MySQL connection issues

I have 2 Linodes. 1 is running Apache 2, PHP, Ruby and the other is a strict MySQL DB server and Postfix server. What I would like to know is what do I have to do so they can talk to each other via their private IP's. I want to be able to send DB data transfer over the private IP. I have already setup the private IP's and they are pingable from each machine.

3 Replies

Sounds like all you have to do is configure MySQL to listen on the private interface, and then tell your PHP application that its database lives at that IP address.

@telder4336:

I have 2 Linodes. 1 is running Apache 2, PHP, Ruby and the other is a strict MySQL DB server and Postfix server. What I would like to know is what do I have to do so they can talk to each other via their private IP's. I want to be able to send DB data transfer over the private IP. I have already setup the private IP's and they are pingable from each machine.

Since you already have the private IPs up and functionaly you need to create hostnames for each private IP (something like app.private and db.private). These should be added to either your DNS server (assuming both Linodes use the same DNS server) or the local /etc/hosts file on each Linode.

You then simply configuration your application to talk to db.private as the mysql db host.

You will of course have to allow your db user to connect to the mysql db from the private IP address of the application server (this goes beyond the knowledge of mysql that I posses off the top of my head to tell you how you would do this).

If you are paranoid you could/should then configure iptables on your DB Linode to reject all connections from its public IP address except ssh.

If you are super paranoid, you configure your DB Linode to reject all connections from its public IP address and you connect to it via Lish or ssh from the app server. You could also removes its public IP address entirely, but this makes updates a pain.

I do believe there was a fellow earlier talking about his DB behind his webserver and how he secured it from the internet. Might want to take a look at that.

As for cburgess, the best idea would be to ssh tunnel from your webserver to your db server.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct