| title | summary | toc | toc_not_nested | ssh-link |
|---|---|---|---|---|
Deploy CockroachDB on Digital Ocean (Insecure) |
Learn how to deploy a CockroachDB cluster on Digital Ocean. |
true |
true |
This page shows you how to manually deploy an insecure multi-node CockroachDB cluster on Digital Ocean, using Digital Ocean's managed load balancing service to distribute client traffic.
{{site.data.alerts.callout_danger}}If you plan to use CockroachDB in production, we strongly recommend using a secure cluster instead. Select Secure above for instructions.{{site.data.alerts.end}}
{% include {{ page.version.version }}/prod-deployment/insecure-requirements.md %}
{% include {{ page.version.version }}/prod-deployment/insecure-recommendations.md %}
- If all of your CockroachDB nodes and clients will run on Droplets in a single region, consider using private networking.
Create Droplets for each node you plan to have in your cluster. If you plan to run a sample workload against the cluster, create a separate droplet for that workload.
-
Run at least 3 nodes to ensure survivability.
-
Use any droplets except standard droplets with only 1 GB of RAM, which is below our minimum requirement. All Digital Ocean droplets use SSD storage.
For more details, see Hardware Recommendations and Cluster Topology.
{% include {{ page.version.version }}/prod-deployment/synchronize-clocks.md %}
Each CockroachDB node is an equally suitable SQL gateway to your cluster, but to ensure client performance and reliability, it's important to use load balancing:
-
Performance: Load balancers spread client traffic across nodes. This prevents any one node from being overwhelmed by requests and improves overall cluster performance (queries per second).
-
Reliability: Load balancers decouple client health from the health of a single CockroachDB node. In cases where a node fails, the load balancer redirects client traffic to available nodes.
Digital Ocean offers fully-managed load balancers to distribute traffic between Droplets.
- Create a Digital Ocean Load Balancer. Be sure to:
- Set forwarding rules to route TCP traffic from the load balancer's port 26257 to port 26257 on the node Droplets.
- Configure health checks to use HTTP port 8080 and path
/health?ready=1. This health endpoint ensures that load balancers do not direct traffic to nodes that are live but not ready to receive requests.
- Note the provisioned IP Address for the load balancer. You'll use this later to test load balancing and to connect your application to the cluster.
{{site.data.alerts.callout_info}}If you would prefer to use HAProxy instead of Digital Ocean's managed load balancing, see the On-Premises tutorial for guidance.{{site.data.alerts.end}}
Set up a firewall for each of your Droplets, allowing TCP communication on the following two ports:
- 26257 (
tcp:26257) for inter-node communication (i.e., working as a cluster), for applications to connect to the load balancer, and for routing from the load balancer to nodes - 8080 (
tcp:8080) for exposing your Admin UI
For guidance, you can use Digital Ocean's guide to configuring firewalls based on the Droplet's OS:
- Ubuntu and Debian can use
ufw. - FreeBSD can use
ipfw. - Fedora can use
iptables. - CoreOS can use
iptables. - CentOS can use
firewalld.
{% include {{ page.version.version }}/prod-deployment/insecure-start-nodes.md %}
{% include {{ page.version.version }}/prod-deployment/insecure-initialize-cluster.md %}
{% include {{ page.version.version }}/prod-deployment/insecure-test-cluster.md %}
{% include {{ page.version.version }}/prod-deployment/insecure-test-load-balancing.md %}
{% include {{ page.version.version }}/prod-deployment/monitor-cluster.md %}
{% include {{ page.version.version }}/prod-deployment/insecure-scale-cluster.md %}
Now that your deployment is working, you can:
- Implement your data model.
- Create users and grant them privileges.
- Connect your application. Be sure to connect your application to the Digital Ocean Load Balancer, not to a CockroachDB node.
{% include {{ page.version.version }}/prod-deployment/prod-see-also.md %}