Question:
I have an Aurora Serverless db cluster running MySQL. I’m trying to write an application that takes a string from a script and puts it onto the database.
I’ve been able to successfully connect to the cluster using my ec2 in PuTTY, a node program on the ec2, and MySQL Workbench, but I haven’t been able to with my own code. I’m trying to use the node modules ssh2 and mysql2.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
var mysql = require('mysql2'); var Client = require('ssh2').Client; var ssh = new Client(); ssh.on('ready', function() { ssh.forwardOut( '127.0.0.1', 12345, '127.0.0.1', 3306, function (err, stream) { if (err) throw err; var sql = mysql.createConnection({ host: 'my db endpoint', user: 'root', password: 'pass', database: 'testdb', stream: stream //sql stuff }); }).connect({ host: 'ec2-publicdns', port: '22', username: 'ec2-user', privateKey: require('fs').readFileSync('pkeyssh') //pem key converted to openssh using PuTTYgen }); |
When I run this, I get: Error: (SSH) Channel open failure: Connection refused
Also, is Aurora serverless the correct solution for me? It seems as if there isn’t a way to really talk to it without going through the ec2. Should I be looking for a different database host?
Answer:
When you create an Aurora Serverless database, you configure a VPC security group, which dictates the rules about where connections can be opened from (CIDR block, and port). You can then grant access from this security group to others by name, or simply launch your application server from within the same security group, which will provide it access. You should not require SSH port forwarding to connect to the DB, even in a testing context.
There’s a nice tutorial here: https://aws.amazon.com/getting-started/tutorials/configure-connect-serverless-mysql-database-aurora, and for more information on Database Security Groups please consult https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.RDSSecurityGroups.html.