Register a database in a third-party cloud by using a VPN gateway -

Data Management (DMS) allows you to connect to a database on the internal network of a third-party cloud service by using a virtual private network (VPN) gateway and then register and manage the database as an instance in the DMS console.

Prerequisites

The internal network of the third-party cloud supports IPsec-VPN connection.
A VPN connection is established between an Alibaba Cloud virtual private cloud (VPC) and the internal network of the third-party cloud. For more information, see Connect a data center to a VPC.
DMS is activated.
You are a DMS administrator or a database administrator (DBA) in DMS.
DMS allows you to register the following types of VPC-connected databases as instances:
- MySQL
- SQL Server
- PostgreSQL
- Oracle
- OceanBase MySQL
- MongoDB
- Redis
- ClickHouse
- MariaDB
- Dameng (DM)
- DB2

Background information

Alibaba Cloud VPN Gateway is an Internet-based service that allows you to connect enterprise data centers, office networks, or Internet-facing terminals to Alibaba Cloud VPCs over encrypted tunnels. In a hybrid cloud environment in which a third-party cloud supports VPN connections, you can connect a VPC to the third-party cloud through a VPN gateway to register a database of the third-party cloud and then manage the database in the DMS console.

Note

We recommend that you register your database by using a database gateway, which is more secure and convenient. For more information about, see Register a database instance in a third-party cloud by using a database gateway.

Procedure

Log on to the DMS console V5.0.
On the Home page of the DMS console, click the icon in the upper-right corner of the left-side instance list.
Note
You can also choose Data Assets > Instances in the top navigation bar. On the Instance List tab of the Instances page, click + New.
On the Add Instance page, click the VPC line IDC tab and select a database type.
Note
In this example, MySQL is selected. If you select other types of database instances, the procedure is similar.

In the Basic Information/Advanced Information step, set the parameters described in the following table.

Basic Information	Data Source	The source of the database instance. Select VPC line IDC in this example.
	Database Type	The type of the database instance.
	Instance Region	The Alibaba Cloud region that is geographically close to the region where the database on the third-party cloud resides.
	VPC ID	The ID of the VPC that is connected to the internal network of the third-party cloud. You must establish the connection before you register the database. For more information, see Connect a data center to a VPC.
	Login Address	The endpoint that is used to connect to the database.
	Port	The port that is used to connect to the database.
	Database Account	The account that you use to log on to the database.
	Database Password	The password of the account that you use to log on to the database.
	Control Mode	The control mode that is used to manage the database instance in DMS. For more information, see Query data across multiple database instances.
	Sensitive Data Protection	Specifies whether to enable the sensitive data protection feature based on your business requirements. This feature allows you to control and mask sensitive data. For more information, see Overview.
Advanced Information	Environment Type	The type of the environment in which the database instance resides.
	Instance Name	The name that you specify for the database instance.
	Open DBLink	Specifies whether to enable the cross-database query feature for the database. For more information, see Query data across multiple database instances.
	Lock-free Schema Change	Specifies whether to enable the lock-free schema change feature for the database. For more information, see Perform lock-free DDL operations.
	Enable SSL	Specifies whether to allow DMS to connect to the database by using SSL connections. After this feature is enabled, DMS can connect to the database by using SSL connections. Valid values: Default (DMS automatically checks whether self-negotiation is enabled for the database instance.): DMS automatically checks whether the SSL encryption feature is enabled for the database. If the SSL encryption feature is enabled, DMS connects to the database by using SSL connections. Otherwise, DMS connects to the database without encryption. Open: DMS connects to the database by using SSL connections. This value is invalid if the SSL encryption feature is disabled for the database. Close: DMS does not connect to the database by using SSL connections. Note This parameter is available only if you set the Database Type parameter to MySQL.
	DBA	The DBA of the database. The DBA can grant permissions to users.
	query timeout(s)	The timeout period for the execution of an SQL query statement. If the execution of an SQL query statement lasts longer than the specified timeout period, the execution is terminated to protect the database.
	export timeout(s)	The timeout period for the execution of an SQL export statement. If the execution of an SQL export statement lasts longer than the specified timeout period, the execution is terminated to protect the database.

Note

After you set the parameters in the Basic Information section, click Test Connection in the lower part of the dialog box. If the connection test fails, modify the parameters as prompted and try again.

Click Submit.
After the preceding steps are complete, the database is registered with DMS. Then, you can view and manage your database in the instance list in the DMS console.