permit cross-origin access.

Add DataV Proxy Service

In this step, you will integrate the DataV Proxy Service into DataV. This proxy service allows you to connect to a self-managed database without revealing its public IP address, thus bolstering data security.

Important

The proxy service is limited to HTTP. Access the DataV console using the http:// protocol to ensure a smooth connection to the DataV Proxy data source.

If Chrome always redirects from HTTP to HTTPS when opening a website, refer to the FAQ for a solution.
To use HTTPS services, apply for a Chrome-recognized HTTPS certificate. Search Google Chrome for instructions on how to apply.

Log in to the DataV console.
On the Workbench page, click Data Preparation > Data Source to access the Data Source page, and then click Create Data Source.
In the Type dropdown, choose DataV Proxy Service.

Enter the details for the database that the DataV Proxy Service will connect to.

Parameter	Description
Name	Custom data source name.
Domain Name	The IP address or domain name when DataV Proxy starts. If you are using an ECS server, configure this as the public IP of the ECS server.
Port	The port number when DataV Proxy starts. The default is `8001`.
Path	(Optional) The prefix value specified when DataV Proxy starts. If not specified, leave it blank. Note Prefix is a URL path prefix. When specified, all requests matching the prefix will be forwarded to the DataV Proxy service.
Method	(Optional) The request method. The default is `GET`. When the request parameter is too long, it is recommended to select `POST`.
Key and Secret	The Access Key and Access Secret generated by DataV Proxy. For more information, see key configuration.
Database	Click Get Data List and select the database added in DataV Proxy. This database is the one accessed by DataV through the proxy service.

Once the connection is confirmed, click OK to finalize the addition of the data source.

What to do next

Once you have the raw data, you can consult datasource config for widget data adaptation.

FAQ

Problem description: What should I do if Chrome always redirects from HTTP to HTTPS when opening a website?
Solution: If HTTP sites are automatically redirected to HTTPS due to browser security measures, go to chrome://net-internals/#hsts, remove the domain's security policy, and try accessing it again in a new tab.

For additional FAQs about adding proxy services, see proxy request FAQ.