This topic describes how to configure IP address whitelists and use a database client or the CLI to connect to an ApsaraDB RDS for MySQL instance or a serverless ApsaraDB RDS for MySQL instance.
Prerequisites
- An ApsaraDB RDS for MySQL instance or a serverless RDS instance is created. For more information, see Create an ApsaraDB RDS for MySQL instance.
- A database and an account are created for the RDS instance. For more information, see Create databases and accounts for an ApsaraDB RDS for MySQL instance.
- An IP address whitelist is configured for the RDS instance. For more information, see Configure an IP address whitelist for an ApsaraDB RDS for MySQL instance.
Suggestions
If you want to connect to the RDS instance from an Elastic Compute Service (ECS) instance that is accessible over an internal network,we recommend that you use an internal endpoint to connect to the RDS instance to achieve the fastest response and the lowest latency.
Use the CLI to connect to an RDS instance
The following example describes how to connect to an ApsaraDB RDS for MySQL instance or a serverless RDS instance from a server that runs Linux. You must install MySQL on the server before the connection. You can run the following commands to install MySQL:
- If you use a CentOS operating system, run the
sudo yum install mysqlcommand. - If you use an Ubuntu operating system, run the
sudo apt-get updatecommand and then thesudo apt install mysql-servercommand.
- Log on to the server from which you want to connect to the RDS instance. For example, the server can be an ECS instance or an on-premises device. Note For more information about how to log on to an ECS instance, see the "Connect to an instance" section in Create and manage an ECS instance by using the ECS console (express version).
- Run the following command:
mysql -hEndpoint -PPort number -uUsername -pPasswordNote- The uppercase letter P specifies the port number, and the lowercase letter p specifies the password.
- When you enter a username and a password, no spaces are allowed between
-uand the username or between-pand the password. - If you do not specify the
-poption when you run the command, you can enter the password after the command is run. This prevents the password from being displayed in plaintext.
- Endpoint and port number: Enter the endpoint and port number that are used to connect to the RDS instance.
Scenario Endpoint to be obtained Method to obtain the endpoint You want to connect to the RDS instance from an Elastic Compute Service (ECS) instance that is accessible over an internal network. Internal endpoint of the RDS instance - Go to the Instances page. In the top navigation bar, select the region in which the RDS instance resides. Then, find the RDS instance and click the ID of the instance.
- In the Basic Information section of the page that appears, click See Detail to the right of the Network Type parameter to view the endpoint and port number that are used to connect to the RDS instance.
Note- Before you can view the endpoint and port number that are used to connect to the RDS instance, you must configure IP address whitelists for the RDS instance.
- The public endpoint is displayed only after a public endpoint is applied for the RDS instance by clicking Apply for Public Endpoint.
- You can modify the read/write endpoint of an RDS cluster in the Cluster Read/Write Connection section and modify the read-only endpoint of the RDS cluster in the Cluster Read-only Connection section.
You want to connect to the RDS instance from an ECS instance that is inaccessible over an internal network. Public endpoint of the RDS instance You want to connect to the RDS instance from an on-premises device. - Username and password: Obtain the username and password of the account that is used to connect to the RDS instance from the Accounts page.
Figure 1. Example command 
Figure 2. Connection established 
Note If connection errors occur, you can resolve the errors by following the instructions provided in Common connection errors.
Use a database client to connect to an RDS instance
You can use a general-purpose MySQL client to connect to an ApsaraDB RDS for MySQL instance or a serverless RDS instance. The following example describes how to use MySQL Workbench 8.0.29 to connect to an RDS instance. The operations on other types of clients are similar.
- Install MySQL Workbench. For more information, visit the MySQL Workbench download page.
- Start MySQL Workbench and choose .
- Enter the connection information and click OK.
- Hostname and Port: Enter the endpoint and port number that are used to connect to the RDS instance.
Scenario Endpoint to be obtained Method to obtain the endpoint You want to connect to the RDS instance from an Elastic Compute Service (ECS) instance that is accessible over an internal network. Internal endpoint of the RDS instance - Go to the Instances page. In the top navigation bar, select the region in which the RDS instance resides. Then, find the RDS instance and click the ID of the instance.
- In the Basic Information section of the page that appears, click See Detail to the right of the Network Type parameter to view the endpoint and port number that are used to connect to the RDS instance.
Note- Before you can view the endpoint and port number that are used to connect to the RDS instance, you must configure IP address whitelists for the RDS instance.
- The public endpoint is displayed only after a public endpoint is applied for the RDS instance by clicking Apply for Public Endpoint.
- You can modify the read/write endpoint of an RDS cluster in the Cluster Read/Write Connection section and modify the read-only endpoint of the RDS cluster in the Cluster Read-only Connection section.
You want to connect to the RDS instance from an ECS instance that is inaccessible over an internal network. Public endpoint of the RDS instance You want to connect to the RDS instance from an on-premises device. - Username and Password: Obtain the username and password of the account that is used to connect to the RDS instance from the Accounts page.
- Hostname and Port: Enter the endpoint and port number that are used to connect to the RDS instance.
Common connection errors
| Error message | Cause and solution |
|---|---|
| mysql command not found | MySQL is not installed. Run the following commands to install MySQL:
|
| SSL connection error: SSL is required but the server doesn't support it | You are using specific versions of MySQL Workbench. In these versions, standard TCP/IP connections require SSL encryption. However, the connected server does not support SSL encryption. In this case, you can download the version of MySQL Workbench that is described in this section to establish regular connections. |
| Can't connect to MySQL server on 'rm-bp1xxxxxxxxxxxxxx.mysql.rds.aliyuncs.com'(10060) Cannot Connect to Database Server Your connection attempt failed for user 'xx" to the MySQL server |
|
| Access denied for user 'xxxxx'@'xxxxx'(using password:YES) | This error occurs because the username and password that you entered are incorrect. You can obtain the correct username and password from the Accounts page. |
| Unknown MySQL server host 'xxxxxxxxx'(11001) | This error occurs because the endpoint that you entered is invalid. Valid endpoints are in the rm-xxxxxx.mysql.rds.aliyuncs.com format. |
References
- For more information about how to troubleshoot connection errors, see What do I do if I fail to connect to an ApsaraDB RDS instance?
- For more information about how to connect to an RDS instance in a more convenient and efficient manner, see Use DMS to log on to an ApsaraDB RDS for MySQL instance.
- For more information about how to connect to an RDS instance that runs a different database engine, see the following topics: