Skip to main content

Deploy a Database Server

Run PostgreSQL or MySQL on a dedicated Octos Cloud VM with private networking, NVMe storage, and automated snapshots for production-grade reliability.

ComponentRecommendation
Planmo.medium (2 vCPU, 16 GB RAM) or higher
Storage100+ GB NVMe SSD volume
NetworkPrivate network only (no public IP)
BackupDaily automated snapshots

Step 1: Provision a VM

  1. Create a VM with a memory-optimized plan
  2. Attach to a private network only
  3. Do not assign a public IP — access via a bastion host or VPN

Step 2: Install PostgreSQL

sudo apt update
sudo apt install postgresql postgresql-contrib -y

# Start and enable the service
sudo systemctl start postgresql
sudo systemctl enable postgresql

Configure for remote access

# Edit PostgreSQL config
sudo nano /etc/postgresql/16/main/postgresql.conf
# Set: listen_addresses = '10.0.0.5'  (your private IP)

# Edit client authentication
sudo nano /etc/postgresql/16/main/pg_hba.conf
# Add: host  all  all  10.0.0.0/24  scram-sha-256

sudo systemctl restart postgresql

Step 3: Attach dedicated storage

For production databases, attach a separate block storage volume:

# Format and mount
sudo mkfs.ext4 /dev/vdb
sudo mkdir /var/lib/postgresql/data-vol
sudo mount /dev/vdb /var/lib/postgresql/data-vol

# Move data directory (optional, advanced)
# Refer to PostgreSQL docs for relocating the data directory

Step 4: Security hardening

  • Security group: Allow port 5432 only from your application VM's private IP
  • Authentication: Use scram-sha-256 (default in PostgreSQL 16+)
  • Encryption: Enable SSL for client connections
  • Backups: Configure daily automated snapshots via the Octos portal

Security group rules

DirectionProtocolPortRemote
InboundTCP543210.0.0.0/24 (private subnet)
InboundTCP22Bastion host IP

Step 5: Automated backups

  1. Navigate to Backups in your project
  2. Create a scheduled backup for the database VM
  3. Set interval to Daily with 7-day retention
  4. Monitor backup status in the portal

Next steps