Elastic Beanstalk app won't connect to RDS MySQL instance

amazon-ec2 amazon-rds amazon-elastic-beanstalk
16,489

Solution 1

Add the stack security group name you have your Elastic Beanstalk set up with to the list of RDS security groups.

It is easiest to test by logging into the EC2-instance (i.e. eb ssh) and test the connection to the database to exclude any issues with your app.

mysql -u user -p password -h rds.instance.endpoint.region.rds.amazonaws.com

Solution 2

There is now a tutorial on how to connect ElasticBeanstalk with any RDS database (MySQL etc), in a way that does not bind the two together, i.e. you can create them separately. The tutorial goes into setting up security groups via the AWS console.

After that, you have to set 5 ElasticBeanstalk environment variables (at least for MySQL): RDS_HOSTNAME, RDS_PORT, RDS_DB_NAME, RDS_USERNAME & RDS_PASSWORD.

Different ElasticBeanstalk instances would access these variables in different ways to make a database connection (I know in PHP, you have to use $_SERVER['RDS_DB_NAME'], etc). See how to do it in Java, Node.js, Python, Ruby, and .NET in in the link above.

Solution 3

Did you launch the RDS instance into VPC as well?

Your RDS security group needs to grant incoming traffic on port 3306 to the beanstalk security group.

e.g RDS security group

Incoming
ALLOW TCP 3306 from BeanstalkSG

Don't open to 0.0.0.0

Since you already allow all traffic outgoing, your Beanstalk SG does not have to grant 3306 for outgoing traffic additionally.

Do your VPC ACLs allow traffic on 3306? (They do, by default)

Solution 4

It's common for new users to mistake the RDS instance name with the database name.

The instance name is just a label that you and other humans use to organize your RDS items. This label is not used on your app at all.

The database name, on the other hand, is what you need on your app.

After creating an RDS instance/cluster, be aware that your server is EMPTY. There is no database inside of it.

You can have many databases inside an RDS instance or cluster, just like you can have many databases inside a MySQL server. And by default you have none.

You need to run a "CREATE DATABASE" command on the MySQL command line before using RDS on your app.

To be fair, there's a single one database on your newly created RDS instance. It is called "mysql" but you are not allowed to use it on your apps.

The only way to create a database to use on your app is through an EC2 instance, as RDS instances are not publicly accessible.

Simple Steps:

1. Create a nano instance (on the same VPC/security group);

2. Connect to the nano instance via SSH (ex. ssh -i <my_key.pem> my_nano.amazonaws.com);

3. mysql -u <master_user> -p -h <rds_endpoint>

4. The master_user and master_password are the ones you've set while creating the RDS cluster - there's no default for these credentials;

5. Once on mysql, create a database: CREATE database <my_db>;

6. Then, on your app, use: master_user, master_password, my_db, rds_endpoint.

Solution 5

Step 1: Verify that the RDS DB instance is in a state "available".

Visit RDS database on the AWS Console >> "Summary" >> Info:

enter image description here

Step 2: Verify if your EC2 instance is able to reach the RDS instance:

  • login to your EC2 instance and run any of the following commands:

    • telnet <RDS endpoint> <port number>

    • nc [-vz] <RDS endpoint> <port number>

      • If either the telnet or nc commands succeed, then a network connection was established, and the issue is likely caused by the user authentication to the database, such as user name and password.
      • If none of the above commands succeed, then ensure that your RDS instance's inbound rules are configured to allow connections from your EC2 instance's security group

Step 3: Verify that you are passing the correct connection parameters:

  • DB Server Host: Visit RDS database on the AWS Console >> "Connectivity & security" >> Endpoint
  • DB Port: Visit RDS database on the AWS Console >> "Connectivity & security" >> Port
  • DB username: Visit RDS database on the AWS Console >> "Configuration" >> "Master username"
  • DB password: as you mentioned at the time of creating the RDS instance

  • DB name: Visit RDS database on the AWS Console >> "Configuration" >> "DB name"

    mysql -u user -p password -h <RDS endpoint>

Step 4: Verify that your connection string url format is correct:

For connecting to Mysql RDS instance from an Spring application, the URL format will be:

spring.datasource.url=jdbc:mysql://<RDS endpoint>:3306/ebdb?createDatabaseIfNotExist=true
Share:
16,489

Related videos on Youtube

Tim Jahn
Author by

Tim Jahn

Updated on June 18, 2022

Comments

  • Tim Jahn
    Tim Jahn almost 2 years

    I have a CodeIgniter PHP app setup on an Elastic Beanstalk instance. I'm trying to connect it to a RDS MySQL instance I setup but loading the Elastic Beanstalk site URL always results in the page timing out the connection. I've narrowed down the issue to not being able to connect to the database.

    I think I've setup my security groups properly to allow the Elastic Beanstalk EC2 instances to talk to RDS, but something must be wrong as the page still doesn't load.

    I've included screenshots below of the inbound/outbound rules for the security group that RDS and Elastic Beanstalk use, as well as a screenshot of what security groups I have attached to the Elastic Beanstalk instance.

    Inbound rules

    Outbound rules

    enter image description here

    Any ideas as to why my Elastic Beanstalk app can't talk to my RDS instance?

    EDIT: The RDS instance and the Elastic Beanstalk instance are in the same security group.

    • mickzer
      mickzer over 8 years
      In your screenshot you have listed sg-e9f3918d and sg-69315d0d. But you don't show the rules for sg-69315d0d. Have you configured your beanstalk environment and RDS to both use the same security group sg-e9f3918d? What happens if you SSH into a node and try and telnet on port 3306 to your RDS endpoint?
    • Tim Jahn
      Tim Jahn over 8 years
      Yes, both the Elastic Beanstalk instance and the RDS instance are in the same security group, sg-e9f3918d.
  • Tim Jahn
    Tim Jahn over 8 years
    I added that incoming rule and the issue still persists (my new rules: imgur.com/DLjij33). The VPC ACLs are currently allowing traffic on all ports.
  • Tim Jahn
    Tim Jahn over 8 years
    The Elastic Beanstalk instance and the RDS instance are in the same security group.
  • Gustaf
    Gustaf over 8 years
    Can you connect to the database from the EC2-instance manually as I showed?
  • Tim Jahn
    Tim Jahn over 8 years
    Yes, I was able to connect to the RDS instance when I ssh-ed into the Elastic Beanstalk instance. Not sure what's wrong then.
  • ticktock
    ticktock about 5 years
    Oh man, this saved me. Thank you. A suggestion is to use the Secrets Manager for the database information and then use the environment variables to identify the secret you need to read. But.. thank you thank you thank you.
  • Abhishek Divekar
    Abhishek Divekar about 5 years
    @ticktock you are welcome :) If you could contribute to the answer with more information about the secrets you mention, it would be even better!
  • Álvaro Agüero
    Álvaro Agüero about 5 years
    How to create a db from console aws ?
  • DataGreed
    DataGreed over 4 years
    @TimJahn so did you manage to resolve the issue?.. You've marked the question as resolved, could you please share your solution?
  • yaros
    yaros over 2 years
    Point 2. nc lookup says connection is established, and the user name and password are correct. But I still cannot connect from ec2

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How significant is the effect of network latency in Amazon Web Services between EC2 and RDS instances, especially for Magento?
Amazon RDS unable to execute SET GLOBAL command
Restrict HTTP Access to Elastic Beanstalk
file_put_contents(C:\xampp\htdocs\instant\storage\framework/sessions/FF): failed to open stream: No such file or directory
Connect to RDS MySQL instance from ec2 Linux AMI - mysql command not found
SQL Server Reporting Services for Amazon RDS
Can't connect from EC2 to RDS via PHP. I can directly thought
How can I setup a VPN for remote users to connect to a AWS RDS server?
How to troubleshoot slow performance on AWS EC2/RDS?
AWS EC2 dns resolution diagnostic