5

I'm setting up a new server on AWS Lightsail and all is good, but in my LEMP stack, I installed MySql and created my DB. For some reason though I cannot remote into that DB via my DB client (using TablePlus).

In the past using Vultr or Digital Ocean servers I had to add the IP address to the etc/mysql/mysql.conf.d/mysqld.cnf file, like this:

# bind-address = 127.0.0.1
  bind-address = 34.xxx.xxx.xxx

This would allow me to login with my DB username and pass that I created.

Does AWS Lightsail not allow for this? They have a Create DB Instance service that they want you to buy, but trying to stay cheap on this and only need the DB I built in my server.

Any help on how to connect remotely with a DB client would be extremely appreciative.

Using Ubuntu 18.04 LTS

daugaard47
  • 223
  • 2
  • 8

2 Answers2

5

So I figured it out. If anyone comes across this issue try the following.

AWS Lightsail gives you 2 IP's

  • Static IP = 34.xxx.xxx.xxx
  • Private IP = 172.xx.xx.xx

In your etc/mysql/mysql.conf.d/mysqld.cnf file do the following:

# bind-address = 127.0.0.1 (Disable this)
# bind-address = 34.xxx.xxx.xxx (Don't use Static IP)
  bind-address = 172.xx.xx.xx (Use Private IP)

In AWS Lightsail Firewall Add MySQL/Aurora | TCP | 3306

Run the following commands on server:

sudo service mysql stop
sudo service mysql start

Connecting With DB Client:

  • Host/Socket = 34.xxx.xxx.xxx (Use Static IP)
  • Port 3306
  • User: admin (Your created user account (See below how to do this))
  • Password your_new_pass_here (Your created password)
  • Database: mydatabase (Your created DB name)

That's it. All should work now.

As mentioned below, you do need to create a new MySql User. You can do so like this:

  1. Create DB User so we can remote into it from local machine/ database client:
mysql -u root -p'' (Login to MySql with the credentials you used to create MySql, -u might be different)

2.

CREATE USER 'admin'@'34.xxx.xxx.xxx' IDENTIFIED BY 'your_new_pass_here';

GRANT ALL PRIVILEGES ON *.* TO 'admin'@'34.xxx.xxx.xxx' IDENTIFIED BY 'your_new_pass_here';

CREATE USER 'admin'@'%' IDENTIFIED BY 'your_new_pass_here';

GRANT ALL PRIVILEGES ON *.* TO 'admin' IDENTIFIED BY 'your_new_pass_here';
    3. 
FLUSH PRIVILEGES;
  1. Bind Address

To get Database working remotely go to /etc/mysql/mysql.conf/mysqld.cnf and change the bind-address:

# bind-address = 127.0.0.1 (Disable this)
# bind-address = 34.xxx.xxx.xxx (Don't use Static IP)
  bind-address = 172.xx.xx.xx (Use Private IP)
  1. exit

  2. service mysql restart

  3. (Add to new .env if using Laravel)

DB_CONNECTION=mysql
DB_HOST=34.xxx.xxx.xxx
DB_PORT=3306
DB_DATABASE=database_name
DB_USERNAME=admin
DB_PASSWORD=your_new_pass_here

If you need to get a list of your MySql User do this: SELECT User FROM mysql.user; Helpful to double check your new user is in the system.

daugaard47
  • 223
  • 2
  • 8
  • What this missing is that you also need to grant permissions to the user. It took me two hours to figure it out. The appoach is documented here: [Connect To MySQL/MariaDB From A Different Machine](https://docs.bitnami.com/virtual-machine/infrastructure/mysql/administration/connect-remotely/) – akinuri May 07 '20 at 18:26
  • @akinuri I updated the answer. Glad you got it working. I spent roughly 5- 6 hours figuring it all out myself... Ah, good times. lol – daugaard47 May 08 '20 at 01:58
0

You need to tell Lightsail that the MySQL port should be available publicly. Documentation is here.

I haven't used Lightsail myself (I use full AWS), but see if you can whitelist only your specific IP using the either the Lightsail firewall, or using iptables on Linux.

Tim
  • 30,383
  • 6
  • 47
  • 77
  • yeah I did that and it set the MySql port to 3306. That's what I'm trying to connect to, but no luck. I even tried allowing access to that port on windows firewall. – daugaard47 Apr 25 '20 at 18:56
  • Please edit your question to give us more information. Can you ping the server? Can you connect to it over http / https if you have a web server installed? Can you connect to it using ping / http(s) / MySQL if you create another instance in the same VPC subnet (spot instance is cheaper for testing). Please also include screenshots of your PC firewall and your AWS firewall. There's no one answer, there's a few things you'll need to do to make it work. Could also be a MySQL setting rather than infrastructure. – Tim Apr 25 '20 at 21:39