I try to setup Hyperdrive with a tunnel
I try to setup Hyperdrive with a tunnel. Followed all the steps 3 times but get this error:
"Failed to connect to database using the provided information: Internal error."
- On the server "cloudflared tail --level debug" and in the dashboards 'Access authentication logs' i dont see anything happen.
- Tunnel status on dashboard says "Healthy".
- Everytime i try to setup it up in Application > Policies a policy is automaticly created.
- First time I run "cloudflared tail --level debug" i got the error "Cannot determine default origin certificate path." which i fixed with this
6 Replies
Hey Nick! Good to confirm that you see the tunnel is healthy on the dashboard. Have you properly configured the tunnel to point to your database service? https://developers.cloudflare.com/hyperdrive/configuration/connect-to-private-database/#12-connect-your-database-using-a-public-hostname
Might be the case that your vpc is blocking access between your services
There's also general troubleshooting, such as verifying that your database works with TLS/SSL https://developers.cloudflare.com/hyperdrive/configuration/connect-to-private-database/#troubleshooting without requiring custom certificates
If you think it would help, grab 30 minutes on my calendar, it'll give me the chance to learn more about what you're building and see how we can debug (but try the above solutions ideally) https://calendar.app.google/ADMa36YtHgF7d73W6
I am currently using the same database/server as a public host with Hyperdrive, which requires TLS for secure connections. However, I want to switch to a tunneling solution because I can't secure the server using IP whitelisting; Hyperdrive relies on dynamic, unknown IP addresses, making it challenging to restrict access effectively.
Is there a way to test the tunnel without using Hyperdrive?
Yep. The easiest way would be to run cloudflared somewhere else for ingress, as an arbitrary tcp tunnel, and then just use PSQL or similar to send traffic across the tunnel.
Something like this: https://ryan-schachte.com/blog/cf_tunnel_tcp/
TCP tunneling with Cloudflare Tunnel
TCP connection forwarding with Cloudflare Tunnel
Also, while we don't have a hard date for delivery, we are working on supporting that kind of IP allowlisting, too.