How do I enable an app in a Lightsail container service to connect to an RDS instance?

0

I'm wanting to move a Flask app in Elastic Beanstalk to Lightsail. I have successfully deployed the app to a Lightsail container service. I can't work out how to enable the app to connect to the database (which is a MySQL db in RDS). There is no instance, just a container, so there's no information about the security group. I identified the IP addresses that the public DNS is using and added them in the inbound rules in the DB's security group, but that didn't work. Is it even possible, or do I have to move the database to Lightsail as well?

feita há 2 anos1,7 mil visualizações
2 Respostas
1
Resposta aceita

After setting up a VPC peer connection, you can see the peer connection to the VPC where Lightsail is deployed from the Peer Connection of the VPC screen.
Check "Requestor CIDR" in the peer connection details to see the CIDR of the VPC where Lightsail is deployed.
If you set that CIDR in the RDS security group inbound rule, you can make the connection.

profile picture
ESPECIALISTA
respondido há 2 anos
profile picture
ESPECIALISTA
avaliado há 7 meses
  • That worked! Thank you so much.

0

It is possible to connect from Lightsail to RDS.
Follow these steps to create a VPC peer connection.
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/lightsail-how-to-set-up-vpc-peering-with-aws-resources
Then configure the RDS security group to allow Lightsail connections.
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-connect-lamp-instance-to-aurora-database#configure-security-group

This procedure is for connecting to RDS Aurora, but it can be set up in much the same way for RDS MySQL.
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-connect-lamp-instance-to-aurora-database

profile picture
ESPECIALISTA
respondido há 2 anos
  • There is only the container service (I believe this is a new Lightsail feature), which works, because the app is running (I just need to connect the DB). I have already seen those instructions, but they don't apply because there is no instance.

  • It is possible to connect from the Lightsail container by editing the RDS security group after setting up the VPC peer connection.
    The IP address set for the inbound rule is a private IP address.
    Public access must be enabled in RDS if public IP addresses are to be set in the security group.

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas