问题描述
- 在 Google Cloud Platform 的 Compute Engine 上创建了一个 VM。
- 安装了玛丽亚数据库。配置绑定到 0.0.0.0。
- 创建防火墙规则以允许访问 IP 范围 0.0.0.0/0 中的 3306。将其标记为“mysql-open”并将其添加为 VM 实例详细信息中的网络标记。我还选择了记录连接的选项。
- 当我尝试从 MySQL 工作台连接到以 3306 作为端口的 VM 实例的公共地址时,我收到 10060 错误。用于连接的用户 ID 被授予完整的 GRANT 并且类似于 'testuser'@'%'。下面是日志条目。这似乎表明防火墙规则有效。
"insertId": "epk9z8g1zjxknf",
"jsonPayload": {
"instance": {
"project_id": "XXXX",
"vm_name": "XXX",
"region": "us-east4",
"zone": "us-east4-c"
},
"connection": {
"src_port": 44826,
"dest_ip": "10.150.0.5",
"protocol": 6,
"dest_port": 3306,
"src_ip": "198.199.98.246"
},
"remote_location": {
"city": "San Francisco",
"continent": "America",
"country": "usa",
"region": "California"
},
"rule_details": {
"priority": 2000,
"ip_port_info": [
{
"port_range": [
"3306"
],
"ip_protocol": "TCP"
}
],
"source_range": [
"0.0.0.0/0"
],
"reference": "network:default/firewall:mysql-open",
"action": "ALLOW",
"direction": "INGRESS"
},
"vpc": {
"project_id": "XXXX",
"vpc_name": "default",
"subnetwork_name": "default"
},
"disposition": "ALLOWED"
},
"resource": {
"type": "gce_subnetwork",
"labels": {
"subnetwork_id": "2510359252254555075",
"project_id": "XXXX",
"subnetwork_name": "default",
"location": "us-east4-c"
}
},
"timestamp": "2020-11-05T14:12:33.819891417Z",
"logName": "projects/XXXX/logs/compute.googleapis.com%2Ffirewall",
"receiveTimestamp": "2020-11-05T14:12:39.166067521Z"
}
标签: google-cloud-platformmariadbvirtual-machinegoogle-compute-engine