Private Services
Host apps that only accept traffic from your other services.
Render private services are just like web services, with one exception: private services aren't reachable via the public internet. They do not receive an onrender.com subdomain:
However, private services are reachable by your other Render services on the same private network! This means they're perfect for services that only your own infrastructure needs to talk to.
Private services can listen on almost any port (see details) and communicate using any protocol.
Private services must bind to at least one port.
If your service won't receive incoming traffic, instead create a background worker. See details below.
Examples
Here are some deployment guides for tools that make great private services:
Private service or background worker?
Like private services, your background workers are unreachable via the public internet. Unlike private services, background workers aren't even reachable via their private network:
- If your internal service will bind to at least one port and receive private network traffic, create a private service.
- Otherwise, create a background worker.
Background workers can send private network requests to other services but can't receive them. They usually perform long-running or resource-intensive tasks, which they fetch from a job queue that's often backed by a Render Key Value instance.