Networking
How networking works within and between SMLL resources.
SMLL resources run inside Virtual Private Clouds (VPCs). Understanding how networking works helps you connect services to databases, configure access, and troubleshoot connectivity issues.
VPC networking
Each VPC gets its own isolated network namespace. Resources within the same VPC can communicate freely using internal DNS names.
Internal DNS
Services and databases within the same VPC can reach each other using internal DNS:
| Resource | Internal hostname |
|---|---|
| Database | db-name.vpc-namespace.svc.cluster.local |
| Service | service-name.vpc-namespace.svc.cluster.local |
You can also use the short form: db-name or service-name (within the same VPC).
External access
Services
Web services are exposed to the internet through an ingress controller. Each service gets:
- A default SMLL URL:
svc-abc123.smll.io - Optional custom domains with automatic SSL
Databases
Databases are accessible from the internet via:
- A direct connection endpoint for administration
- A pooler connection endpoint for applications
Both endpoints use SSL by default.
Port configuration
| Resource | Default port | Configurable |
|---|---|---|
| Web service | 8080 | Yes, set in service config |
| Database (direct) | 5432 | No |
| Database (pooler) | 5432 | No |
Network isolation
Resources in different VPCs cannot communicate directly. If you need cross-VPC communication, use the public endpoints.
Egress
All outbound traffic from services (to external APIs, third-party services, etc.) is routed through the cluster's internet gateway. Egress is billed at $0.05/GB.