How do I enable an app in a Lightsail container service to connect to an RDS instance?

0

I'm wanting to move a Flask app in Elastic Beanstalk to Lightsail. I have successfully deployed the app to a Lightsail container service. I can't work out how to enable the app to connect to the database (which is a MySQL db in RDS). There is no instance, just a container, so there's no information about the security group. I identified the IP addresses that the public DNS is using and added them in the inbound rules in the DB's security group, but that didn't work. Is it even possible, or do I have to move the database to Lightsail as well?

posta 2 anni fa1743 visualizzazioni
2 Risposte
1
Risposta accettata

After setting up a VPC peer connection, you can see the peer connection to the VPC where Lightsail is deployed from the Peer Connection of the VPC screen.
Check "Requestor CIDR" in the peer connection details to see the CIDR of the VPC where Lightsail is deployed.
If you set that CIDR in the RDS security group inbound rule, you can make the connection.

profile picture
ESPERTO
con risposta 2 anni fa
profile picture
ESPERTO
verificato 7 mesi fa
  • That worked! Thank you so much.

0

It is possible to connect from Lightsail to RDS.
Follow these steps to create a VPC peer connection.
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/lightsail-how-to-set-up-vpc-peering-with-aws-resources
Then configure the RDS security group to allow Lightsail connections.
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-connect-lamp-instance-to-aurora-database#configure-security-group

This procedure is for connecting to RDS Aurora, but it can be set up in much the same way for RDS MySQL.
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-connect-lamp-instance-to-aurora-database

profile picture
ESPERTO
con risposta 2 anni fa
  • There is only the container service (I believe this is a new Lightsail feature), which works, because the app is running (I just need to connect the DB). I have already seen those instructions, but they don't apply because there is no instance.

  • It is possible to connect from the Lightsail container by editing the RDS security group after setting up the VPC peer connection.
    The IP address set for the inbound rule is a private IP address.
    Public access must be enabled in RDS if public IP addresses are to be set in the security group.

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande