[英]Connecting to RDS instance through VPC from EC2 using PHP
I've been looking on stackoverflow for quite some time, but I just can't seem to find a solution... Here's what my situation looks like: 我一直在寻找stackoverflow了一段时间,但似乎似乎找不到解决方案……这是我的情况:
Now here's my problem: 现在这是我的问题:
I can't seem to figure out how to connect to RDS from EC2 through a simple PHP script. 我似乎无法弄清楚如何通过一个简单的PHP脚本从EC2连接到RDS。 Whenever I try to connect, I get error code 13. Since EC2 can connect through the terminal, I'm guessing that's due to being in the same subnet;
每当我尝试连接时,我都会收到错误代码13。由于EC2可以通过终端进行连接,所以我猜测这是由于位于同一子网中; however, when I try to connect through PHP (I'm assuming at this point it's trying to connect with the EIP address) I get an error.
但是,当我尝试通过PHP连接时(我假设此时正在尝试与EIP地址连接),我得到一个错误。
Weird thing is a I can connect to RDS though Sequel Pro (Mac equivalent to Navicat or phpMyAdmin), but not through EC2. 奇怪的是,我可以通过Sequel Pro(Mac相当于Navicat或phpMyAdmin)连接到RDS,但不能通过EC2连接到RDS。
I'm starting to think it's not longer a security group issue, but a OS/PHP configuration on my EC2 instance that's completely slipped my mind. 我开始认为这不再是安全组问题,而是EC2实例上的OS / PHP配置完全让我无所适从。
Any thoughts? 有什么想法吗? Thanks in advanced!
提前致谢!
I am re-posting my answer from another thread, since yours came up as related: 我正在从另一个线程重新发布我的答案,因为您的答案与之相关:
What are you running on your EC2? 您在EC2上运行什么? Just asking in case it's an SELinux (Security-Enhanced Linux), in which case it could possibly be the security limitation.
只是询问是否是SELinux(增强安全性的Linux),在这种情况下可能是安全限制。
At your terminal, if you run: 在终端上,如果您运行:
getsebool -a | grep httpd
you should be able to see this limitation (whether your webserver can "network" or not. If it cannot, then run this, which should fix your problem: 您应该能够看到此限制(您的Web服务器是否可以“联网”。如果不能,请运行此服务器,这应该可以解决您的问题:
setsebool -P httpd_can_network_connect 1
Hope that solves it, otherwise I don't see where the issue can arise, especially since you say you can connect via terminal (so AWS security groups should not be the issue). 希望能解决这个问题,否则我看不到问题可能出在哪里,尤其是因为您说可以通过终端连接(因此AWS安全组不应该成为问题)。
You can try to connect to your RDS instance using your internal subnet IP address. 您可以尝试使用内部子网IP地址连接到RDS实例。 To find out which one is you internal IP address (from your VPC subnet) from your EC2 instance in the same subnet:
要找出来自同一子网中EC2实例的内部IP地址(来自VPC子网)是哪一个,请执行以下操作:
ping <your-rds-endpoint-without-3306>
Double check you use the right credentials. 仔细检查您是否使用了正确的凭据。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.