Documentation
Private Services - Secure Internal Network
Deploy secure internal services accessible only within your private network. Perfect for databases, internal APIs, background processors, and microservices that don't need public internet access.
What are Private Services?
deployra private services are identical to web services with one crucial difference: they're completely isolated from the public internet. These services don't receive public URLs or deployra.app subdomains, making them perfect for internal infrastructure components.
Database Services
Host Elasticsearch, ClickHouse, or custom databases securely
Internal APIs
Deploy backend services and microservices for internal use
Background Processors
Run job queues, task processors, and worker services
Private Service
service-name.service
No Public Access
Internal network only
Use cases for private services
Run search engines like Elasticsearch that only need to be accessed by your application servers, not by end users directly.
Run analytics databases that process internal data and don't need to be exposed to the public internet.
Deploy internal APIs and microservices that should only be accessible to your other services, not to the outside world.
Run background task processors, job queues, or other services that don't need direct user interaction.
Connecting to private services
Within your Deployra private network, services can reach each other using internal hostnames, which follow this format:
service-name.serviceFor example, if you have a web service named "api" and a private service named "search", your api service can connect to the search service using "search.service" as the hostname.
Example: Connecting to Elasticsearch
If you deploy Elasticsearch as a private service named "elasticsearch", your web services would connect to it using this connection string:
http://elasticsearch.service:9200Where 9200 is the standard port that Elasticsearch listens on.
Frequently Asked Questions
What's the difference between private and web services?
Private services are identical to web services except they're not accessible from the public internet. They don't receive public URLs or deployra.app subdomains, making them perfect for internal infrastructure components that only need to communicate with your other services.
How do private services communicate with each other?
Private services communicate using internal hostnames within your deployra private network. The format is service-name.service. For example, a service named "database" would be accessible at database.service from your other services.
Can private services use custom ports?
Yes! Private services can listen on almost any port and communicate using any protocol (HTTP, TCP, UDP). This flexibility makes them perfect for databases, message queues, and other specialized services that may require specific port configurations.
Are private services more secure than web services?
Private services provide an additional layer of security through network isolation. Since they're not accessible from the public internet, they can only be reached by your other deployra services within the same private network, reducing the attack surface significantly.
What types of applications work best as private services?
Private services are ideal for databases (Elasticsearch, ClickHouse, MongoDB), internal APIs, background job processors, message queues, caching layers, and any service that doesn't need direct access from end users but serves your application infrastructure.
Can I convert a web service to a private service?
You'll need to redeploy your service as a private service type. The application code remains the same, but the networking configuration changes to remove public internet access. Make sure to update any connection strings in your other services to use the internal hostname format.