- Home
- Skills
- Digitalocean Labs
- Do App Platform Skills
- Managed Db Services
managed-db-services_skill
- Python
1
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill digitalocean-labs/do-app-platform-skills --skill managed-db-services- README.md2.1 KB
- SKILL.md10.5 KB
Overview
This skill configures DigitalOcean Managed MySQL, MongoDB, Valkey (Redis), Kafka, and OpenSearch for App Platform applications. It guides cluster creation, trusted-source setup, bindable environment variables, and engine-specific connection patterns. Use it to attach non-Postgres managed databases to App Platform components and to troubleshoot common connectivity and permission issues.
How this skill works
The skill inspects the target engine and generates the correct databases: block for the app spec, ensuring production: true when bindable variables are required. It advises doctl commands for cluster/user/db creation and firewall rules, and explains how bindable variables map to runtime environment variables and connection strings. It also flags engine-specific constraints (trusted sources, build-time access, naming rules) and recommends VPC vs public rules where appropriate.
When to use it
- Attaching MySQL, MongoDB, Redis (Valkey), Kafka, or OpenSearch clusters to App Platform services.
- Setting trusted sources so apps can connect to managed database clusters.
- Running migrations or PRE_DEPLOY jobs when build-time DB access is blocked by firewall rules.
- Configuring bindable environment variables for runtime credentials and TLS certificates.
- Troubleshooting connection errors, permission issues, or TLS/URL formatting problems.
Best practices
- Set production: true in the databases: block to ensure bindable variables are populated.
- Use VPC CIDR ip_addr rules for simpler, consistent trusted-source setup when possible.
- Avoid relying on build-time DB access; use PRE_DEPLOY jobs for migrations when trusted sources block builds.
- Remember Kafka only supports IP-based trusted-source rules; app: rules are not supported.
- For VPC deployments, create separate private env vars if you need private hostnames; bindables return public hostnames.
Example use cases
- Add a DigitalOcean Managed MySQL cluster to an API service and expose DATABASE_URL as a RUN_TIME env var.
- Attach a MongoDB cluster, ensure db_user exists, and set MONGODB_URI from ${db.DATABASE_URL}.
- Configure Valkey (Redis) for session caching using rediss:// URL and ${cache.DATABASE_URL}.
- Deploy Kafka for eventing with VPC-based trusted sources and supply broker details via ${kafka.HOSTNAME}:${kafka.PORT}.
- Provision OpenSearch for search indexing and provide basic-auth URL to the app while disabling logging to it if trusted sources are enabled.
FAQ
Bindable variables require production: true in the databases: block. Add production: true and redeploy to populate values.
Can my build step access the database during image build?
No—trusted sources block build-time access. Run migrations in a PRE_DEPLOY job or use a CI step with network access to the DB.
How do I connect to Kafka from an App Platform app?
Use VPC with ip_addr trusted-source rules since Kafka does not support app:$APP_ID rules. Supply HOSTNAME, PORT, USERNAME, PASSWORD, and CA_CERT to the app.