Help Center> GaussDB(for MySQL)> Best Practices> Enabling Read/Write Splitting for a GaussDB(for MySQL) Instance> User Authentication
Updated on 2024-04-03 GMT+08:00
View PDF

User Authentication

You must have the remote login permission before using a database proxy to log in to databases.

Procedure

  1. Connect to a GaussDB(for MySQL) instance.

  2. Check whether the host of the used account contains a proxy address.

    SELECT user,host FROM mysql.user;

    Obtaining a proxy address:

    1. Log in to the management console.
    2. Click in the upper left corner and select a region and a project.
    3. Click in the upper left corner of the page, choose Databases > GaussDB(for MySQL).
    4. On the Instances page, click the instance name to go to the Basic Information page.
    5. In the navigation pane on the left, choose Database Proxy. Using either of following methods to obtain the proxy address:

      Method 1: In the proxy instance list, locate the proxy instance and view the value in the Proxy Address column.

      Figure 1 Viewing the proxy address in the proxy instance list page

      Method 2: In the proxy instance list, click the name of the proxy instance to go to the Basic Information page. In the Proxy Instance Information area, view the Proxy Address field.

      Figure 2 Viewing the proxy address in the proxy instance information page

  3. If the host does not contain the CIDR block where the database proxy is located, assign the remote access permission to the host. For example, allowing user root to access the GaussDB(for MySQL) server from the IP address range starting with 192.168.0.

    Alternatively, you can set global permissions on the User Management page of the DAS console. For details, see Editing a User.

  4. When modifying a security group, ensure that the inbound and outbound rules allow access of the proxy address. The default port is 3306.

    1. Log in to the management console.
    2. Click in the upper left corner and select a region and a project.
    3. Click in the upper left corner of the page, choose Databases > GaussDB(for MySQL).
    4. On the Instances page, click the instance name to go to the Basic Information page.
    5. In the Network Information area, click the security group name.
    6. On the Inbound Rules tab, check whether access through port 3306 is allowed by default.
      Figure 3 Allowing access through port 3306

      If this rule does not exist, click Fast-Add Rule. In the displayed dialog box, select MySQL (3306) and click OK.

      Figure 4 Fast adding port 3306

    When you use the MySQL 8.0 client to access the read/write splitting of the database, the error message "auth user failed" may be displayed.

    Add --default-auth=mysql_native_password when connecting to the database.