Sign inTry Free

Access Helios BYOC

On this page

Use the Cloud Portal to access your Helios BYOC deployment, SingleStore users, and databases.

Connect to SingleStore

In addition to the Cloud Portal, you can connect to your SingleStore databases deployed in Helios BYOC regions using AWS Virtual Private Cloud (VPC). Design and implement any of the following supported networking and connectivity options while adhering to your security and compliance requirements:

  • AWS PrivateLink

  • VPC peering

  • AWS Transit Gateway

Note

The DML and DDL endpoints of a workspace in a Helios BYOC deployment are internal to the cell. To access your SingleStore database from third-party (external) tools or applications, configure any of the supported options.

Refer to Integration architectures for guidance on choosing the optimal integration for your use case and their architectures. Refer to References for more information.

Connect using AWS PrivateLink

To connect with your SingleStore databases using AWS PrivateLink,

  1. Create an inbound private connection on the Cloud Portal.

  2. Copy the VPC Endpoint Service Name of your inbound private connection on the Cloud Portal.

  3. Create a private endpoint on the AWS Console using the Service name copied in the previous step.

  4. Use the private endpoint to connect to your SingleStore deployment.

Refer to AWS PrivateLink for related information.

1. Create an Inbound Private Connection

On the Cloud Portal,

  1. Select Deployments > your_workspace_group > Firewall.

  2. Under Private Links, select Create Connection.

  3. On the Create Connection dialog, enter or select the following information:

    • Connection Type: Select the Inbound connection type from the list.

    • Workspaces:

      • To create a DML connection, select a workspace you want to connect with from the list.

      • To create a DDL connection, select None.

      Each workspace group can have the following private connections:

      • At most one inbound connection for DDL connections, i.e. one per workspace group.

      • At most one inbound connection for each workspace for DML connections, i.e., one for each workspace.

      Note: Create a separate private endpoint on AWS Console for each of the configured inbound connections (DDL or DML). Use the respective private endpoint to connect to SingleStore via a DDL or DML connection.

    • AWS Account ID: Enter the AWS account ID associated with your VPC/private endpoint.

  4. Select Create Connection.

Once the connection is ready to use, which may take a few minutes, its status changes to ACTIVE. If an error occurs while creating the private connection, the connection is deleted automatically. Hover over the DELETED status indicator to view the error message.

2. Copy the VPC Endpoint Service Name of your connection

On the Cloud Portal,

  1. Select Deployments > your_workspace_group > Firewall.

  2. Under Private Links, select the three dots in the Actions column of your private connection.

  3. From the list, select Edit Connection.

  4. On the Connection Properties dialog, copy the VPC Endpoint Service Name. Enter it in the Service Name box while creating a private endpoint on the AWS Console.

3. Create a Private Endpoint

On the AWS Console,

  1. Select Endpoints > Create endpoint.

  2. (Optional) Enter a name for the private endpoint.

  3. Under Type, select the Endpoint services that use NLBs and GWLBs category.

  4. Under Service name, enter the Service name copied earlier, and select Verify service.

  5. Once the Service name is verified, configure the other networking options as required.

    1. Select the VPC from which to connect with the service.

    2. Disable the Enable DNS name option.

    3. Select the available subnets.

    4. Configure security groups. The security groups must allow TCP 3306 and 443 ports.

  6. Select Create endpoint.

4. Use the Private Endpoint

To connect to your SingleStore deployment,

  1. On the AWS Console, select your_endpoint > View details.

  2. Under DNS names, copy the regional DNS name (the first endpoint).

  3. Connect to your SingleStore databases from third-party applications and tools using the DNS name copied earlier. For example, to connect using the singlestore CLI client:

    singlestore -u <username> -h <dns_name> -P 3306 --default-auth=mysql_native_password --password

Connect using VPC Peering

VPC peering enables peer-to-peer network routing and establishes a direct connection between two VPCs. To configure VPC peering,

  1. On the Requester side, create a request to peer with a VPC in the same account or a VPC in a different AWS account.

  2. On the Acceptor side, accept the VPC peering request.

  3. Update the route tables.

  4. Connect to SingleStore.

1. Create a VPC Peering Request

On the Requestor side,

  1. On the AWS Console, select VPC > Peering connections > Create peering connection.

  2. On the Create peering connection page,

    1. (Optional) Enter a name for the VPC peering connection.

    2. Verify the CIDR block. Ensure that there is no collision.

    3. Under Select another VPC to peer with, enter the details of the peer (Acceptor) VPC:

      1. Account: Select My account to request VPC peering connection with another VPC in your (same) account. Or, select Another account to request VPC peering with a VPC in another AWS account.

      2. Select or enter other VPC configuration details as required, for example, AWS account ID, VPC ID (Acceptor), etc.

  3. Select Create peering connection.

For more information, refer to Create or delete a VPC peering connection.

2. Accept a VPC Peering Request

On the Acceptor side,

  1. On the Amazon Console, select VPC > Peering connections.

  2. To accept a peering connection, select the pending VPC peering connection request, and select Accept from the options menu.

Wait until the connection is in Active state before proceeding to the next step.

3. Update Route Tables

On the Acceptor side,

  1. Select VPC > Route tables.

  2. Add a route for every routing table, select Actions > Edit routes > Add route.

    1. Under Destination, enter the CIDR block of the Requester VPC.

    2. Under Target, select Peering Connection.

    3. Select the ID of the established peering connection.

    4. Select Save changes.

On the Requestor side,

  1. Select VPC > Route tables.

  2. Add a route for every routing table, select Actions > Edit routes > Add route.

    1. Under Destination, enter the CIDR block of the Acceptor VPC.

    2. Under Target, select Peering Connection.

    3. Select the ID of the established peering connection.

    4. Select Save changes.

4. Connect to SingleStore

On the Cloud Portal,

  1. Select your_workspace > Connect > CLI Client.

  2. From the list, select SingleStore Endpoints.

  3. Under Endpoint, copy the endpoint of your deployment.

  4. Connect to your SingleStore databases from third-party applications and tools using the endpoint copied earlier. For example, to connect using the singlestore CLI client:

    singlestore -u <username> -h <endpoint> -P 3306 --default-auth=mysql_native_password --password

Connect using VPC Transit Gateways

Refer to Get started with using Amazon VPC Transit Gateways for information on creating a Transit Gateway and then connecting two VPCs using the transit gateway.

References

Last modified: January 16, 2025

Was this article helpful?

On this page

Was this article helpful?