为什么我无法从我的 PC 连接到新的 AWS Aurora Serverless 实例?
Why can't I connect to a new AWS Aurora Serverless instance from my PC?
正在尝试设置普通 AWS RDS Aurora 无服务器实例。
目前,我只想直接从我的 PC 连接到它作为完整性检查,但我无法这样做。每次我通过 $ mysql 连接时,它都会等待几分钟。然后我得到:
$ mysql -h <MY-DATABASE>.cluster-deadbeef.us-west-1.rds.amazonaws.com -P 3306 -u admin -p
ERROR 2003 (HY000): Can't connect to MySQL server on '<MY-DATABASE>.cluster-deadbeef.us-west-1.rds.amazonaws.com' (60)
(nc 也只是超时)
看起来我在某处建立了网络连接,但我不确定在哪里。
这是整个设置(我认为我已经包含了所有相关内容?):
数据库实例:
$ aws rds describe-db-clusters --output json | jq '.DBClusters[0] | {AvailabilityZones, DBSubnetGroup, VpcSecurityGroups}'
{
"AvailabilityZones": [
"us-west-1c",
"us-west-1b"
],
"DBSubnetGroup": "default-vpc-0165fd69fae5d2569",
"VpcSecurityGroups": [
{
"VpcSecurityGroupId": "sg-051e6ad0fe8837a56",
"Status": "active"
}
]
}
VPC:
$ aws ec2 describe-vpcs --output json | jq '.Vpcs[0] | {VpcId, CidrBlock, CidrBlockAssociationSet}'
{
"VpcId": "vpc-0165fd69fae5d2569",
"CidrBlock": "10.0.0.0/16",
"CidrBlockAssociationSet": [
{
"AssociationId": "vpc-cidr-assoc-0fe35851049a94f32",
"CidrBlock": "10.0.0.0/16",
"CidrBlockState": {
"State": "associated"
}
}
]
}
VPC 子网:
$ aws ec2 describe-subnets --output json | jq '.Subnets[] | {AvailabilityZone,AvailabilityZoneId,CidrBlock,VpcId}'
{
"AvailabilityZone": "us-west-1c",
"AvailabilityZoneId": "usw1-az1",
"CidrBlock": "10.0.1.0/24",
"VpcId": "vpc-0165fd69fae5d2569"
}
{
"AvailabilityZone": "us-west-1b",
"AvailabilityZoneId": "usw1-az3",
"CidrBlock": "10.0.0.0/24",
"VpcId": "vpc-0165fd69fae5d2569"
}
安全组:
是的,目前完全开放,仍然无法连接:(
$ aws ec2 describe-security-groups --output json | jq '.SecurityGroups[]'
{
"IpPermissions": [
{
"IpProtocol": "-1",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [
{
"CidrIpv6": "::/0"
}
],
"PrefixListIds": [],
"UserIdGroupPairs": [
{
"GroupId": "sg-051e6ad0fe8837a56",
}
]
},
{
"FromPort": 3306,
"IpProtocol": "tcp",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [
{
"CidrIpv6": "::/0"
}
],
"PrefixListIds": [],
"ToPort": 3306,
"UserIdGroupPairs": []
}
],
"GroupId": "sg-051e6ad0fe8837a56",
"IpPermissionsEgress": [
{
"IpProtocol": "-1",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"UserIdGroupPairs": []
}
],
"VpcId": "vpc-0165fd69fae5d2569"
}
路线Table:
$ aws ec2 describe-route-tables --output json | jq '.RouteTables[]'
{
"Associations": [
{
"Main": true,
"RouteTableAssociationId": "rtbassoc-0aebc4a882b0cd2a5",
"RouteTableId": "rtb-0ce6ee26652736941",
"AssociationState": {
"State": "associated"
}
},
{
"Main": false,
"RouteTableAssociationId": "rtbassoc-047d54469da606a50",
"RouteTableId": "rtb-0ce6ee26652736941",
"SubnetId": "subnet-0744475e288c0424c",
"AssociationState": {
"State": "associated"
}
},
{
"Main": false,
"RouteTableAssociationId": "rtbassoc-08c5ea54642014c95",
"RouteTableId": "rtb-0ce6ee26652736941",
"SubnetId": "subnet-0b9c99ff38b860725",
"AssociationState": {
"State": "associated"
}
}
],
"RouteTableId": "rtb-0ce6ee26652736941",
"Routes": [
{
"DestinationCidrBlock": "10.0.0.0/16",
"GatewayId": "local",
"Origin": "CreateRouteTable",
"State": "active"
},
{
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": "igw-0f8ad7dfe1eaa0c67",
"Origin": "CreateRoute",
"State": "active"
}
],
"VpcId": "vpc-0165fd69fae5d2569",
}
我错过了什么?
谢谢!!
For now, I just want to connect to it directly from my PC
您无法从本地系统访问无服务器数据库,它只能通过 AWS 网络.
访问
您可以通过您的 EC2 实例配置 ssh-tunnel 以访问无服务器数据库或在同一 VPC 中使用 运行 的 VPN。
Because Aurora Serverless DB clusters do not have publically accessible endpoints, your MyClusterName can only be accessed from within the same VPC.
正在尝试设置普通 AWS RDS Aurora 无服务器实例。
目前,我只想直接从我的 PC 连接到它作为完整性检查,但我无法这样做。每次我通过 $ mysql 连接时,它都会等待几分钟。然后我得到:
$ mysql -h <MY-DATABASE>.cluster-deadbeef.us-west-1.rds.amazonaws.com -P 3306 -u admin -p
ERROR 2003 (HY000): Can't connect to MySQL server on '<MY-DATABASE>.cluster-deadbeef.us-west-1.rds.amazonaws.com' (60)
(nc 也只是超时)
看起来我在某处建立了网络连接,但我不确定在哪里。
这是整个设置(我认为我已经包含了所有相关内容?):
数据库实例:
$ aws rds describe-db-clusters --output json | jq '.DBClusters[0] | {AvailabilityZones, DBSubnetGroup, VpcSecurityGroups}' { "AvailabilityZones": [ "us-west-1c", "us-west-1b" ], "DBSubnetGroup": "default-vpc-0165fd69fae5d2569", "VpcSecurityGroups": [ { "VpcSecurityGroupId": "sg-051e6ad0fe8837a56", "Status": "active" } ] }VPC:
$ aws ec2 describe-vpcs --output json | jq '.Vpcs[0] | {VpcId, CidrBlock, CidrBlockAssociationSet}' { "VpcId": "vpc-0165fd69fae5d2569", "CidrBlock": "10.0.0.0/16", "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-0fe35851049a94f32", "CidrBlock": "10.0.0.0/16", "CidrBlockState": { "State": "associated" } } ] }VPC 子网:
$ aws ec2 describe-subnets --output json | jq '.Subnets[] | {AvailabilityZone,AvailabilityZoneId,CidrBlock,VpcId}' { "AvailabilityZone": "us-west-1c", "AvailabilityZoneId": "usw1-az1", "CidrBlock": "10.0.1.0/24", "VpcId": "vpc-0165fd69fae5d2569" } { "AvailabilityZone": "us-west-1b", "AvailabilityZoneId": "usw1-az3", "CidrBlock": "10.0.0.0/24", "VpcId": "vpc-0165fd69fae5d2569" }安全组:
是的,目前完全开放,仍然无法连接:(
$ aws ec2 describe-security-groups --output json | jq '.SecurityGroups[]' { "IpPermissions": [ { "IpProtocol": "-1", "IpRanges": [ { "CidrIp": "0.0.0.0/0" } ], "Ipv6Ranges": [ { "CidrIpv6": "::/0" } ], "PrefixListIds": [], "UserIdGroupPairs": [ { "GroupId": "sg-051e6ad0fe8837a56", } ] }, { "FromPort": 3306, "IpProtocol": "tcp", "IpRanges": [ { "CidrIp": "0.0.0.0/0" } ], "Ipv6Ranges": [ { "CidrIpv6": "::/0" } ], "PrefixListIds": [], "ToPort": 3306, "UserIdGroupPairs": [] } ], "GroupId": "sg-051e6ad0fe8837a56", "IpPermissionsEgress": [ { "IpProtocol": "-1", "IpRanges": [ { "CidrIp": "0.0.0.0/0" } ], "Ipv6Ranges": [], "PrefixListIds": [], "UserIdGroupPairs": [] } ], "VpcId": "vpc-0165fd69fae5d2569" }路线Table:
$ aws ec2 describe-route-tables --output json | jq '.RouteTables[]' { "Associations": [ { "Main": true, "RouteTableAssociationId": "rtbassoc-0aebc4a882b0cd2a5", "RouteTableId": "rtb-0ce6ee26652736941", "AssociationState": { "State": "associated" } }, { "Main": false, "RouteTableAssociationId": "rtbassoc-047d54469da606a50", "RouteTableId": "rtb-0ce6ee26652736941", "SubnetId": "subnet-0744475e288c0424c", "AssociationState": { "State": "associated" } }, { "Main": false, "RouteTableAssociationId": "rtbassoc-08c5ea54642014c95", "RouteTableId": "rtb-0ce6ee26652736941", "SubnetId": "subnet-0b9c99ff38b860725", "AssociationState": { "State": "associated" } } ], "RouteTableId": "rtb-0ce6ee26652736941", "Routes": [ { "DestinationCidrBlock": "10.0.0.0/16", "GatewayId": "local", "Origin": "CreateRouteTable", "State": "active" }, { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": "igw-0f8ad7dfe1eaa0c67", "Origin": "CreateRoute", "State": "active" } ], "VpcId": "vpc-0165fd69fae5d2569", }
我错过了什么?
谢谢!!
For now, I just want to connect to it directly from my PC
您无法从本地系统访问无服务器数据库,它只能通过 AWS 网络.
访问您可以通过您的 EC2 实例配置 ssh-tunnel 以访问无服务器数据库或在同一 VPC 中使用 运行 的 VPN。
Because Aurora Serverless DB clusters do not have publically accessible endpoints, your MyClusterName can only be accessed from within the same VPC.