This topic describes how to configure IP address whitelists and use a database client or the CLI to connect to an RDS MySQL instance.

Prerequisites

Suggestion

If you want to connect to the RDS instance from an Elastic Compute Service (ECS) instance, and the ECS instance and the RDS instance meet the conditions for communication over an internal network, we recommend that you use an internal endpoint to connect to the RDS instance to achieve the fastest response and the lowest latency.

Use the CLI to connect to an RDS instance

The following example describes how to connect to an RDS MySQL instance from a server that runs Linux. You must install MySQL on the server before the connection. You can run the following commands to install MySQL:
  • If you use a CentOS operating system, run the yum install mysql command.
  • If you use an Ubuntu operating system, run the apt-get update command and then the apt install mysql-server command.
  1. Log on to the server from which you want to connect to the RDS instance. For example, the server can be an ECS instance or an on-premises device.
    Note For more information about how to log on to an ECS instance, see the "Connect to an instance" section in Create and manage an ECS instance by using the ECS console (express version).
  2. Run the following command:
    mysql -hEndpoint -PPort -uUsername -pPassword
    Note
    • The uppercase letter P specifies the port number, and the lowercase letter p specifies the password.
    • When you enter a username and a password, no spaces are allowed between -u and the username and -p and the password.
    • You can also enter the password after running the command instead of entering the password next to -p. This helps prevent the password from being displayed in plaintext.
    • Endpoint and port number: Enter the endpoint and port number that are used to connect to the RDS instance.
      Connection scenario Endpoint to be obtained How to obtain the endpoint
      You want to connect to the RDS instance from an ECS instance. The ECS instance and the RDS instance meet the conditions for communication over an internal network. The internal endpoint of the RDS instance
      1. Access RDS Instances, select a region at the top, and then click the ID of the target RDS instance.
      2. In the Basic Information section of the page that appears, click See Detail to the right of the Network Type parameter to view the endpoint and port number that are used to connect to the RDS instance. View Detail
      Note
      • Before you can view the endpoint and port number that are used to connect to the RDS instance, you must configure IP address whitelists for the RDS instance.
      • A public endpoint is displayed only after you click Apply for Public Endpoint to apply for a public endpoint for the RDS instance. Apply for Public Endpoint
      You want to connect to the RDS instance from an ECS instance. The ECS instance and the RDS instance do not meet the conditions for communication over an internal network. The public endpoint of the RDS instance
      Connect to the RDS instance from an on-premises device.
    • Username and password: Obtain the username and password of the account that is used to connect to the RDS instance from the Accounts page.
    Figure 1. Example command
    Example
    Figure 2. Successful connection
    Successful connection
    Note If connection errors occur, you can troubleshoot the errors by following the instructions provided in Common connection errors.

Use a database client to connect to an RDS instance

You can use a general-purpose MySQL client to connect to an RDS MySQL instance. The following example describes how to use MySQL Workbench 8.0.29 to connect to an RDS instance. The operations on other types of clients are similar.

  1. Install MySQL Workbench. For more information, visit the MySQL Workbench download page.
  2. Start MySQL Workbench and choose Database > Connect to Database.
  3. Enter the connection information and click OK.
    Connect to Database
    • Hostname and Port: Enter the endpoint and port number that are used to connect to the RDS instance.
      Connection scenario Endpoint to be obtained How to obtain the endpoint
      You want to connect to the RDS instance from an ECS instance. The ECS instance and the RDS instance meet the conditions for communication over an internal network. The internal endpoint of the RDS instance
      1. Access RDS Instances, select a region at the top, and then click the ID of the target RDS instance.
      2. In the Basic Information section of the page that appears, click See Detail to the right of the Network Type parameter to view the endpoint and port number that are used to connect to the RDS instance. View Detail
      Note
      • Before you can view the endpoint and port number that are used to connect to the RDS instance, you must configure IP address whitelists for the RDS instance.
      • A public endpoint is displayed only after you click Apply for Public Endpoint to apply for a public endpoint for the RDS instance. Apply for Public Endpoint
      You want to connect to the RDS instance from an ECS instance. The ECS instance and the RDS instance do not meet the conditions for communication over an internal network. The public endpoint of the RDS instance
      Connect to the RDS instance from an on-premises device.
    • Username and Password: Obtain the username and password of the account that is used to connect to the RDS instance from the Accounts page.

Common connection errors

Error message Cause and solution
mysql command not found MySQL is not installed. Run the following commands to install MySQL:
  • If you use a CentOS operating system, run the yum install mysql command.
  • If you use an Ubuntu operating system, run the apt-get update command and then the apt install mysql-server command.
SSL connection error: SSL is required but the server doesn't support it You are using specific versions of MySQL Workbench. In these versions, standard TCP/IP connections require SSL encryption. However, the connected server does not support SSL encryption. In this case, you can download the version of MySQL Workbench that is described in this section to establish regular connections.
Can't connect to MySQL server on 'rm-bp1xxxxxxxxxxxxxx.mysql.rds.aliyuncs.com'(10060)

Cannot Connect to Database Server

Your connection attempt failed for user 'xx" to the MySQL server

  • In most cases, this error occurs because the IP address whitelists that you configure are inappropriate. For more information, see Configure an IP address whitelist for an ApsaraDB RDS for MySQL instance.
  • In a few cases, this error occurs because the RDS instance and the ECS instance do not meet the conditions for communication over an internal network but you attempt to connect to the internal endpoint of the RDS instance.
Access denied for user 'xxxxx'@'xxxxx'(using password:YES) This error occurs because the username and password that you entered are incorrect. You can obtain the correct username and password from the Accounts page.
Unknown MySQL server host 'xxxxxxxxx'(11001) This error occurs because the endpoint that you entered is invalid. Valid endpoints are in the rm-xxxxxx.mysql.rds.aliyuncs.com format.

References