What Should I Do If I Can't Connect to My ECS (MySQL) Instance?
- Error message: Access denied for user 'user_name'@'100.xxx.xx.xx' (using password: YES)
- Error cause: The username or password of the self-built database on the ECS is incorrect.
Solution: Ensure that the username and password are correct. If the username and password are correct, log in to the database using a client or the CLI tool and run select * from mysql.user where user = 'user_name' to view the account. Make sure that the DAS CIDR block is within the CIDR block of the user. user_name @ % and user_name @100.% are two different users whose passwords and permissions are independent. Enter the password of user user_name @100.%.
- Error cause: The IP address of the DAS server is not in the whitelist of the login user.
Solution: Log in to the database using the client or CLI tool, and create a user account that can be used to access the database through DAS.
create user 'user_name'@'100.%' identified by 'password'; grant all privileges on *.* to 'user_name'@'100.%';
- Ensure that the IP address of the DAS server is in a CIDR block starting with 100. Add the IP address to the whitelist of the login user.
- Grant permissions to user user_name@100.% based on service requirements.
- Error cause: The SSL function is not enabled on the server.
Solution: Run the following statement to check whether the user is an SSL user. If yes, enable SSL on the RDS DB instance details page. The user is an SSL user if the ssl_type field has a value.
select user, host, ssl_type from mysql.user where user = 'user_name';
- Error cause: The username or password of the self-built database on the ECS is incorrect.
- Error message: Host 'xxx.xxx.xx.xx' is not allowed to connect to this MySQL server
Error cause: The database username you entered does not support remote login. For example, if you enter username root, but only username root@localhost is configured in the mysql.user table, the specified user can only log in locally.
Solution: Use a client or CLI tool to log in to the self-built database and create a user account that supports remote login.create user 'user_name'@'100.%' identified by 'password'; grant all privileges on *.* to 'user_name'@'100.%';
- Ensure that the IP address of the DAS server is in a CIDR block starting with 100. Add the IP address to the whitelist of the login user.
- Grant permissions to user user_name@100.% based on service requirements.
- Error message: Communications link failure The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
- Error cause: The security group rules do not allow inbound traffic on the port.
Solution: Modify the security group rules by referring to How Do I View and Modify ECS Security Group Rules?
- Error cause: The firewall policy does not allow inbound traffic on the port.
Solution: Modify the firewall policy by referring to How Do I View and Modify Firewall Rules?
- Error cause: The remote login times out because the DNS resolution takes a long period of time.
Solution: Rectify the fault by performing the following operations:
- Search for the configuration file of the self-built database in directory /etc/my.cn, enter the following content in [mysqld], save the change and exit.
skip-name-resolve
- The default location of the configuration file is /etc/my.cnf. If you store the file in the specified path, modify the directory accordingly.
- Run systemctl restart mysqld to restart the database and log in again.
- Search for the configuration file of the self-built database in directory /etc/my.cn, enter the following content in [mysqld], save the change and exit.
- Error cause: The security group rules do not allow inbound traffic on the port.
- Error message: Communications link failure The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server
Error cause: The network between the DAS server and the target instance is disconnected.
Solution: Check whether the firewall of the instance is correctly configured and whether the required port is enabled. If the firewall is abnormal or the port is not enabled, rectify the fault and try again. If the fault persists, Contact customer service.
- Error message: Instance connect timeout, please login again.
Error cause: The connection to the DAS server timed out.
Solution: Rectify the fault by performing the following operations:- Log in to a remote ECS and run the iptables -S | grep input command to view firewall configurations of the instance. If the self-built database port is not included in the firewall whitelist, add an iptables rule or run the systemctl stop iptables command to disable the firewall to allow traffic through this port, and try again.
- Log in to the ECS again and run the ps -ef | grep mysql command to check whether the database process is running. If processes mysqld_safe and mysqld are both running, the database process is normal. If the process is not running, run systemctl start mysqld to restart the database and try again.
- If the fault persists, Contact customer service.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.