Database Gateway is a database connection service for remote access to on-premises databases or databases that are hosted on third-party clouds. This service allows you to connect these databases to Alibaba Cloud in a secure manner at a low cost. You can also integrate Database Gateway with other Alibaba Cloud services, such as Data Transmission Service (DTS), Database Backup (DBS), and Data Management (DMS).
Why Database Gateway
Database Gateway is a secure and cost-effective database connection service. It allows you to connect an on-premises database or a database that is hosted on a third-party cloud to Alibaba Cloud in a secure manner at a low cost. It can be integrated with other Alibaba Cloud services, such as DTS, DBS, and DMS. Database Gateway provides the following benefits:
High security and reliability
You do not need to use public IP addresses of databases to establish connections over the Internet when you use Database Gateway. This ensures the security and stability of your data assets.
A temporary token, which is generated in the Database Gateway console, is required to start a Database Gateway agent. The temporary token is sent to the Database Gateway service for identity verification over an encrypted link when you start the agent. This ensures that only you can use this Database Gateway agent. A temporary token is valid for 15 minutes after it is generated and can be used only once. This way, you do not need to store Alibaba Cloud AccessKey pairs locally, preventing exposure of AccessKey pairs.
Database Gateway uses Transport Layer Security (TLS) to implement asymmetric encryption on data transmission links.
When you use Alibaba Cloud services to access databases that are not deployed on Alibaba Cloud, you can call API operations to obtain information about only the database gateways that are created within your account. This prevents unauthorized acquisition of information about your database gateways.
When you use Alibaba Cloud services to access databases that are connected to a database gateway, you must provide the corresponding temporary AccessKey pair and the database gateway ID to pass authentication. This prevents unauthorized access to databases that are connected to your database gateways.
Ease of use
Database Gateway allows you to connect a database that is not deployed on Alibaba Cloud to Alibaba Cloud without configuring complex networks and routing.
Cost-effective
Database Gateway provides free connections from databases to Alibaba Cloud. You do not need to purchase an Elastic Compute Service (ECS) instance, a virtual private cloud (VPC), or an Express Connect circuit. You can run your Database Gateway agent on a machine that has required memory resources. In terms of data transmission, Database Gateway compresses data before the data is transmitted over the Internet. This reduces network transmission costs.
High availability
In addition to disaster recovery measures on a single Database Gateway agent, you can deploy multiple Database Gateway agents across servers or data centers to form a high-availability cluster for disaster recovery. Database Gateway automatically performs disaster recovery across servers or data centers. This ensures that connections can be recovered in seconds in case of failures. For more information, see Create high-availability clusters of on-premises agents.
Scenarios
Manage databases across clouds in a centralized manner
Migrate data from on-premises databases or databases on third-party clouds to Alibaba Cloud
Synchronize data from on-premises databases or databases on third-party clouds to Alibaba Cloud databases
Back up on-premises databases or databases on third-party clouds to Alibaba Cloud
For more information, see Scenarios.
How it works
A Database Gateway agent is installed locally.
The Database Gateway agent establishes secure and trusted channels with the Database Gateway service. Channels established by different accounts and database gateways are isolated from each other.
When you use a cloud database service such as DMS or DBS to access your database that is not deployed on Alibaba Cloud, the database service accesses your database over the corresponding channel.
Related services
Related service | Description |
DTS is a real-time data streaming service. DTS supports data transmission between data sources such as relational databases, NoSQL databases, and online analytical processing (OLAP) databases. DTS provides the data synchronization, data migration, change tracking, data integration, and data processing features. Database Gateway can work with DTS to connect on-premises databases or databases on third-party clouds to Alibaba Cloud at a low cost. After a database is connected, you can use the database as the source or destination database of a data migration task, data synchronization task, or change tracking task in DTS. | |
DBS is a cost-effective and highly reliable one-stop data backup and restoration service provided by Alibaba Cloud. DBS supports data restoration in seconds and works with Data Lake Analytics to support queries of backup sets. DBS provides enterprise-level data backup capabilities in a hybrid cloud environment for databases in data centers, private clouds, and public clouds of one or more cloud providers. DBS allows you to use Database Gateway to back up on-premises databases or databases in private networks of a third-party cloud to Alibaba Cloud at a low cost. After databases are connected to database gateways, you can specify the databases as source databases. | |
DMS is a one-stop data management platform that allows you to manage data throughout its lifecycle. You can use DMS to manage global data assets, govern data, design and develop databases, integrate data, develop data, and consume data. These features help enterprises mine value from data in an efficient and secure manner and help enterprises undergo digital transformation. You can use Database Gateway in conjunction with DMS to roll out a stable and cost-effective solution to centrally manage databases that are not deployed on Alibaba Cloud, such as self-managed databases in on-premises data centers, cloud databases provided by third-party cloud service providers, and self-managed databases on cloud servers provided by third-party cloud service providers. |