We Keep Coding

Cannot connect to MySQL installed on GCP Virtual Machine

I've installed MySQL on a Google Cloud Virtual Machine (debian buster). What I want to do is to make this accessible publicly (using username / password obviously).
As far as I can tell the server is visible from the outside world, as I can ping the IP and I get results, and I think I've set up a user correctly and given the appropriate permissions so I can log in.
For info, my firewall settings on GCP look like this (this is just the egress, there is one exactly the same for ingress):
Which I'm assuming is correct and leaves the correct port open?
The issue I have when I use MySQL Workbench is that when I try to create a new connection, it gives me the following error:
Your connection attempt failed for user 'username' to the MySQL server at [my ip address]:3306:
Unable to connect to localhost
Please:
1 Check that MySQL is running on address [my ip address]
2 Check that MySQL is reachable on port 3306 (note: 3306 is the default, but this can be changed)
3 Check the user username has rights to connect to [my ip address] from your address (MySQL rights define what clients can connect to the server and from which machines)
4 Make sure you are both providing a password if needed and using the correct password for [my ip address] connecting from the host address you're connecting from**
Any pointers would be gratefully received.
Update: What is really confusing me is the 'Unable to connect to localhost' error. I'm not trying to connect to localhost...?
Update 2: As per comments, results of the following commands:
Note I am trying to connect using the matprichardson username. The svc2toria user is pointing to my own IP address.

Mat, If you want to use your Google Cloud Instance Database using your MySQL workbench. I suggest you connect to it through an SSH tunnel. So, this problem won't happen. I also ran into this problem several times. Connecting through SSH made the job done.
But if your need is something else, this would not help you at all. If your only purpose is managing your database from your local machine using the MySQL workbench. This will work nicely. Create a USER in your Debian VM. and open port 22 to the public. Also, make sure to have strong credentials or a better key file when connecting through SSH. This method is working for every cloud VM database. I'm using this method for G-Cloud, Azure, and AWS. After all of your work is done. Close port 22 (SSH).

My best guess will be because of number 2. "Check that MySQL is reachable on port 3306 (note: 3306 is the default, but this can be changed)".
Your Virtual Machine will have network security controls / firewall which will be blocking port 3306 by default.
I don't use Google cloud but I believe you are looking for "network details" -> "Firewall rules".

did you change your mysqld.cnf already?
bind-address = 0.0.0.0

As none of the suggestions posted worked I went for the rather more nuclear option of deleting and rebuilding my VM and setting MySQL up again from scratch. I must have done something wrong in my initial setup, as things worked without any issues at all once I’d done this.

The location of the MySQL configuration file differs depending on the distribution.
In Ubuntu and Debian the file is located at /etc/mysql/mysql.conf.d/mysqld.cnf
while in Red Hat based distributions such as CentOS, the file is located at /etc/my.cnf
Open the file with your text editor :
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
Search for a line that begins with bind-address and set its value to the IP address on which a MySQL server should listen.
By default, the value is set to 127.0.0.1 (listens only in localhost).
In this example, we’ll set the MySQL server to listen on all IPv4 interfaces by changing the value to 0.0.0.0
bind-address = 0.0.0.0
# skip-networking
If there is a line containing skip-networking, delete it or comment it out by adding # at the beginning of the line.
In MySQL 8.0 and higher, the bind-address directive may not be present. In this case, add it under the [mysqld] section.
Once done, restart the MySQL service for changes to take effect. Only root or users with sudo privileges can restart services.
To restart the MySQL service on Debian or Ubuntu, type:
sudo systemctl restart mysql
On RedHat based distributions like CentOS to restart the service run:
sudo systemctl restart mysqld
For more Detail Read Here

Access Lightsail Instance's database with MySQL Workbench

I have an Amazon Lightsail Ubuntu multi WordPress site set up with bitnami stack.
I'm looking for a way to access the Instance's database on Amazon Lightsail with MySQL Workbench remotely.
Please note that I do not have a seperate Lightsail database, as I'm trying to do things as cheaply as possible at the moment. So the following guide is not applicable to me.
Connecting to your MySQL database in Amazon Lightsail
According the wp-config.php MySQL database is using localhost:3306
I have static IP address 3.230.xxx.xxx. I have taken the DB username and password from the wp_config.php file.
I've entered the details.
I wonder if anybody else has managed to connect to an Instance's database, rather than a seperate database.
If this is not possible I wonder if there are any suggestions as how to best access this Instance's database remotely.

Found the answer using a similar youtube video which is used to connect to phpMyAdmin.
https://www.youtube.com/watch?v=9VdcQLDmYII
Basically you need to use Putty SSH tunneling in order to connect to the MySQL instance
First I added a new connection in Putty, make sure port 22 is open on
the LightSail firewall
Go to the Connection -> SSH -> Auth tab on the right hand side menu
Enter your SSH key which is downloaded from the Lightsail dashboard,
it will need to be converted in the standard recognised by putty
Go to Connections -> Data tab on the right hand side menu. Add a new
forwarded port we are forwarding localhost:3306 on the server to a
port on our machine 2222
Start the connection via Putty.
Now in MySQL WorkBench go to the connection to database windows.
Enter the port 2222 I entered the DB user and Password from
wp-config.php file and was able to successfully connect.
Also found a second method
Within the MySQL Workbench you can change the connection method to `Standard TCP/IP over SSH'. Gave the SSH key and the relevant details on connection was accepted

Here is what you need to remotely connect MySQL on Lightsail.
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-connecting-to-your-mysql-database
There are 3 steps:
get the endpoint link
enable public mode
configure MySQL workbench

Yes I have - after a marathon tech support session with AWS :)
Although the Lightsail firewall may say port 3306 is open, the server instance itself may have its own firewall settings which close it. On my case teh AMI that was used to set up the instance was configured that way
I my case it was Ubuntu but here is the summary of the advice I got from AWS--
We have connected to the instance via SSH using the user-name 'xxxxxx' from terminal.
--
ssh -l xxxxx 34.xxx.xxx.221
Checked and confirmed that mysql is running on the instance.
systemctl status mysql
Confirmed the port on which mysql is running.
netstat -plnae | grep 'pid'
Checked the 'ufw' firewall rules and noticed that 3306 is not allowed.
ufw status
Opened the port 3306 on ufw firewall
ufw allow 3306
After performing these steps you were able to establish connection to your database
hth

How to set up an SSH connection to a MySQL database in Airflow?

I am trying to connect to a database using an SSH connection. However, when I try to add a connection, I do not see fields that allow me to set up an SSH connection. I am aware that one can pass extra parameters, but am not sure what key values does Airflow accept for my use case.

Airflow currently (itself) does not allow SSH connection. With airflow's Extra params you can only encrypt your connection (which btw. is a good idea).
So if you're interested in encrypted connection, in Extra fields you need to specify parameters like that:
"cert":"/path/to/certs/client-cert.pem", "key":"/path/to/certs/client-key.pem", "ca":"/path/to/certs/server-ca.pem"}
In details, if you "dig" MySqlOperator you will see following chain:
MySqlOperator uses MySqlHook
MySqlHook uses python's mysql library MySQLdb
MySQLdb is an interface to C version which has function mysql_ssl_set() described here in details:
https://dev.mysql.com/doc/refman/8.0/en/mysql-ssl-set.html
This link nicely explains what cert, key and ca are and what should be put in there.
Now, if that's still not what you want then you need to "step out" of the Airflow. Assuming that you can already ssh to your server (ssh username#your-host) then, in separate terminal window (or background) you should launch forwarding using command: ssh -L <bind_address>:127.0.0.1:<host_port> username#your-host where:
<bind_address> is port on which you will locally connect your Airflow
<host_port> is port on which your remote host's database listens on (so for mysql it's 3306)
When your forwarding is in place, you can use Airflow's Connections settings and specify connection that will use localhost as your Host and <bind_address> as Port.
Example: Let's say your remote database listens on port 3306 and working ssh connection is ssh me#my-host. Your forwarding command should be e.g. ssh -L 9876:127.0.0.1:3306 and Airflow's settings:
Host: localhost
Port: 9876
all other connection settings are similar to connecting to mysql database on your localhost
Keep in mind that your forwarding session has to be "ON" all the time, otherwise the connection will break. Just put it in background.

How can I connect a Jupyter Notebook to a remote MySQL DB using Peewee?

I am trying Peewee to connect and retrieve data from a MySQL remote database, but I get the following error:
InternalError: (1130, "Host 'x.x.x.x' is not allowed to connect to this MariaDB server")
Could you help me?

"retrieve data from a MySQL remote database"
"Host is not allowed to connect to this MariaDB server"
Seem to point on a simple problem:
You're not allowed to connect on the DB from "outside".
By default, MySql / MariaDB are only listening on the "inside" of the server, from MariaDb doc :
MariaDB packages bind MariaDB to 127.0.0.1 (the loopback IP address) by default as a security measure using the bind-address configuration directive.
This mean apart for an application that run on the same machine (accessing 127.0.0.1 or localhost), you'll not be able to connect.
Solutions:
SSH tunnelling
This is probably the safest way to allow a connexion on a remote DB.
SSH is a protocol that allow you to connect to a server. It's mainly used on unix server to manage them, but can do a lot more.
How to use it in your case?
if you can connect with SSH to your DB server, then running this simple command on your notebook the will do the trick:
ssh -L 3306:localhost:3306 user#x.x.x.x
Lets explain a bit: first, your run SSH, then, you tell him to enable a port forwarding from your 3306 port to the localhost:3306 port of the server you connect through user#IP.
With this command running, every query from your local machine:3306 will by send to your MariaDB:3306 server, allowing you to use it as if you where on the server.
Allowing a remote-access user
This one is way more dangerous than the previous one. You'll need to take your time and think about every outcome it mean.
As already said, you're not allowed to connect from outside, ssh let you be "inside", but if you know what you do, you can just remove the security.
The point is:
to make an account that'll be able to login from a remote IP,
allow MariaDB to listen on external requests,
and at least, secure other account to disable remote connection.
[I'm not putting the how-to now, if you really need it, I'll update this answer]

Connect to RDS from VPS

I am trying to transfer an existing mysql database that is located on my VPS to AWS RDS.
I have RDS set up and I am able to connect to the server just fine by connecting to one of my ec2 instances through ssh and using this command:
mysql -uuser -p -hxx.xx.us-west-2.rds.amazonaws.com
However, when I try to connect from my VPS (through ssh) I receive an ERROR 2003, which I believe is permission denied.
It doesn't seem to matter how I set my security group. I set the inbound to allow port 3306 from my server ip and that did not work, I even tried allowing all traffic on all ports from anywhere on my inbound rules and I still am unable to connect. The outbound has always been completely open.
If anyone can see anything that I am missing I would really appreciate some help.
Thanks.

Make sure your RDS instance is set to public if you want to access it externally. If in fact it's not publicly accessible then you'll need to recreate your instance and import your data, or take a snapshot and rebuild your RDS instance from the snapshot.
You only have ONE chance to modify it and that is at instance creation.
If you do this then make sure you security group only allows from a specific IP address or if you're using MySQL workbench rather use a SSH tunnel using SSH keys via an EC2 instance.

Is user a user you created manually in your RDS, or is it the admin user that was created when you created the instance? If the former, then make sure you have granted access to that user from your remote VPS.
Also, from your VPS, make sure you can open a TCP connection to the database. Try:
$ nc -v -z xx.xx.us-west-2.rds.amazonaws.com 3306
If the connection succeeds here but you still can't connect with the mysql CLI, you have a problem with the username/password/database connection info.