Connecting to a database in a cluster MySQL

You can connect to Managed Service for MySQL cluster hosts:

  • Over the internet, if you configured public access for the appropriate host. You can only connect to these hosts over an SSL connection.
  • From Yandex.Cloud virtual machines located in the same virtual network. If the host isn't publicly available, you don't need to use an SSL connection to connect to such VMs.

Note

If public access is only configured for certain hosts in your cluster, automatic master change may make the master unavailable over the internet.

Configuring an SSL certificate

MySQLhosts with public access only support connections with an SSL certificate. You can prepare a certificate as follows:

$ mkdir ~/.mysql
$ wget "https://storage.yandexcloud.net/cloud-certs/CA.pem" -O ~/.mysql/root.crt
$ chmod 0600 ~/.mysql/root.crt

Connection string

Connect to the database using the command mysql.

To view an example of the command with the host FQDN filled in, open the cluster page in the management console and click Connect.

For hosts with public access, you can only connect over the internet with an SSL certificate.

$ mysql --host=<host FQDN>
        --port=3306
        --ssl-ca=~/.mysql/root.crt
        --ssl-mode=REQUIRED
        --user=<name of database user>
        --password <DB name>

If you don't need to encrypt traffic within the virtual network when connecting to the database, you can connect to the database without an SSL connection. Pass the --ssl-mode parameter with the DISABLED value:

$ mysql --host=<host FQDN>
        --port=3306
        --ssl-mode=DISABLED
        --user=<name of database user>
        --password <DB name>

Connecting to the master

Hosts will always identify the current master as c-<cluster ID>.rw.mdb.yandexcloud.net. For example, you can connect to the master of the cluster with the c9qash3nb1v9ulc8j9nm ID as follows:

$ mysql --host=c-c9qash3nb1v9ulc8j9nm.rw.mdb.yandexcloud.net
        --port=3306
        --ssl-ca=~/.mysql/root.crt
        --ssl-mode=REQUIRED
        --user=<name of database user>
        --password <DB name>