I have jar file of springboot and I'm running on compute engineVM
And I also connect SQL-client but what address of mysql should I give in spring boot
I assume you are using GCP's hosted mysql? (Cloud SQL).
If so, then if you are connecting to it via cloud sql proxy, which is running on the same machine, then you just use localhost. The proxy should know the way to the server from there, assuming that you've configured the instance name and project/etc. correctly.
Otherwise, without the proxy, you can use your SQL instance's public IP address, which you can see on the list of running instances when you select the SQL page.
In the second case (using the actual IP address) keep in mind that GCP probably wont let the VM running your application through the firewall to the SQl instance directly. To work around this, you'd have to list your VM's IP address in the Authorized Networks section of the SQL entry (click on your SQL instance in the list and select the Authorization tab). Again, in this case, you need to keep in mind that your VM's IP address is ephemeral by default (unless you made and effort to make it permanent). So if you restart your VM, the above Authorization will no longer make sense. So make sure you make your VM's IP address permanent.
Related
Currently I am using the native Cloud SQL instance that is getting billed against the same project. However to cut some cost, I intend to shift the databases to my other mysql sitting at my other hosting. But I need to put a static IP on the allowed hosts in order to make it work. I added the 4 hosts that they make you add as A records to point the domain. But it didn't work. I read about Sockets API.. but didn't really get it. It's confusing. How to make it work? putting those 4 IP in makes it workable once or twice randomly when once of those provided IP is active I guess but whenever some other IP from the pool gets active, it doesn't work!
Have you looked at Serverless VPC Access with VPC Access Connector as described here?
You should be able to use the VPC Access Connector Source IP CIDR range at your MySql end as allowed IP list.
However you must ensure the connection is secure with a VPN or interconnect.
I have an application running on EC2 instances that store data in an RDS instance. All of these instances are in an AWS VPC with security groups configured to allow them to connect to each other.
For reporting purposes, I would like to connect to the RDS instance from my laptop (e.g. using SQLAlchemy) to run simple queries. Every time I try to connect using the connection string that the EC2 apps use, the connection times out.
For Google, one can use the Cloud SQL proxy for this, but I can't find an analogous product for AWS. Instead, it seems like what I am supposed to do is attach an internet gateway to the VPC and configure the security groups to allow connection from my machine. However, the documents are unclear on how to do this other than allowing all inbound connections or allowing a static IP. Unfortunately my laptop doesn't have a static IP, and I'm uncomfortable allowing all inbound connections as it seems insecure and an invitation to attacks. I also have not been able to find a way to configure a security group to allow connections based on IAM credentials for example using the AWS CLI. Since I will be routinely generating reports, a solution that involves updating a security group (i.e. allowing my current IP) every time I want to connect seems suboptimal.
I have tried following the following documents, but so far have had no success in finding a solution that does not allow all connections:
Allow users to connect to RDS using IAM*
Connecting to RDS instance from command line
Connecting to RDS on VPC from internet
*My RDS instance configuration does not allow me to enable IAM authentication, I'm not sure why
IAM Database Authentication is not supported for the configuration in the DB Instance db.
Modify your Db Instance to another instance class and try again.
(Service: AmazonRDS; Status Code: 400; Error Code: InvalidParameterCombination;
Request ID: a6194fb8-2ab9-4a6a-a2be-63835e6e0184)
Is there something I'm not understanding or overlooking? Is allowing connections from all IPs not a big deal since the DB instance is still secured by DB user credentials?
Select this connection as per screenshot. Then fill up all details use your nat instance .pem file to connect. Its like you are connecting to VPC through Nat gateway or Internet gateway bypassing this.
Another option to install VPN on VPC and connect.
I am trying to locally run a PHP based project, connecting to an Amazon RDS instance. I am receiving the following error in the browser:
![SQLSTATE[HY000] [2002]]1
I have run a series of networking tests where I pinged the following and received successful test results. I pinged:
iiNet's web address
One of iiNet's DNS servers
The loopback address of my computer
I pinged Google
I then tried the mysql utility to remotely connect and received the
ERROR 2003 (HY000): Can't connect to MySQL server
Last factor I think you should know regarding my own networking situation, I am connecting to the internet via:
modem->Zyxel VPN->Wireless Router->My laptop
What in the Sam Hill is going on?
Thanks,
CM
For this to work, the following must be true:
the RDS instance must resolve to a public IP address (I'd check this for you but since you chose to use a screenshot instead of text, I can't copy paste it, so I'll leave it to you)
the Security Group(s) associated with the RDS instance must allow traffic from your public IP ( the one you'll get from http://wtfismyip.com/text ). This won't bet true by default. I highly recommend you open to your IP, not just everyone, as Mysql is trivial to DOS attack if its port is public.
The network ACL of the VPC hosting the RDS instance must allow the traffic also. This will be allowed by default, so unless you changed the ACLs in your VPC, you can ignore this.
If all those are true, you should be able to connect!
Im trying to connect to a postgres database, from a springboot application deployed in minishift.
The postgres server is running on the same host that minishift is running on.
I've tried setting the postgres serve to listen on a specific IP address, and use this same address in the springboot jdbc connection url but I still get org.postgresql.util.PSQLException: Connection to 172.99.0.1:5432 refused
I've also tried using 10.0.2.2
Also tried, in /etc/postgresql/9.5/main/postgresql.conf, setting:
listen_addresses = '*'
How can I connect to a database external to minishift, running on same host?
Besides the answer referenced in my comment, which suggests to make your database listen on the IP address of the Docker bridge, you could make your pod use the network stack of your host. This way you could reach Postgres on the loopback. This works only if can guarantee that the pod will always run on the same host as the database.
The Kubernetes documentation discourages using hostNetwork. If you understand the consequences you can enable it as in this example.
If a pod inside kubernetes can't see the IP address from the host then I guess its an underlying firewall or networking issue. Try opening a shell inside the pod...
kubectl exec -it mypodname bash
Then trying to ping, telnet, curl, wget or whatever to see if you can see the IP address.
It sounds like something's wrong with the networking setup of your minishift. It might be worth raising an issue with minishift: https://github.com/minishift/minishift/issues/new
If you can find an IP address on the host which is accessible from a docker pod you can create a Kubernetes Service and then an Endpoint for the service with the IP address of the database on your host; then you can use the usual DNS discovery of kubernetes services (i.e. using the service name as the DNS name) which will then resolve to the IP address. Over time you could have multiple IP addresses for failover etc.
See: https://kubernetes.io/docs/user-guide/services/#without-selectors
Then you can use Services to talk to all your actual network endpoints with your application code completely decoupled on if the endpoints are implemented inside kubernetes, outside with load balancing baked in!
I have an app with two workers (Web and Background) on AppHarbor that connect to a MySql database hosted on Amazon's RDS.
I keep getting "Unable to connect to any of the specified MySQL hosts." exception.
The RDS instance in the US-East region and I have added the following AppHarbor CIDR to the security group.
50.17.211.192/28
54.235.159.192/27
I have added my own CIDR to the security group and I connect to the instance just fine.
However when the app is running on AppHarbor it fails.
My connection string (censored) is:
Server=myinstanceXXXX.cykjvptrw5xs.us-east-1.rds.amazonaws.com;Database=MyDatabase;UID=XXXXXX;PWD=XXXXX;
I have tried including the port 3306 on the server endpoint but it made no difference.
Am I missing something on getting the two to play nice with one another?
By default AppHarbor use Amazon's internal DNS service for resolving hostnames. Because of that Amazon RDS instances in the same region as AppHarbor will resolve the private IP addresses rather than the public ones listed in the knowledge base article, so setting up rules based on the public IPs will not work most of the time.
In case Amazon's DNS service becomes unavailable we'll fail over to an external DNS service. This means you'll still have to configure the external IPs for the highest availability as an external DNS service will resolve the public IPs. This way you can ensure that your application is resilient towards DNS failures.
You can set up security group based access rules for your RDS security group. We've updated this knowledge base article with a section specifically for Amazon RDS where you can find the information necessary to set this up.