Help Center/ Relational Database Service/ FAQs/ Database Connection/ What Should I Do If I Can't Connect to My RDS DB Instance?
Updated on 2023-09-14 GMT+08:00

What Should I Do If I Can't Connect to My RDS DB Instance?

Possible Causes

Try the following:

  1. Check whether the DB instance is available.

    For example, the system is faulty, the DB instance is abnormal, or the DB instance or a table is locked.

  2. (Common) Check whether the client connection is correct.
    • If you connect to a DB instance over a private network, ensure that the DB instance and ECS are in the same region and VPC.
    • If you connect to a DB instance over a public network, bind an EIP to the DB instance and then connect to the DB instance through the EIP.
  3. Check the connection method.

    Run either of the following example commands to enable or disable SSL:

    • SSL enabled: mysql -h 172.16.0.31 -P 3306 -u root -p --ssl-ca=/tmp/ca.pem
    • SSL disabled: mysql -h 172.16.0.31 -P 3306 -u root -p
  4. Check whether the parameters in the connection command are correct.

    For example, check whether the following parameters are configured correctly: connection address, port number, username, password, and connection method.

  5. (Common) Check whether the network connectivity is normal.

    For a private network connection:

    1. Check whether the ECS and DB instance are in the same region and VPC.
    2. Check security group rules.

      To access DB instances in a different security group from the ECS, add an inbound rule for the security group.

    3. On the ECS, check whether the DB instance port can be connected to.

    For a public network connection:

    1. Check security group rules.

      To access DB instances in a security group from a public network, add an inbound rule for the security group.

    2. Check network ACL rules.
    3. Ping the ECSs in the same region to the DB instance.
  6. (Common) Check whether the number of connections to the DB instance reaches the upper limit.

    If there is an excessive number of database connections, applications may be unable to connect.

  7. (Common) Check whether the DB instance is in the Storage full state.

    If the DB instance is in the Storage full state, data read and write performance is affected.

Fault Locating

  1. Check whether the DB instance is available.

    Check whether the DB instance is in the Available state.

    Possible cause: The RDS system is faulty, the DB instance is abnormal, or the DB instance or a table is locked.

    Solution: If the DB instance is abnormal, reboot it.

  2. Check whether the client connection is correct.

    Install an engine client whose version is at least as new as the DB instance version.

    For details about how to connect to a DB instance over a private or public network, see Can an External Server Access the RDS Database?

    Table 1 Connection model

    Connection method

    Scenario

    Example

    Private network

    A private IP address is provided by default.

    If your applications are deployed on an ECS that is in the same region and VPC as the DB instance, connect to the ECS and DB instance through a private IP address.

    RDS for MySQL:

    mysql -h <private IP address> -P 3306 -u root -p --ssl-ca=/tmp/ca.pem

    Public network

    If you cannot access the DB instance using a private IP address, bind an EIP to the DB instance and then connect to the DB instance through the EIP.

    RDS for MySQL:

    mysql -h <EIP> -P 3306 -u root -p --ssl-ca=/tmp/ca.pem

  3. Check the connection method.
    • SSL connection is recommended. Enable SSL on the Connectivity & Security page and upload the certificate to the ECS.

      mysql -h 172.16.0.31 -P 3306 -u root -p --ssl-ca=/tmp/ca.pem

    • Common connection: Disable SSL on the Basic Information page.

      mysql -h 172.16.0.31 -P 3306 -u root -p

  4. Check the parameters in the command used to connect.

    Ensure that the connection address, port, username and password, and SSL connection method are correct, and try to connect to the DB instance again.

    If you use a private connection with SSL enabled, run mysql -h 172.16.0.31 -P 3306 -u root -p --ssl-ca=/tmp/ca.pem.

    • IP address

      On the Private Connection tab of the Connectivity & Security page, obtain the floating IP address in the Connection Information area.

    • Database Port

      On the Private Connection tab of the Connectivity & Security page, obtain the database port in the Connection Information area.

    • Root login credentials

      Make sure you have entered the root password correctly.

    • Certificate

      Obtain the SSL certificate name from the directory where the command is executed.

    If you use a public connection with SSL enabled, run the following example command: mysql -h EIP -P 3306 -u root -p --ssl-ca=/tmp/ca.pem

    • IP address

      On the Public Connection tab of the Connectivity & Security page, obtain the EIP in the Connection Information area.

    • Database Port

      On the Public Connection tab of the Connectivity & Security page, obtain the database port in the Connection Information area.

    • Root login credentials

      Make sure you have entered the root password correctly.

    • Certificate

      Obtain the SSL certificate name from the directory where the command is executed.

  5. Check the network connection.
    Private network connection
    1. Check whether the ECS and DB instance are in the same region and VPC.
    2. Check security group rules.
      • If Destination is not 0.0.0.0/0 and Protocol & Port is not All on the Outbound Rules page of the ECS, add the floating IP address and port of the RDS instance to the outbound rules.
      • If Source is not 0.0.0.0/0 and Protocol & Port is not All on the Inbound Rules page of the RDS instance, add the IP address and port of the ECS to the inbound rules.
    3. On the ECS, check whether the DB instance port can be connected to.

      telnet <IP address> <port number>

    Public network connection

    1. Check security group rules.
      • If Destination is not 0.0.0.0/0 and Protocol & Port is not All on the Outbound Rules page of the ECS, add the EIP and port of the RDS instance to the outbound rules.
      • If Source is not 0.0.0.0/0 and Protocol & Port is not All on the Inbound Rules page of the RDS instance, add the IP address and port of the ECS to the inbound rules.
    2. Ping the DB instance on an ECS in the same region.

      If you cannot ping the RDS instance's EIP from an ECS, try pinging it from another ECS in the same region.

  6. Check whether there are too many connections to the DB instance.

    Check method:

    1. Run show variables like '%max%connections%'; to view the number of instance connections.

      • max_connections: the maximum number of clients that can be connected at the same time. If this parameter is set to default, the maximum number of clients depends on the amount of memory configured. For details, see What Is the Maximum Number of Connections to an RDS DB Instance?.
      • max_user_connections: the maximum number of concurrent connections allowed for a specific RDS for MySQL account.
    2. Check whether the total connections and current active connections have reached the upper limits by referring to Viewing Monitoring Metrics. Determine whether to release the connections.

    Possible cause: If there are too many database connections, applications may be unable to connect, and full and incremental backups may fail, affecting services.

    Solution:
    1. Check whether applications are connected, optimize the connections, and release unnecessary connections.
    2. If this parameter is set to default, you can scale up the DB instance to set max_connections to a larger value.
    3. Check whether any metrics are abnormal and whether any alarms are generated on the Cloud Eye console. Cloud Eye monitors database metrics, such as the CPU usage, memory usage, storage space usage, and database connections, and allows you to set alarm policies to identify risks in advance if any alarms are generated.
  7. Check whether the DB instance is in the Storage full state.
    Check method: View the storage space usage on the RDS console or Cloud Eye.
    • On the RDS console

      Locate a DB instance and click its name to go to the Basic Information page. In the Storage Space area, view the storage space usage.

    • On Cloud Eye

      Locate a DB instance and click View Metric in the Operation column. On the displayed page, view the storage space usage.