This topic describes how to change the network type of an ApsaraDB RDS MySQL instance between Classic Network and VPC.
For more information about how to change the network type in other database engines, see the following topics:
- Change the network type of an RDS SQL Server instance
- Change the network type of an RDS PostgreSQL instance
- Change the network type of an RDS PPAS instance
Network types
- Classic Network: RDS instances in a classic network are not isolated. You can only use whitelists to block unauthorized access to your RDS instance.
- VPC: Each Virtual Private Cloud (VPC) is an isolated network. We recommend that you
choose the VPC network type because it is more secure.
You can customize the routing table, IP address range, and gateway in a VPC. To migrate applications to the cloud without interruption, you can connect your own data center to a VPC in the cloud over a private connection or VPN to build a virtual data center.
- You can choose the Classic Network or VPC network type and switch between them for free.
- Before you change the network type of an ApsaraDB RDS MySQL instance, you must change its network isolation mode to enhanced whitelist. For more information, see Switch to the enhanced whitelist mode for an RDS for MySQL instance.
Change the network type from VPC to Classic Network
- After the network type is changed, the internal endpoint of the RDS instance remains unchanged, but the IP address associated with the internal endpoint changes.
- After the network type is changed, an ECS instance located in the same VPC as the RDS instance can no longer connect to the RDS instance by using the internal endpoint. Make sure that you update the endpoint information on the ECS instance.
- While you change the network type, a 30-second transient disconnection may occur. To avoid interference to your business, we recommend that you change the network type of the RDS instance during off-peak hours, or make sure that your application is configured to automatically reconnect to the RDS instance.
- If the RDS instance runs MySQL 5.7 or MySQL 8.0 and is in the High-availability Edition with standard SSDs or enhanced SSDs (ESSDs), it does not support the Classic Network type. Therefore, you cannot change its network type from VPC to Classic Network.
Procedure
- Log on to the ApsaraDB for RDS console.
- In the upper-left corner of the page, select the region where the target RDS instance
resides.
- Find the target RDS instance and click its ID.
- In the left-side navigation pane, click Database Connection.
- In the Database Connection section, click Switch to Classic Network.
- In the dialog box that appears, click OK.
After the network type is changed to Classic Network, only an ECS instance located in the classic network can connect to the RDS instance by using the internal endpoint. Make sure that you add the internal endpoint of the RDS instance to the ECS instance.
- Configure a whitelist to enable the ECS instance to connect to the RDS instance by
using the internal endpoint.
- If the RDS instance works in standard whitelist mode, add the private IP address of
the ECS instance to any IP address whitelist.
- If the RDS instance works in enhanced whitelist mode, add the private IP address of
the ECS instance to an IP address whitelist of the Classic Network type. For more
information, see Switch to the enhanced whitelist mode for an RDS MySQL instance. If no IP address whitelists of the Classic Network type are available, create one.
- If the RDS instance works in standard whitelist mode, add the private IP address of
the ECS instance to any IP address whitelist.
Change the network type from Classic Network to VPC
Procedure
- Log on to the ApsaraDB for RDS console.
- In the upper-left corner of the page, select the region where the target RDS instance
resides.
- Find the target RDS instance and click its ID.
- In the left-side navigation pane, click Database Connection.
- Click Switch to VPC.
- In the dialog box that appears, select a VPC and a VSwitch, and specify whether to
retain the endpoints used in the classic network.
- Select a VPC. We recommend that you select the VPC that houses your ECS instance. If you do not perform this procedure, your ECS instance cannot connect to the RDS instance over an internal network unless you create a connection by using Express Connect or VPN Gateway between the VPCs of the ECS and RDS instances. For more information, see ClassicLink and Establish a connection between two VPCs.
- Select a VSwitch. If there are no VSwitches available in the selected VPC, create
one in the same zone where the RDS instance resides. For more information, see Create a VSwitch.
- Clear or select Reserve original classic network. The following table describes the different operations.
Operation Description Clear the Reserve original classic network option The endpoints used in the classic network are replaced with those to be used in the selected VPC.
While you change the network type, a 30-second transient disconnection may occur, and the connection from the ECS instance in the classic network to the RDS instance is closed.Select the Reserve original classic network option The endpoints used in the classic network are retained, and the new endpoints you want to use in the selected VPC are generated. In the example shown in the following figure, hybrid access mode is enabled. This means that ECS instances in both the classic network and the selected VPC can connect to the RDS instance by using the internal endpoint.
While you change the network type, the RDS instance remains connected, and the connection from the ECS instance in the classic network to the RDS instance remains available until the endpoints used in the classic network expire.
Before the endpoints used in the classic network expire, you must add the new endpoints you want to use in the selected VPC to the ECS instance. This helps migrate your business to the VPC without interruption. Within seven days before the endpoints used in the classic network expire, the system sends Short Message Service (SMS) messages to the mobile phone bound to your Alibaba Cloud account every day.
For more information, see Configure a hybrid access solution to smoothly migrate an RDS instance from the classic network to a VPC.
- Add the private IP address of the ECS instance in the selected VPC to an IP address
whitelist of the VPC type. This enables the ECS instance to connect to the RDS instance
over an internal network. If no IP address whitelists of the VPC type are available,
create one.
- Add the new endpoints of the RDS instance to the target ECS instance.
- If you have selected the Reserve original classic network option, add the new endpoints to the ECS instance before the endpoints used in the classic network expire.
- If you have cleared the Reserve original classic network option, add the new endpoints to the ECS instance immediately after the network type change is complete.
Note If you want to connect an ECS instance in the classic network to an RDS instance in a VPC over an internal network, you must use ClassicLink to establish a connection, or migrate the ECS instance to the same VPC as the RDS instance.
FAQ
How do I change the VPC and VSwitch of an ApsaraDB RDS MySQL instance?
- You can only directly change the VPC and VSwitch if the instance supports the change. For more information, see Switch to a new VPC and VSwitch for an RDS MySQL instance.
- If the instance supports network type changes between VPC and Classic Network:
- Change the network type from VPC to Classic Network.
- Change the network type from Classic Network to VPC and select the target VPC.
- If the instance does not support network type changes between VPC and Classic Network:
Purchase a new instance and make sure that you select the target VPC. Then, migrate data to the new instance. For more information, see Migrate data between ApsaraDB for RDS instances.
Related operations
| Operation | Description |
|---|---|
| ModifyDBInstanceNetworkType | Changes the network type of an ApsaraDB for RDS instance. |