1130 不允许主机 'amazon-ec2-ip' 连接到此 MySQL 服务器

我在从另一台 EC2 服务器访问我的一台 Amazon EC2 服务器上的 mysql 数据库时遇到问题.我阅读了有关为从外部 IP 地址访问 mysql 提供适当权限的各种文章,以下是我遵循的步骤:

I am facing a problem in accessing the mysql DB on one of my Amazon EC2 servers from another EC2 server. I read through various articles regarding providing appropriate permissions for mysql to be accessed from external IP addresses, and here are the steps that I followed:

  1. 在我的主机 EC2 实例上打开端口 3306 以允许外部 Mysql 连接.
  2. 在文件/etc/mysql/my.cnf 中,将绑定地址"从127.0.0.1"更改为0.0.0.0".
  3. 用root打开mysql,执行如下命令:将 . 上的所有权限授予 worker@'ec2-ip-address',由密码"标识;
  1. Opened port 3306 on my host EC2 instance to allow for external Mysql connection.
  2. In the file /etc/mysql/my.cnf, changed the "bind-address" from "127.0.0.1" to "0.0.0.0".
  3. Opened mysql using root, and executed the following command: GRANT ALL PRIVILEGES on . to worker@'ec2-ip-address' IDENTIFIED BY 'password';

根据我阅读的所有博客/文章,这应该可以解决问题,但我不断收到以下错误:

As per all the blogs/articles that I read, this should have solved the issue, but i keep getting the following error:

1130  Host 'amazon-ec2-ip' is not allowed to connect to this MySQL server

我为 EC2 实例提供的 IP 地址是在您创建实例时生成的弹性 IP.为了验证问题是否特定于 EC2,我尝试为不同的静态 IP 地址"执行命令3".现在,这对我有用(即我能够从该远程服务器登录到 mysql 主机),因此可以确定上述步骤是正确的.

The ip address I was providing for the EC2 instance was an elastic IP that gets generated when you create an instance. To verify whether the issue is specific to EC2, I tried executing the command "3" for a different "static ip address". Now, this worked for me (i.e. I was able to login to the mysql host from that remote server), so it is sure that the above steps are correct.

为什么 Amazon EC2 ip 地址不起作用?

Why is the Amazon EC2 ip address not working?

推荐答案

发布此问题后,我在工作时意识到我什至无法 ping 到 EC2 服务器或 telnet 到它.所以一些基本的东西一定是错的.最后一个朋友帮我解决了这个问题.正如我所料,这个问题非常特定于 EC2.

After posting this problem, as I was working, I realized that I wasn't even able to ping to the EC2 server or telnet to it. So something basic had to be wrong. Finally a friend helped me out with the problem. As I had expected, the problem was very specific to EC2.

详情如下:

当我们创建一个 EC2 实例时,我们会得到一个外部 IP 地址,类似于:ec2-XX-XXX-XXX-XX.ap-southeast-1.compute.amazonaws.com

When we create an EC2 instance, we get an external IP address which is similar to: ec2-XX-XXX-XXX-XX.ap-southeast-1.compute.amazonaws.com

在mysql中设置权限时,我授予上述IP地址的权限,即:

While setting the permissions in the mysql I was granting the permissions to the above IP address, i.e.:

GRANT ALL PRIVILEGES on . to worker@'ec2-XX-XXX-XXX-XX.ap-southeast1.compute.amazonaws.com' IDENTIFIED BY 'password';

当您尝试从另一个本地 EC2 实例与 EC2 实例通信时,这不起作用.为此,您需要提供 EC2 实例的内部 ip 地址",可以使用 ip 命令找到该地址:

This does not work when you try to communicate to an EC2 instance from another local EC2 instance. For this, you need to provide the 'internal ip address" of the EC2 instance, which can be found using the ip command:

ip a:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host 
valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 12:31:41:02:58:47 brd ff:ff:ff:ff:ff:ff
inet **XX.XX.XX.XXX/23** brd YY.YYY.YY.YYY scope global eth0
inet6 fe80::1031:41ff:fe02:5847/64 scope link 
valid_lft forever preferred_lft forever

为了使事情正常工作,您需要授予IP地址的权限--XX.XXX.XX.XXX/23",它应该可以工作.同样,在连接mysql"数据库时,提供给 mysql 命令的主机名也应该是主机 EC2 实例的内部 ip 地址".

To get things working correctly, you need to grant the permission to the ip address --"XX.XXX.XX.XXX/23", and it should work. Similarly, while connecting to the "mysql" database, the hostname provided to the mysql command should also be the "internal ip address" of the host EC2 instance.

相关文章