self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-20 01:03:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update DBeaver guides to use authenticated local proxy. (#12037)

Browse source 
* docs(db): add postgres DBeaver guide

* docs(db): update mysql and sql server dbeaver guides
This commit is contained in:
Gabriel Corado 2022-04-19 10:44:27 -03:00 committed by GitHub
parent 57cc2ed355
commit c8502b3af4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 38 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

BIN
docs/img/database-access/dbeaver-configure-server.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 28 KiB

After

Width:  |  Height:  |  Size: 63 KiB

BIN
docs/img/database-access/dbeaver-pg-configure-server.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 921 KiB

BIN
docs/img/database-access/dbeaver-ssl.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 126 KiB

BIN
docs/img/database-access/dbeaver-tls-settings.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 53 KiB

BIN
docs/img/database-access/guides/sqlserver/dbeaver-connection@2x.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 234 KiB

After

Width:  |  Height:  |  Size: 905 KiB

54
docs/pages/database-access/guides/gui-clients.mdx
View file

@ -79,6 +79,25 @@ Ensure that your environment includes the following:
<ScopedBlock scope={["oss", "enterprise"]}>
<Tabs>
<TabItem label="Authenticated Proxy">
Starting the local database proxy with the `--tunnel` flag will create an
authenticated tunnel that you can use to connect to your database instances.
You won't need to configure any credentials when connecting to this tunnel.
Here is an example on how to start the proxy:
```bash
# First, login into the database.
$ tsh db login <database-name>
# Then, start the local proxy.
$ tsh proxy db --tunnel <database-name>
Started authenticated tunnel for the <engine> database "<database-name>" in cluster "<cluster-name>" on 127.0.0.1:62652.
```
You can then connect to the address the proxy command returns, in our example it
is `127.0.0.1:62652`.
</TabItem>
<TabItem label="TLS routing">
If you're using Teleport in [TLS routing](../../setup/operations/tls-routing.mdx)
mode where each database protocol is multiplexed on the same web proxy port, use
@ -178,6 +197,20 @@ certificate, key and root certificate from the configuration above:
Click "Save", and pgAdmin should immediately connect. If pgAdmin prompts you
for password, leave the password field empty and click OK.
## PostgreSQL DBeaver
To connect to your PostgreSQL instance, use the authenticated proxy address.
This is `127.0.0.1:62652` in the example above (see the “Authenticated Proxy”
section on [Get connection information](./gui-clients.mdx#get-connection-information)
for more information).
Use the "Database native" authentication with an empty password:
![DBeaver Postgres Configure
Server](../../../img/database-access/dbeaver-pg-configure-server.png)
Clicking on "Test connection" should return a connection success message. Then,
click on "Finish" to save the configuration.
## MySQL Workbench
[MySQL Workbench](https://www.mysql.com/products/workbench/) is a GUI
@ -219,7 +252,8 @@ In the search bar of the "Connect to a database" window that opens up, type "mys
![DBeaver Select Driver](../../../img/database-access/dbeaver-select-driver.png)
In the newly-opened "Connection Settings" tab, copy the `Server Host` and `Port` from the `tsh db config` output into the DBeaver config fields:
In the newly-opened "Connection Settings" tab, use the Host as `localhost` and
Port as the one returned by the proxy command (`62652` in the example above):
![DBeaver Select Configure Server](../../../img/database-access/dbeaver-configure-server.png)
@ -233,20 +267,8 @@ Authentication" box, and click "Ok" to save:
![DBeaver Driver Settings](../../../img/database-access/dbeaver-driver-settings.png)
Once you are back in the "Connection Settings" window, navigate to the "Driver
Properties" tab, scroll down to find the `enabledTLSProtocols` field and enter
"TLSv1.2" into the `Value` field:
![DBeaver TLS Settings](../../../img/database-access/dbeaver-tls-settings.png)
Navigate to the "SSL" tab, check the "Use SSL" box, uncheck the "Verify Server
Certificates" box, and copy the `CA Certificate`, `Client Certificate`, and
`Client Private Key` paths from the output of the `tsh` command you ran at the
beginning of this guide:
![DBeaver SSL](../../../img/database-access/dbeaver-ssl.png)
Click "Ok" to finish and DBeaver should connect to the remote MySQL server automatically.
Once you are back in the "Connection Settings" window, click "Ok" to finish and
DBeaver should connect to the remote MySQL server automatically.
## MongoDB Compass
@ -276,7 +298,7 @@ Click on the "Connect" button.
## SQL Server DBeaver
In the DBeaver connection configuration menu, use your proxy's endpoint. This is
`localhost:4242` in the example above. (See
`localhost:62652` in the example above. (See
[Get connection information](./gui-clients.mdx#get-connection-information) for
more information.)