A newer version of this documentation is available.

View Latest
March 16, 2025
+ 12
This section describes how to connect the Go SDK to a Couchbase cluster. It contains best practices as well as information on TLS/SSL and other advanced connection options.

Connecting to a Cluster

A connection to a Couchbase Server cluster is represented by a Cluster object. A Cluster provides access to Buckets, Scopes, and Collections, as well as various Couchbase services and management interfaces. The simplest way to create a Cluster object is to call gocb.Connect() with a connection string, username, and password:

golang
opts := gocb.ClusterOptions{ Username: "Administrator", Password: "password", } cluster, err := gocb.Connect("10.112.193.101", opts) if err != nil { panic(err) }
If you are connecting to a version of Couchbase Server older than 6.5, it will be more efficient if the addresses are those of data (KV) nodes. You will in any case, with 6.0 and earlier, need to open a Bucket instance before connecting to any other HTTP services (such as Query or Search).

In a production environment, your connection string should include the addresses of multiple server nodes in case some are currently unavailable. Multiple addresses may be specified in a connection string by delimiting them with commas:

golang
opts := gocb.ClusterOptions{ Username: "Administrator", Password: "password", } cluster, err := gocb.Connect("192.168.56.101,192.168.56.102", opts) if err != nil { panic(err) }
You don’t need to include the address of every node in the cluster. The client fetches the full address list from the first node it is able to contact.

Connection Strings

A Couchbase connection string is a comma-delimited list of IP addresses and/or hostnames, optionally followed by a list of parameters.

The parameter list is just like the query component of a URI; name-value pairs have an equals sign (=) separating the name and value, with an ampersand (&) between each pair. Just as in a URI, the first parameter is prefixed by a question mark (?).

Simple connection string with one seed node
127.0.0.1
Connection string with two seed nodes
nodeA.example.com,nodeB.example.com
Connection string with two parameters
127.0.0.1?&kv_timeout=2500&query_timeout=60000

The full list of recognized parameters is documented in the client settings reference.

A connection string may optionally be prefixed by either "couchbase://" or "couchbases://". This can be used to control whether the SDK connects using encrypted connections or unencrypted connections.

Waiting for Bootstrap Completion

Depending on the environment and network latency, bootstrapping the SDK fully might take a little longer than the default key-value timeout of 2.5 seconds. This means that whilst bootstrap is occurring any operations that you make might timeout. To prevent those early timeouts from happening, you can use the WaitUntilReady method which will return a timeout error if bootstrap isn’t completed in the specified time. Note that WaitUntilReady does not actually retry connecting, the retry is rechecking the connection state. If you are working at the Cluster level, then add to the cluster() in the earlier example:

golang
opts := gocb.ClusterOptions{ Username: "Administrator", Password: "password", } cluster, err := gocb.Connect("couchbase://10.112.193.101", opts) if err != nil { panic(err) } err = cluster.WaitUntilReady(5*time.Second, nil) if err != nil { panic(err) }

If you are working at the Bucket level, then the Bucket-level WaitUntilReady does the same as the Cluster-level version.

golang
opts := gocb.ClusterOptions{ Username: "Administrator", Password: "password", } cluster, err := gocb.Connect("couchbase://10.112.193.101", opts) if err != nil { panic(err) } bucket := cluster.Bucket("default") err = bucket.WaitUntilReady(5*time.Second, nil) if err != nil { panic(err) }

Other timeout issues may occur when using the SDK located geographically separately from the Couchbase Server cluster — this is not recommended.

Connection Lifecycle

All high-level objects in the Go SDK are designed to be safe for concurrent use by multiple goroutines. You will get the best performance by using only a single Cluster object per cluster, and as few Bucket, Scope and Collection as is reasonable for your application.

We recommend creating a single Cluster instance when your application starts up, and sharing this instance throughout your application. If you know at startup time which buckets, scopes, and collections your application will use, we recommend obtaining them from the Cluster at startup time and sharing those instances throughout your application as well.

Before your application stops, gracefully shut down the client by calling the Close() method of each Cluster you created.

Alternate Addresses and Custom Ports

If your Couchbase Server cluster is running in a containerized, port mapped, or otherwise NATd environment like Docker or Kubernetes, a client running outside that environment may need additional information in order to connect the cluster. Both the client and server require special configuration in this case.

On the server side, each server node must be configured to advertise its external address as well as any custom port mapping. This is done with the setting-alternate-address CLI command introduced in Couchbase Server 6.5. A node configured in this way will advertise two addresses: one for connecting from the same network, and another for connecting from an external network.

On the client side, the externally visible ports must be used when connecting. If the external ports are not the default, you can specify custom ports as part of your connection string.

golang
opts := gocb.ClusterOptions{ Username: "Administrator", Password: "password", } cluster, err := gocb.Connect("couchbase://192.168.56.101:1234,192.168.56.102:5678", opts) if err != nil { panic(err) }
In a deployment that uses multi-dimensional scaling, a custom KV port is only applicable for nodes running the KV service. A custom manager port may be specified regardless of which services are running on the node.

In many cases the client is able to automatically select the correct set of addresses to use when connecting to a cluster that advertises multiple addresses. If the detection heuristic fails in your environment, you can override it by setting the network_type client setting to default if the client and server are on the same network, or external if they’re on different networks.

Any TLS certificates must be set up at the point where the connections are being made.

Secure Connections

Couchbase Server Enterprise Edition and Couchbase Capella support full encryption of client-side traffic using Transport Layer Security (TLS). That includes key-value type operations, queries, and configuration communication. Make sure you have the Enterprise Edition of Couchbase Server, or a Couchbase Capella account, before proceeding with configuring encryption on the client side.

The Go SDK bundles Capella’s standard root certificate by default. This means you don’t need any additional configuration to enable TLS — simply use couchbases:// in your connection string.

Capella’s root certificate is not signed by a well known CA (Certificate Authority). However, as the certificate is bundled with the SDK, it is trusted by default.

Using DNS SRV records

As an alternative to specifying multiple hosts in your program, you can get the actual bootstrap node list from a DNS SRV record. The following steps are necessary to make it work:

  1. Set up your DNS server to respond properly from a DNS SRV request.

  2. Enable it on the SDK and point it towards the DNS SRV entry.

Your DNS server should be set up like this (one row for each bootstrap node):

_couchbase._tcp.example.com.  3600  IN  SRV  0  0  11210  node1.example.com.
_couchbase._tcp.example.com.  3600  IN  SRV  0  0  11210  node2.example.com.
_couchbase._tcp.example.com.  3600  IN  SRV  0  0  11210  node3.example.com.
The ordering, priorities, and weighting are completely ignored and should not be set on the records to avoid ambiguities.

If you plan to use secure connections, you use _couchbases instead:

_couchbases._tcp.example.com.  3600  IN  SRV  0  0  11207  node1.example.com.
_couchbases._tcp.example.com.  3600  IN  SRV  0  0  11207  node2.example.com.
_couchbases._tcp.example.com.  3600  IN  SRV  0  0  11207  node3.example.com.

DNS SRV bootstrapping is available in the Go SDK. In order to make the SDK actually use the SRV records, you need to enable DNS SRV on the environment and pass in the host name from your records (here example.com):

golang
opts := gocb.ClusterOptions{ Username: "Administrator", Password: "password", } cluster, err := gocb.Connect("couchbase://mysrvrecord.hostname.com", opts) if err != nil { panic(err) }

If the DNS SRV records could not be loaded properly you’ll get the exception logged and the given host name will be used as a A record lookup.

Also, if you pass in more than one node, DNS SRV bootstrap will not be attempted.

Working in the Cloud

For most use cases, connecting client software using a Couchbase SDK to the Couchbase Capella service is similar to connecting to an on-premises Couchbase Cluster. The use of DNS-SRV, Alternate Address, and TLS is covered above.

We strongly recommend that the client and server are in the same LAN-like environment (e.g. AWS Region). As this may not always be possible during development, read the guidance on working with constrained network environments. More details on connecting your client code to Couchbase Capella can be found in the Cloud docs.

Troubleshooting Connections to Cloud

Some DNS caching providers (notably, home routers) can’t handle an SRV record that’s large — if you have DNS-SRV issues with such a set-up, reduce your DNS-SRV to only include three records. [For development only, not production.]. Our Troubleshooting Cloud Connections page will help you to diagnose this and other problems — as well as introducing the SDK doctor tool.

Connection to Couchbase Capella requires Couchbase Go SDK 2.0 and up, unless you use a workaround in 1.6.