问题描述
我在AWS中有一个已正确设置的MySQL RDS实例。
I have a MySQL RDS instance in AWS which has been set up properly.
我在AWS中也有一个Linux EC2实例。
I also have a Linux EC2 instance in AWS.
但是,我无法从EC2实例连接到我的RDS实例。
However, I can't connect to my RDS instance from the EC2 instance.
我可以连接到
我怀疑这是四件事之一
- RDS实例的接口绑定-它正在侦听外部接口,而不是内部接口
- RDS实例的防火墙-允许从AWS外部进行连接网络,而不是从内部
- EC2实例的防火墙-不允许连接到RDS实例
- EC2实例上的名称解析-对于由于某些原因,RDS实例的名称无法解析为正确的IP地址
- interface binding of the RDS instance - it is listening on the external interface but not on the internal one
- firewall for the RDS instance - it is allowed connections from outside the AWS network but not from inside
- firewall for the EC2 instance - it is not allowing connections to the RDS instance
- name resolution on the EC2 instance - for some reason the name of the RDS instance is not resolving to the right IP address
但是,我已经对所有这些进行了最佳检查据我所知,它们似乎是有序的。
However, I have checked all of these to the best of my knowledge, and they seem to be in order.
什么我应该看看吗?
更新1 :在@mbaird提出问题之后,我检查了EC2实例和RDS实例在同一VPC上。这意味着什么?
Update 1: Following a question by @mbaird, I have checked that both the EC2 instance and the RDS instance are on the same VPC. What implications does that have?
更新2 :在用户@ Michael-sqlbot提出问题后,当我说无法连接时,在命令行中运行mysql时,使用
Update 2: Following a question by the user @"Michael - sqlbot", when I say cannot connect, when running mysql at the command line, with
mysql --host=<my-hostname> --port=3306 --user=<user> --password=<password>
我可以使用自己的笔记本电脑进行连接,但是当我尝试通过EC2实例进行连接时,它只能坐在那里什么也没做。一段时间后,我收到消息
I can connect form my own laptop, but when I try connecting from my EC2 instance, it just sits there doing nothing. After a while, I get the message
ERROR 2003 (HY000): Can't connect to MySQL server on '<my-hostname>' (110)
此外,当尝试从我的Java应用程序服务器连接到它时,我在堆栈跟踪中得到以下信息
Also, when trying to connect to it from my Java application server, I get the following in my stack trace
Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
...
The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
...
Caused by: java.net.ConnectException: Connection timed out
更新3 :DNS解析取决于我是AWS内部还是外部。
Update 3: The DNS resolution is different depending on whether I am internal to AWS or external.
nslookup <my-hostname>
我的笔记本电脑上的IP地址为 52.11。*。*
范围,同时在我的EC2实例中执行此操作会导致IP地址在 172.31。*。*
范围内。
on my laptop results in an IP address 52.11.*.*
range, while doing the same from my EC2 instance results in an IP address in the 172.31.*.*
range.
推荐答案
如果您的EC2实例和RDS数据库实例位于不同的VPC中,则可能正在使用VPC对等连接两个VPC。但是在您的情况下,两者都在同一VPC中。那很好。确保在专用子网中启动RDS数据库实例,在公共子网中启动EC2实例。
If your EC2 Instance and RDS DB Instance are in different VPC, you might be using VPC peering to connect two VPCs. But in your case, both are in same VPC. That's good. Make sure RDS DB Instance are launched in private subnet and EC2 Instance are launched in public subnet.
要在EC2实例中连接RDS数据库实例
- 在RDS数据库实例安全组中,您需要打开EC2实例的流量。
- 从RDS仪表板中单击数据库安全组。点击入站标签。 编辑按钮用于在安全组中添加或删除规则。
- 添加用于EC2实例访问数据库的规则。假设您已经在数据库实例中启动了MySQL数据库引擎。您需要为EC2实例打开3306端口。您可以使用EC2实例的私有IP与RDS数据库实例连接。
- SSH进入EC2实例,安装
mysql-server
软件包。您需要使用mysql-server
连接RDS数据库实例。 -
mysql --host =< my-hostname> --port = 3306 --user =< user> --password =<密码>
命令用于连接RDS数据库实例。
- In RDS DB Instance security group, you need to open traffic for EC2 instance.
- Click DB Security Group from RDS Dashboard. Click on Inbound tab. Edit button is used to add or remove rules from security group.
- Add rule for EC2 Instance to access your database. Let's say, you have launched MySQL DB Engine in DB Instance. You need to open 3306 port for EC2 Instance. You can use Private IP of EC2 instance to connect with RDS DB Instance.
- SSH into EC2 instance, install
mysql-server
package. You need to connect RDS DB Instance usingmysql-server
. mysql --host=<my-hostname> --port=3306 --user=<user> --password=<password>
command used to connect with RDS DB Instance.
要在MySQL WorkBench中连接RDS数据库实例
- 在MySQL WorkBench中,单击设置新连接。
- 提供连接名称。选择通过SSH的标准(TCP / IP)。您需要提供SSH主机名,用户名和密钥文件,以及MySQL主机名,端口,用户名和密码。
- SSH凭据与EC2实例凭据完全不同。对于密钥文件,您必须浏览以查找KeyPair(.pem)文件。在RDS主机名中,您必须提供RDS仪表板中可用的终结点。
-
要验证连接,请单击测试连接按钮。
- In MySQL WorkBench, click on Setup New Connection.
- Give connection name. Choose Standard (TCP/IP) over SSH. You need to provide SSH hostname, username and keyfile as well as MySQL hostname, port, username and password.
- SSH credentials is nothing as EC2 instance credentials. For Keyfile, you have to browse for KeyPair(.pem) file. In RDS Hostname, you have to provide endpoint which is available in RDS dashboard.
To verify connection, click on Test Connection button.
您的原因选择通过SSH的标准(TCP / IP)是通过EC2实例连接RDS数据库实例。首先,它将连接到EC2实例,然后访问RDS数据库实例,因为数据库实例没有Internet访问并且位于私有子网中。
The reason you are choosing Standard (TCP/IP) over SSH is to connect RDS DB Instance through EC2 Instance. First, It will connect to an EC2 Instance and then access to RDS DB Instance because DB Instance doesn't have internet access and it is in Private Subnet.
确保在Java Web应用程序中,您提到RDS主机名,端口,用户名和密码正确。在应用程序中无需提及EC2主机名。
Make sure in java web application, you mentioned RDS hostname, port, username and password are correct. No need to mention EC2 hostname in the application.
这篇关于是什么使我无法从AWS EC2 VM连接到AWS RDS上的MySQL服务器?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!