Access Lightsail Instance's database with MySQL Workbench - mysql

I have an Amazon Lightsail Ubuntu multi WordPress site set up with bitnami stack.
I'm looking for a way to access the Instance's database on Amazon Lightsail with MySQL Workbench remotely.
Please note that I do not have a seperate Lightsail database, as I'm trying to do things as cheaply as possible at the moment. So the following guide is not applicable to me.
Connecting to your MySQL database in Amazon Lightsail
According the wp-config.php MySQL database is using localhost:3306
I have static IP address 3.230.xxx.xxx. I have taken the DB username and password from the wp_config.php file.
I've entered the details.
I wonder if anybody else has managed to connect to an Instance's database, rather than a seperate database.
If this is not possible I wonder if there are any suggestions as how to best access this Instance's database remotely.

Found the answer using a similar youtube video which is used to connect to phpMyAdmin.
https://www.youtube.com/watch?v=9VdcQLDmYII
Basically you need to use Putty SSH tunneling in order to connect to the MySQL instance
First I added a new connection in Putty, make sure port 22 is open on
the LightSail firewall
Go to the Connection -> SSH -> Auth tab on the right hand side menu
Enter your SSH key which is downloaded from the Lightsail dashboard,
it will need to be converted in the standard recognised by putty
Go to Connections -> Data tab on the right hand side menu. Add a new
forwarded port we are forwarding localhost:3306 on the server to a
port on our machine 2222
Start the connection via Putty.
Now in MySQL WorkBench go to the connection to database windows.
Enter the port 2222 I entered the DB user and Password from
wp-config.php file and was able to successfully connect.
Also found a second method
Within the MySQL Workbench you can change the connection method to `Standard TCP/IP over SSH'. Gave the SSH key and the relevant details on connection was accepted

Here is what you need to remotely connect MySQL on Lightsail.
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-connecting-to-your-mysql-database
There are 3 steps:
get the endpoint link
enable public mode
configure MySQL workbench

Yes I have - after a marathon tech support session with AWS :)
Although the Lightsail firewall may say port 3306 is open, the server instance itself may have its own firewall settings which close it. On my case teh AMI that was used to set up the instance was configured that way
I my case it was Ubuntu but here is the summary of the advice I got from AWS--
We have connected to the instance via SSH using the user-name 'xxxxxx' from terminal.
--
ssh -l xxxxx 34.xxx.xxx.221
Checked and confirmed that mysql is running on the instance.
systemctl status mysql
Confirmed the port on which mysql is running.
netstat -plnae | grep 'pid'
Checked the 'ufw' firewall rules and noticed that 3306 is not allowed.
ufw status
Opened the port 3306 on ufw firewall
ufw allow 3306
After performing these steps you were able to establish connection to your database
hth

Related

How can I connect a Jupyter Notebook to a remote MySQL DB using Peewee?

I am trying Peewee to connect and retrieve data from a MySQL remote database, but I get the following error:
InternalError: (1130, "Host 'x.x.x.x' is not allowed to connect to this MariaDB server")
Could you help me?
"retrieve data from a MySQL remote database"
"Host is not allowed to connect to this MariaDB server"
Seem to point on a simple problem:
You're not allowed to connect on the DB from "outside".
By default, MySql / MariaDB are only listening on the "inside" of the server, from MariaDb doc :
MariaDB packages bind MariaDB to 127.0.0.1 (the loopback IP address) by default as a security measure using the bind-address configuration directive.
This mean apart for an application that run on the same machine (accessing 127.0.0.1 or localhost), you'll not be able to connect.
Solutions:
SSH tunnelling
This is probably the safest way to allow a connexion on a remote DB.
SSH is a protocol that allow you to connect to a server. It's mainly used on unix server to manage them, but can do a lot more.
How to use it in your case?
if you can connect with SSH to your DB server, then running this simple command on your notebook the will do the trick:
ssh -L 3306:localhost:3306 user#x.x.x.x
Lets explain a bit: first, your run SSH, then, you tell him to enable a port forwarding from your 3306 port to the localhost:3306 port of the server you connect through user#IP.
With this command running, every query from your local machine:3306 will by send to your MariaDB:3306 server, allowing you to use it as if you where on the server.
Allowing a remote-access user
This one is way more dangerous than the previous one. You'll need to take your time and think about every outcome it mean.
As already said, you're not allowed to connect from outside, ssh let you be "inside", but if you know what you do, you can just remove the security.
The point is:
to make an account that'll be able to login from a remote IP,
allow MariaDB to listen on external requests,
and at least, secure other account to disable remote connection.
[I'm not putting the how-to now, if you really need it, I'll update this answer]

Connecting to Remote MySQL DB over ssh with workbench

I'm trying to connect to a remote DB with MySQL Workbench over SSH. The remote DB I'm trying to connect to has firewall which is private key protected (I have coverted this to OPEN SHH). I keep getting an error when I try to connect, I'm just a little confused on what is the information of the DB I should be using. I consistently see people use localhost and the DB changed intermittadely at the same point in different questions. My set up is currently that I have to connect to the server of the firewall(check) now there are multiple VMs running I wish to connect to e.g. 192.1.91.0. I have also a port set up to this on putty( I don't know if this is relevant) on localhost 5000. When I try to connect using 192.1.91.0 port 3306 or localhost 5000. I get the same error. Can anyone help. Attached is an image of the information I put into workbench
I think there are a few misunderstandings here. A firewall is not protected by a keypair. An SSH connection is. The firewall only filters network traffic using specific rules (e.g. only let it pass for enabled network ports). When you use an SSH connection you have to use the MySQL address as seen from the remote SSH connection end. That means if the MySQL server runs on the same machine as the SSH server (which is what you connect to when you use an SSH tunnel) then the address is localhost (or the IPv4/IPv6 loopback address). See my video about connection creation and troubleshooting on Youtube for more details.
To connect workbench with a private database you will need a 'jump host' also called 'bastion host' which can be any EC2 instance in a public subne in same VPC as database.
Follow Below Steps:
Open the security group attached to the database, and add new rule as below:-
Type:MYSQL/Aurora, Protocol:TCP, PortRange:3306,
Source:securitygroupofEC2 (you can all security group by entering
'sg-')
Open the security group attached to the EC2, and make port 22 is open. If not, add a new rule as below:-
Type:SSH, Protocol:TCP, PortRange:22, Source:MY IP
Open Workbench, Click New connection
- Standard TCP/IP over SSH
- SSH Hostname : < your EC2 Public IP > #34.3.3.1
- SSH Username : < your username > #common ones are : ubuntu, ec2-user, admin
- SSH KeyFile: < attach your EC2 .pem file>
- MYSQL Hostname: <database endpoint name> #mydb.tbgvsblc6.eu-west-1.rds.amazonaws.com
- MYSQL Port: 3306
- Username : <database username>
- Password: <database password>
Click 'test connection' and boom done!!
If the MySQL Server is configured to accept remote connections, you can use the servers IP address, but then you don't need to connect over ssh. Once you choose connect over ssh, the workbench creates a portforwarding using the ssh credentials to the specified server. So you have to use localhost as MySQL hostname. Due to the portforwarding, the request will be forwarded to your remote machine. In short: As far as I understand your question, you have to use localhost.

Workbench migration via ssh - how to set up a tunnel

I try to migrate MSSQL (local machine) to MYSQL (Amazon Web Services) usin Workbench. I can connect to both databases. However when I migrate I get this error:
Mysql connections through SSH are not supported in this version...
Well, I found this in documentation:
A workaround is to set up an encrypted tunnel, and then treat the MySQL target as a standard TCP (unencrypted) connection.
But I don't know how to set up a tunnel. Does anyone can help?
Okay, if I'm understanding this correctly, I think I'd prefer to set up a tunnel in Putty. I don't have a solid grasp of how MySQL Workbench works (I'm assuming its analogous to SSMS), but I have used maaany SSH tunnels in my day. Here are some basic instructions:
http://www.electrictoolbox.com/putty-create-ssh-port-tunnel/
You'll want to create a local tunnel from any port you choose (although I'd go with the MySQL default 3306) to the destination of 127.0.0.1:3306. Be sure to click add and save your session settings in Putty.
Open the SSH connection to the AWS machine. Try to connect to your MySQL instance through 127.0.0.1:3306. This should allow you to pull from your local SQL Server and send data to your AWS instance (through the tunnel, 127.0.0.1:3306 of course).
Hope this helps. Let me know if this doesn't solve your issue.
If you have Amazon ec2:
On Windows machine connect using putty via ssh:
In session host name (user#public_ip_address)
Connection -> SSH -> Tunnels (Source port: 3306 OR choose free one) AND (Destination 127.0.0.1:3306)
You can check if tunnel was establihed in event log (right click on terminal bar)
In Workbench now you can use TCP/IP without SSH.
Thanks guys!

Connect to RDS from VPS

I am trying to transfer an existing mysql database that is located on my VPS to AWS RDS.
I have RDS set up and I am able to connect to the server just fine by connecting to one of my ec2 instances through ssh and using this command:
mysql -uuser -p -hxx.xx.us-west-2.rds.amazonaws.com
However, when I try to connect from my VPS (through ssh) I receive an ERROR 2003, which I believe is permission denied.
It doesn't seem to matter how I set my security group. I set the inbound to allow port 3306 from my server ip and that did not work, I even tried allowing all traffic on all ports from anywhere on my inbound rules and I still am unable to connect. The outbound has always been completely open.
If anyone can see anything that I am missing I would really appreciate some help.
Thanks.
Make sure your RDS instance is set to public if you want to access it externally. If in fact it's not publicly accessible then you'll need to recreate your instance and import your data, or take a snapshot and rebuild your RDS instance from the snapshot.
You only have ONE chance to modify it and that is at instance creation.
If you do this then make sure you security group only allows from a specific IP address or if you're using MySQL workbench rather use a SSH tunnel using SSH keys via an EC2 instance.
Is user a user you created manually in your RDS, or is it the admin user that was created when you created the instance? If the former, then make sure you have granted access to that user from your remote VPS.
Also, from your VPS, make sure you can open a TCP connection to the database. Try:
$ nc -v -z xx.xx.us-west-2.rds.amazonaws.com 3306
If the connection succeeds here but you still can't connect with the mysql CLI, you have a problem with the username/password/database connection info.

can cakePHP connect to remote database?

I am setting up CakePHP for the first time in order to develop the server side of the website I'm building. I already have a database set up on a remote server. So I want CakePHP to connect to that server. That's not working. I get a notice "Cake is NOT able to connect to the database."
I've tried changing the settings in cake\app\database.php:
persistent: true or false
host: with or without prefix 'http://'
But none of that helps. All the examples I've seen have server set to 'localhost'.
Can anyone tell me if cakePHP can connect to a remote db? Or am I completely missing the point and should I be using the mysql server included in my WAMP set?
You have 2 options
Option 1
Your webhost needs to allow connections to the mysql instance from outside the local network.
Check the manuals for the webhost if you're allowed to change the mysql configuration yourself you may be allowed to accept incoming connections.
Your method only works when the host accepts incoming connections on for example port 3306 which is the default mysql port.
Option 2
If you have SSH access to the remote host, you're able to set up a tunnel.
Which would make you connect to the Mysql Instance though your SSH connection on a local port.
One way you could do this is by using PuTTY.
How to set up a MySQL tunnel in PuTTY
Initiate the connection and keep it alive.
Use the host 127.0.0.1 and port 3306 in your CakePHP Database config.
Username & Password would be your MySQL User Credentials