search

Home  >  Q&A  >  body text

MySQL is installed on Alibaba Cloud ECS but cannot be accessed from the external network

MySQL is installed on Alibaba Cloud ecs but cannot be accessed from the external network

Steps
Use yum to install mysql server
Start mysql
grant a user to allow access to all hosts
Restart mysql

This is the user table in the mysql library

mysql> select host,user from user;
+-------------------------+---------+
| host                    | user    |
+-------------------------+---------+
| %                       | dbadmin |
| %.%.%.%                 | icyfc   |
| 127.0.0.1               | root    |
| iz8vb8il84z4prxo5ljzqjz |         |
| iz8vb8il84z4prxo5ljzqjz | root    |
| localhost               |         |
| localhost               | root    |
+-------------------------+---------+
[root@iZ8vb8il84z4prxo5ljzqjZ ~]# netstat -tunpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 127.0.0.1:9000              0.0.0.0:*                   LISTEN      2630/php-fpm        
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      32007/mysqld        
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      2805/nginx          
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      15354/sshd          
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      1555/master         
udp        0      0 172.26.13.175:123           0.0.0.0:*                               1464/ntpd           
udp        0      0 127.0.0.1:123               0.0.0.0:*                               1464/ntpd           
udp        0      0 0.0.0.0:123                 0.0.0.0:*                               1464/ntpd           
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               1060/dhclient       
[root@iZ8vb8il84z4prxo5ljzqjZ ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination  
黄舟黄舟2762 days ago1315

reply all(6)I'll reply

  • cloudmam

    cloudmam2020-03-30 15:01:21

    I usually use the management panel Cloud Helper to assist in the installation and deployment of the database MySQL. The environment is deployed with one click and it is also very convenient to manage the MySQL database, including database creation, modification, permission settings, backup and recovery. You can try Cloud Helper https://www.cloudx.cn/?utm_source=wup

    reply
    0
  • 滿天的星座

    滿天的星座2017-06-06 09:54:26

    Mainly do the following 3 steps, hoping to increase your reputation :)


    1. Each ECS has a security group firewall. First, please check whether the 3306 tcp access 0.0.0.0/0 in this place is ok?

    2. Then check the host == % of the logged in user? (You can refresh the permissions first)

    FLUSH PRIVILEGES

    3. Check whether it is blocked by the system’s built-in firewall

    reply
    0
  • 伊谢尔伦

    伊谢尔伦2017-06-06 09:54:26

    • Is mysql running on the 0.0.0.0 address?

    • Whether the firewall and security group allow ports

    • Whether the mysql user has been granted remote access permission

    It is recommended to use ssh proxy to access the database, which is safer

    reply
    0
  • 过去多啦不再A梦

    过去多啦不再A梦2017-06-06 09:54:26

    Is it accessed by domain name or IP? If it is a domain name, just authorize it directly. The IP must be based on the actual one and cannot be obtained randomly

    reply
    0
  • 大家讲道理

    大家讲道理2017-06-06 09:54:26

    Could it be because the Alibaba Cloud security group settings do not allow the port to pass

    reply
    0
  • ringa_lee

    ringa_lee2017-06-06 09:54:26

    Alibaba Cloud will limit the IP address range for access for security reasons. You can authorize your external network IP or IP range. Try not to set it to full network access, which may cause security issues.

    reply
    0
  • Cancelreply