node.js on EC2 failing to connect to RDS

1
votes

I have a node.js application running on an EC2 instance (running Ubuntu) trying to connect to MySQL on RDS. The security group for the RDS instance contains the security group for the EC2 instance as an authorized entry. Both instances are in the same zone, us-east-1c.

When I attempt to connect to RDS using MySQL CLI using mysql -u xxxxx -h xxxxx.xxxxxx.us-east-1.rds.amazonaws.com -p I connect without any problems.

However, when I attempt to connect using an RDS connection test utility I've written, I get an Error: connect ECONNREFUSED. The test utility code is:

var mysql = require('mysql');

mysqlConfiguration = 'production';
var mysqlConfigs = {
    'production':{
        host:'xxxxx.xxxxx.us-east-1.rds.amazonaws.com',
        password:'xxxxx',
        user:'xxxxx',
        database:'xxxxx'
    },
}

var connectionPool = mysql.createPool({
    host: mysqlConfigs[mysqlConfiguration]['host'],
    user: mysqlConfigs[mysqlConfiguration]['user'],
    password: mysqlConfigs[mysqlConfiguration]['password'],
    database: mysqlConfigs[mysqlConfiguration]['database'],
    multipleStatements: true,
    connectionLimit: 50,
});

connectionPool.getConnection(function(err,db){
    console.log(err);
    console.log(db);
    if(db) db.release();
});

The error I receive indicates that the connection is refused. When I run this code on my dev machine (which is whitelisted with the RDS instance), it connects normally to RDS. 

{ [Error: connect ECONNREFUSED]
  code: 'ECONNREFUSED',
  errno: 'ECONNREFUSED',
  syscall: 'connect',
  fatal: true }

It's very strange how I can connect using mysql from the command line but I can't from the node.js application.

I've looked at EC2 iptables outbound defaults in the EC2 documentation and it says all outbound traffic is allowed.

Any ideas why this is happening?

3
node.jsubuntuamazon-ec2amazon-rds

3 Answers

0
votes

In mysql the authorization of a user is determined by a 'user' string plus a 'hostname' string. So the authorization/user string can look like something like this: 'xxxxx'@'xxxxx.xxxxx.us-east-1.rds.amazonaws.com'

It's possible that your node application is connecting using a 'different' user string altogether.

You can try the following from the mysql command line:

mysql> CREATE USER 'xxxxxx'@'%' IDENTIFIED BY 'your_password';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'xxxxxx'@'%'
    ->     WITH GRANT OPTION;

This way you will have an account that allows you access the database server regardless of what the host portion of the user is.

It could be even a simpler problem, that your user simply doesn't have access to the database. You can try:

mysql> GRANT ALL PRIVILEGES ON *.* TO 'xxxxxx'@'xxxxx.xxxxx.us-east-1.rds.amazonaws.com'
    ->     WITH GRANT OPTION;

Or it could be even simpler. Is the database present?

mysql> SHOW DATABASES;

If it's not present you can try:

mysql> CREATE DATABASE <your-database-name>;
0
votes

When I attempt to connect to RDS using MySQL CLI using mysql -u xxxxx -h xxxxx.xxxxxx.us-east-1.rds.amazonaws.com -p I connect without any problems.

It means you can connect to RDS fine using mysql cli from let's say Host_A.

When I run this code on my dev machine (which is whitelisted with the RDS instance), it connects normally to RDS.

It means you can connect to RDS fine using your code from let's say Host_DEV.

However, when I attempt to connect using an RDS connection test utility I've written, I get an Error: connect ECONNREFUSED.

It means, you cannot connect to RDS using your code on let's say HOST_B.

This sounds more like the settings of your RDS Security Groups. Also, The way you have stated the problemn, I see that HOST_A and HOST_DEV are whitelisted in RDS Security group but HOST_B is not where you are trying to run your code.

  • Doublecheck your RDS Security groups setting and esnure that you have necessary access configured there.
  • Also, As you code works fine on HOST_DEV, I don't think the issue is with your code. Have you tried connecting to RDS using mysql cli from HOST_B? If not, then try it first.

I am trying to imagine the various hosts you have mentioned in your post and think that this is a RDS security groups configuration issue

0
votes

My bad, this was an issue with the node version. For some reason apt-get installs node 0.6 but I needed 0.10. Once installed from git it worked like a charm.