You can use a MySQL client to connect to a DB instance through a common connection or an SSL connection. The SSL connection is encrypted and therefore more secure.
This document uses MySQL-Front as an example to describe how to connect to an RDS DB instance through a common connection. When using a client to connect to a DB instance, you need to select a floating IP address or EIP.
- If you have deployed MySQL-Front on an ECS that is in the same region as the DB instance to be connected, use the RDS floating IP address.
- Otherwise, use the EIP.
- Add a security group inbound rule to allow the specific IP address and port to access DB instances. For details on how to create a security group, see section Creating a Security Group.
- Start MySQL-Front.
- In the displayed dialog box, click New.
- Enter the information of the target DB instance, as shown in Figure 1.
Figure 1 Adding an account
- Description Name: indicates the name of this database connection task. If you do not set this parameter, it will be the same as Host by default.
- Host: indicates the connection address, which depends on how you intend to access the DB instance. If you intend to access the DB instance from the private network, enter the floating IP address of the DB instance. If you intend to access the DB instance from the public network, enter the EIP of the DB instance. To view the floating IP address or EIP and port of the DB instance, perform the following steps:
- Log in to the RDS console.
- Select the region in which the DB instance is located.
- Click the DB instance name to enter the Basic Information page.
- In the Instance Information area, view the floating IP address or EIP,
- Port: indicates the database port.
- User: indicates user root by default.
- Password: indicates the password of the RDS database username.
- Click Ok.
- In the displayed window, select the connection that you have created in 4 and click Open. If the connection information is correct, the DB instance is successfully connected.
Figure 2 Opening a session
- On the Instance Management page, click the target DB instance. On the displayed Basic Information page, click Download Certificate in the SSL field to download the root certificate or certificate bundle.
- Upload the root certificate to the ECS or save it to the device to be connected to the DB instance.
- Run the following command to connect to an RDS DB instance. The Linux OS is used as an example.
mysql -h <hostName> -P 3306 -u <userName> -p --ssl-ca=<caName>
- The parameter -h indicates different values depending on how you intend to access the DB instance. If you intend to access the DB instance through an ECS, -h indicates the IP address of the primary DB instance. To obtain this IP address, go to the Instance Management page and click the target DB instance. The IP address can be found in the Floating IP Address field on the Basic Information page. If you intend to access the DB instance through an EIP, -h indicates the EIP displayed in the EIP field on the Basic Information page.
- The parameter -P indicates the database port in use. The default value is 3306. To obtain this port number, go to the Instance Management page and click the target DB instance. The port number can be found in the Database Port field on the Basic Information page.
- The parameter -u indicates the username of the RDS database account. The default administrator is root.
- The parameter -p indicates the password of the database account.
- The parameter --ssl-ca indicates the name of the SSL certificate file, which should be stored in the same directory where the command is executed.
For example, to connect to a DB instance through an SSL connection as user root, run the following command:
mysql -h 172.16.0.31 -P 3306 -u root -p --ssl-ca=ca.pem
Enter the password of the database account if the following information is displayed: