In this article we will go through the steps of configuring a MySQL Relational Database Service (RDS) instance using Alibaba Cloud.
Spin up an MySQL RDS instance using the console. The instance created will show up in the list of available RDS instances.
The RDS instance will be created under a specif region and any Elastic Cloud Service instance (ECS) sharing the same VPC can connect to the RDS.
The RDS instance maintains a white-list. To connect a specific ECS instance, the internal IP of the instance has to be white-listed. (If not you will not be able to connect to the MySQL RDS even though the Internal Endpoint DNS is reachable). Below shows what an MySQL RDS detail might look like.
The Internal Endpoint is the name for the MySQL RDS cluster. You can not connect to this endpoint from anywhere within the VPC.
Create RDS User Account(s)
Navigate to the 'Accounts' to create a new user account. Here you can create a 'Privileged Account' or 'Standard Account'. This account is the account for the RDS server instance. For best practice, applications should using 'Privileged Account' types to connect to the RDS using 'Standard Account' permissions.
You can also create user accounts using the DMS portal. This will allow you to configure granular permissions. Below shows an example:
Connecting to the instance using DMS
One of the easiest ways to connect and view your MySQL RDS instance is to use Alibaba Cloud's DMS portal. The portal is accessible by navigating to the the RDS instance and clicking 'Log On To DB' to open the DMS portal.
The DMS portal acts as an IDE and allows you to execute queries, configure your MySQL databases and instance. Below shows what you might see for a MySQL WordPress database.
Connecting to the instance using MySQL CLI
To connect to the RDS instance from on ECS instance, you will need to use the MySQL command line interface (CLI). The MySQL CLI can be either installed directly onto the ECS or run from a Docker container instance.
Assuming that you have Docker installed, run the Docker command to start an MySQL instance. Make sure that MySQL port, 3306 is not already bound to a particular application.
docker run -p 3306:3306 -e MYSQL_ROOT_PASSWORD=pass mysql:5.7 docker exec -it [docker_image_id] /bin/bash mysql -h [rds_endpoint].mysql.rds.aliyuncs.com -u wpadmin -p -D wpdb01
You can also run commands without entering the docker MySQL container.
docker run mysql:5.7 mysql -h[rds_endpoint].mysql.rds.aliyuncs.com -uwpadmin -p[password] -Dwpdb01 -e"select Host, User from mysql.user"
Troubleshooting MySQL connections
Checking port 3306
Check that port 3306 is used by your MySQL cli using the following command.
netstat -na | find "3306"
If you are running a MySQL instance, it should look like the following image. If not, the netstat command should not show anything listening on 3306 port.
Checking RDS end point
You can test the connection between the ECS and RDS instance by attempting to resolve the name space of the internal endpoint. You can also ping the end point to check if you can connect to the RDS instance.
Note: The RDS endpoint can be resolved as long as the DNS server is reachable. However verifying that the endpoint resolves does not guarantee that the database instance is accessible.