Configure SSH Tunneling with Mac / Linux Using SSH
Overview
Set up tunneling if you prefer to work directly from your local environment using your own browsers to access the Data Hub Service endpoints.
Before you begin
You need:
- An AWS VPC (virtual network)
- An AWS peer role
- A peered DHS network
- To configure network routing between client-side and DHS networks
- A Standard or Low Priority DHS with a Peered Network
- A DHS user account with assigned roles to internally manage DHS users
- (Optional) To add an LDAP configuration to externally manage DHS service users
About this task
Important: If your DHS uses private endpoints, you can set up SSH tunneling. See Getting Started with Data Hub Service in AWS, and follow the peered configuration.
Procedure
- Navigate to your DHS to view the SSH tunneling script.
- In the Service column, click the service name.
Tip: You can customize your dashboard with column sorting, column configuring, and services searching and filtering. See Customize DHS Dashboard. - In the Action drop-down menu, click SSH Tunneling Script to display the popup with the current settings.
- In the popup, copy the script to your clipboard:
- highlight and copy the script, or
- click the copy script icon ()
Your script will look similar to the following:
#!/bin/bash ssh -i $SSH_PEM_KEY -N \ -L 5432:DHS_ENDPOINT:5432 \ -L 8002:DHS_ENDPOINT:8002 \ -L 8005:DHS_ENDPOINT:8005 \ -L 8010:DHS_ENDPOINT:8010 \ -L 8013:DHS_ENDPOINT:8013 \ -L 8012:DHS_ENDPOINT:8012 \ -L 8011:DHS_ENDPOINT:8011 \ -L 8020:DHS_ENDPOINT:8020 \ ec2-user@$BASTION_EC2Note: Replace DHS_ENDPOINT with the endpoints associated with each port number per your service.- To edit the script, paste to a text file.
- In the popup, copy the script to your clipboard:
Results
Important: Developers with an existing installation of MarkLogic will notice the potential conflict with use of port 8002. To avoid the conflict, use another port number for the tunnel or change the "Manage" port in your local MarkLogic installation.