thomasgauvin: add explanations to connect to private network db from … (

#19394) * thomasgauvin: add explanations to connect to private network db from hyperdrive with tunnels * Update src/content/docs/hyperdrive/configuration/connect-to-private-database.mdx --------- Co-authored-by: Jun Lee <[email protected]>
cloudflare · Jan 24, 2025 · d7739b4 · d7739b4
1 parent e74e056
commit d7739b4
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/...ts/images/hyperdrive/configuration/hyperdrive-private-database-architecture.png b/...ts/images/hyperdrive/configuration/hyperdrive-private-database-architecture.png
diff --git a/src/content/docs/hyperdrive/configuration/connect-to-private-database.mdx b/src/content/docs/hyperdrive/configuration/connect-to-private-database.mdx
@@ -18,6 +18,12 @@ When your database is isolated within a private network (such as a [virtual priv
 - [Cloudflare Tunnel](/cloudflare-one/connections/connect-networks/) is used to establish the secure tunnel connection.
 - [Cloudflare Access](/cloudflare-one/policies/access/) is used to restrict access to your tunnel such that only specific Hyperdrive configurations can access it.
 
+A request from the Cloudflare Worker to the origin database goes through Hyperdrive, Cloudflare Access, and the Cloudflare Tunnel established by `cloudflared`. `cloudflared` must be running in the private network in which your database is accessible.
+
+The Cloudflare Tunnel will establish an outbound bidirectional connection from your private network to Cloudflare. Cloudflare Access will secure your Cloudflare Tunnel to be only accessible by your Hyperdrive configuration.
+
+![A request from the Cloudflare Worker to the origin database goes through Hyperdrive, Cloudflare Access and the Cloudflare Tunnel established by `cloudflared`.](~/assets/images/hyperdrive/configuration/hyperdrive-private-database-architecture.png)
+
 <Render file="tutorials-before-you-start" product="workers" />
 
 :::caution[Warning]
@@ -177,4 +183,5 @@ If you successfully receive the list of `pg_tables` from your database when you
 ## Troubleshooting
 
 If you encounter issues when setting up your Hyperdrive configuration with tunnels to a private database, consider these common solutions, in addition to [general troubleshooting steps](/hyperdrive/observability/troubleshooting/) for Hyperdrive:
-* Ensure your database is configured to use TLS (SSL). Hyperdrive requires TLS (SSL) to connect.
+
+- Ensure your database is configured to use TLS (SSL). Hyperdrive requires TLS (SSL) to connect.