After you create an RDS Custom instance, you can connect to it from the command line. This topic describes how to connect to an RDS Custom instance.
Prerequisites
The RDS Custom instance is running.
Logon credentials, such as a custom password or a key pair, are configured for the RDS Custom instance.
If you use a key pair to connect to the RDS Custom instance, the private key file (.pem file) must be available on your local computer. For more information, see Create an SSH key pair.
Step 1: Obtain the IP address of the RDS Custom instance
You can access an RDS Custom instance using its private IP address or an elastic IP address (EIP).
Connection method | Description | Billing |
Private IP | You can connect to the RDS Custom instance only from an ECS instance that is in the same region and VPC. | No traffic fees are charged. |
EIP | You can connect to the instance from ECS instances (regardless of the region and VPC), local servers, and common Secure Shell (SSH) tools, such as OpenSSH clients, PuTTY, and XShell. |
|
Log in to the RDS console. In the navigation pane on the left, click RDS Custom > Instances. In the top navigation bar, select a region.
Click the instance ID to go to the instance details page.
In the Configuration Information section of the Basic Information page, you can obtain the private IP address or associate an EIP.
NoteWhen you associate an EIP, you can select an existing EIP or create a new EIP. For more information about how to create an EIP, see Apply for an EIP.
Step 2: (Optional) Configure security group rules
If you use an associated EIP to connect to the RDS Custom instance, you must add the public IP address of the client, such as an ECS instance or a local server, to the security group of the RDS Custom instance. Skip this step if you use a private IP address.
Log in to the RDS console. In the navigation pane on the left, click RDS Custom > Instances. In the top navigation bar, select a region.
Click the instance ID to go to the instance details page.
On the Basic Information page, obtain the security group ID of the RDS Custom instance from the Other Information section.
Log on to the ECS console, find the security group of the RDS Custom instance, and add a security group rule. For more information, see Add a security group rule.
Step 3: Connect to the RDS Custom instance
This section uses an ECS instance as an example to describe how to connect to an RDS Custom instance.
Connect to an RDS Custom instance using a custom password
Log on to the ECS instance. For more information, see the "Connect to an instance" section in Use the console to manage an ECS instance.
Run the following command and enter the password for the RDS Custom instance when prompted.
ssh username@IPusername: The username for the RDS Custom instance. The default username is root.
IP: The IP address of the RDS Custom instance.
After you log on to the RDS Custom instance, avoid managing the route table, iptables firewall rules, or network interface card configurations, such as restarting eth0, to prevent connection interruptions.
Connect to an RDS Custom instance using a key pair
Configure a key pair by running commands
Log on to the ECS instance. For more information, see the "Connect to an instance" section in Use the console to manage an ECS instance.
Upload the private key file (.pem file) to a directory on the ECS instance, such as the ~/.ssh directory.
Run the following command to modify the permissions of the private key file.
chmod 400 [Path to the .pem private key file on your local computer]Example:
chmod 400 ~/.ssh/custom_test.pemRun the following command to connect to the RDS Custom instance:
ssh -i [Directory of the PEM private key file on your computer] username@[IP address of the RDS Custom instance]For example:
ssh -i ~/.ssh/custom_test.pem root@172.26.XX.XX
Configure a key pair using the config file
Log on to the ECS instance. For more information, see the "Connect to an instance" section in Use the console to manage an ECS instance.
Upload the private key file (.pem file) to a directory on the ECS instance, such as the ~/.ssh directory.
Run the following command to modify the permissions of the private key file.
chmod 400 [Path to the .pem private key file on your local computer]Example:
chmod 400 ~/.ssh/custom_test.pemRun the following commands to navigate to the .ssh directory in the home directory, and then create and edit the config file.
cd ~/.ssh vim configIn the config file, press
ito enter the edit mode and add the following configuration items.# Enter the alias of the RDS Custom instance for the SSH remote connection. Host custom_test # Enter the IP address of the RDS Custom instance. HostName 172.26.XX.XX # Enter the port number. The default value is 22. Port 22 # Enter the logon account. The default account is root. User root # Enter the path to the .pem private key file on your computer. IdentityFile ~/.ssh/custom_test.pemRun the following command to restart the SSH service.
WarningIf the SSH service fails to restart, it may become unavailable and interrupt your services. We recommend that you perform this operation during off-peak hours.
service sshd restartRun the following command to connect to the RDS Custom instance.
ssh [Alias of the RDS Custom instance]Example:
ssh custom_test
After you log on to the RDS Custom instance, avoid managing the route table, iptables firewall rules, or network interface card configurations, such as restarting eth0, to prevent connection interruptions.
More operations
You can use Alibaba Cloud Server Load Balancer to forward access traffic to an RDS Custom instance. This balances traffic allocation, improves service availability and extensibility, and lets you connect to the instance from the internet while protecting your internal network. For more information, see the following topics: