首页 项目目录 关于我们
Sign In
rust
/
Materialize
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 6dd8e59864
Branches Tags
Materialize
/
doc
/
user
/
layouts
/
shortcodes
/
postgres-direct
/
ingesting-data
/
use-ssh-tunnel.html

use-ssh-tunnel.html 2.7 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. 1. In the SQL client connected to Materialize, use the [`CREATE CONNECTION`](/sql/create-connection/#ssh-tunnel) command to create an SSH tunnel connection:
    2. 

  2. 

  3.     ```mzsql
    4. 

  4.     CREATE CONNECTION ssh_connection TO SSH TUNNEL (
    5. 

  5.         HOST '<SSH_BASTION_HOST>',
    6. 

  6.         PORT <SSH_BASTION_PORT>,
    7. 

  7.         USER '<SSH_BASTION_USER>'
    8. 

  8.     );
    9. 

  9.     ```
    10. 

  10. 

  11.     - Replace `<SSH_BASTION_HOST>` and `<SSH_BASTION_PORT`> with the public IP address and port of the SSH bastion host you created [earlier](#b-optional-configure-network-security).
    12. 

  12.     - Replace `<SSH_BASTION_USER>` with the username for the key pair you created for your SSH bastion host.
    13. 

  13. 

  14. 1. Get Materialize's public keys for the SSH tunnel connection:
    15. 

  15. 

  16.     ```mzsql
    17. 

  17.     SELECT * FROM mz_ssh_tunnel_connections;
    18. 

  18.     ```
    19. 

  19. 

  20. 1. Log in to your SSH bastion host and add Materialize's public keys to the `authorized_keys` file, for example:
    21. 

  21. 

  22.     ```sh
    23. 

  23.     # Command for Linux
    24. 

  24.     echo "ssh-ed25519 AAAA...76RH materialize" >> ~/.ssh/authorized_keys
    25. 

  25.     echo "ssh-ed25519 AAAA...hLYV materialize" >> ~/.ssh/authorized_keys
    26. 

  26.     ```
    27. 

  27. 

  28. 1. Back in the SQL client connected to Materialize, validate the SSH tunnel connection you created using the [`VALIDATE CONNECTION`](/sql/validate-connection) command:
    29. 

  29. 

  30.     ```mzsql
    31. 

  31.     VALIDATE CONNECTION ssh_connection;
    32. 

  32.     ```
    33. 

  33. 

  34.     If no validation error is returned, move to the next step.
    35. 

  35. 

  36. 1. Use the [`CREATE SECRET`](/sql/create-secret/) command to securely store the password for the `materialize` PostgreSQL user you created [earlier](#2-create-a-publication-and-a-replication-user):
    37. 

  37. 

  38.     ```mzsql
    39. 

  39.     CREATE SECRET pgpass AS '<PASSWORD>';
    40. 

  40.     ```
    41. 

  41. 

  42. 1. Use the [`CREATE CONNECTION`](/sql/create-connection/) command to create another connection object, this time with database access and authentication details for Materialize to use:
    43. 

  43. 

  44.     ```mzsql
    45. 

  45.     CREATE CONNECTION pg_connection TO POSTGRES (
    46. 

  46.       HOST '<host>',
    47. 

  47.       PORT 5432,
    48. 

  48.       USER 'materialize',
    49. 

  49.       PASSWORD SECRET pgpass,
    50. 

  50.       DATABASE '<database>',
    51. 

  51.       SSH TUNNEL ssh_connection
    52. 

  52.       );
    53. 

  53.     ```
    54. 

  54. 

  55.     - Replace `<host>` with your PostgreSQL endpoint.
    56. 

  56. 

  57.     - Replace `<database>` with the name of the database containing the tables you want to replicate to Materialize.
    58. 

  58. 

  59. 1. Use the [`CREATE SOURCE`](/sql/create-source/) command to connect Materialize to your PostgreSQL instance and start ingesting data from the publication you created [earlier](#2-create-a-publication-and-a-replication-user):
    60. 

  60. 

  61.     ```mzsql
    62. 

  62.     CREATE SOURCE mz_source
    63. 

  63.       IN CLUSTER ingest_postgres
    64. 

  64.       FROM POSTGRES CONNECTION pg_connection (PUBLICATION 'mz_source')
    65. 

  65.       FOR ALL TABLES;
    66. 

  66.     ```
    67. 

  67. 

  68.     To ingest data from specific schemas or tables in your publication, use `FOR SCHEMAS (<schema1>,<schema2>)` or `FOR TABLES (<table1>, <table2>)` instead of `FOR ALL TABLES`.
    69.