Connecting to a MySQL® cluster

• How do I connect to a cluster?

• Why cannot I connect from the internet?

• Why cannot I connect from Yandex Cloud?

• Why cannot I connect to a multi-host cluster?

• Can I connect to cluster hosts via SSH or get superuser permissions on hosts?

• What do I do if I get the revocation check error when using PowerShell to obtain an SSL certificate?

• Why would the connection limit be exceeded?

How do I connect to a cluster?How do I connect to a cluster?

View the connection examples in the documentation or on the cluster page in the management console (click Connect in the top panel).

MySQL® hosts with public access only support connections with an SSL certificate.

There are also Special FQDNs pointing to the current master and the cluster's least lagging replica.

Why cannot I connect from the internet?Why cannot I connect from the internet?

Check whether there is public access to the host. To do this, in the management console:

1. Go to the folder page and select Managed Service for MySQL.
2. Click the name of the cluster you need and select the Hosts tab.
3. Look at the value in the specific host's Public access column.

MySQL® hosts with public access only support connections with an SSL certificate.

Additional information:

• If public access is only configured for certain hosts in your cluster, automatic master change may make the master unavailable over the internet.
• If you are using Special FQDNs, check the host list to see whether the current master or replica have public access.
• If you are using Security groups, check their settings.

Why cannot I connect from Yandex Cloud?Why cannot I connect from Yandex Cloud?

Please check that you are connecting from a Yandex Cloud VM located on the same virtual network as the MySQL® cluster.

To do this, in the management console:

1. Go to the folder page, select Managed Service for MySQL, and click the name of the specific cluster.
2. Check the value of the Cloud network parameter and click the network name link to see its subnets.
3. Make sure the virtual machine is located on one of the network's subnets.

Additional information:

• If you are connecting to a host with public access, a connection can only be established with an SSL certificate.
• If you are using Special FQDNs, check the host list to see whether the current master or replica have public access.
• If you are using Security groups, check their settings.

Why cannot I connect to a multi-host cluster?Why cannot I connect to a multi-host cluster?

If public access is only configured for certain hosts in your cluster, automatic master change may make the master unavailable over the internet.

Check whether there is public access to the host. To do this, in the management console:

1. Go to the folder page and select Managed Service for MySQL.
2. Click the name of the cluster you need and select the Hosts tab.
3. Look at the value in the specific host's Public access column.

Additional information:

• If you are using Special FQDNs, check the host list to see whether the current master or replica have public access.

• If you cannot connect to the host you added, check that the cluster security group is configured correctly for the host's subnet.

Can I connect to cluster hosts via SSH or get superuser permissions on hosts?Can I connect to cluster hosts via SSH or get superuser permissions on hosts?

You cannot connect to hosts via SSH, nor can you get superuser permissions. This is done for the sake of security and user cluster fault tolerance because direct changes inside a host can render it completely inoperable.

What do I do if I get the revocation check error when using PowerShell to obtain an SSL certificate?What do I do if I get the revocation check error when using PowerShell to obtain an SSL certificate?

Here is the full text of the error:

curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012)
The revocation function was unable to check revocation for the certificate

This means, when connecting to the website, the service failed to check whether or not the website’s certificate is on the list of revoked certificates.

To fix this error:

• Make sure the corporate network settings do not block the check.

• Run the command with the --ssl-no-revoke parameter.

  mkdir $HOME\.mysql; curl.exe --ssl-no-revoke -o $HOME\.mysql\root.crt https://storage.yandexcloud.net/cloud-certs/CA.pem
  

Why would the connection limit be exceeded?Why would the connection limit be exceeded?

The maximum number of concurrent connections to a Managed Service for MySQL® cluster host is set by the max_connections parameter, which by default is <MB_of_RAM_per_host> ÷ 32, but not less than 100.

For example, for a s1.micro (2 vCPU, 8 GB) class host, the default max_connections parameter value is: 8,192 ÷ 32 = 256.

You can edit the Max connections value in the cluster settings.