Connection Parameters

Overview

To connect to a database:

  • The database must be started

  • When MaxScale is used, MaxScale must be started

  • The database user account must be created and have sufficient privileges

  • The firewall on the database server must allow the client to connect

  • The client must be configured with database details (such as host, port, username, and password)

  • When TLS is required, the client must be configured with TLS details (such as certificate, key, and CA chain)

Endpoint

In MariaDB Enterprise topologies, the endpoint for a client connection can be one of the following:

  • In multi-node topologies that use a MaxScale database proxy, applications and clients generally connect to a MaxScale node

  • In multi-node topologies that use a MariaDB Enterprise Server database, administrators, automation, and monitoring connect to an ES node

  • In multi-node topologies that use a MariaDB Xpand database, administrators, automation, and monitoring connect to an Xpand node

  • In single node topologies that use MariaDB Enterprise Server, applications and clients connect directly to the ES node

When mariadb client is used to connect to the endpoint, the IP address can be provided via the --host option, and the TCP port can be provided via the --port option:

$ mariadb --host=192.0.2.10 \
   --port=3307 \
   --user=app_user \
   --password

MaxScale Node

Many MariaDB Enterprise topologies rely on MariaDB MaxScale as a database proxy. When MaxScale is used, applications and clients generally connect to MaxScale, rather than connecting directly to the database server.

MariaDB Enterprise's deployment documentation includes some examples that show how to connect to MariaDB MaxScale on the following pages:

Enterprise Server Node

When clients connect directly to an Enterprise Server node, the client provides the nodes IP address and TCP port. The IP address and TCP port used by the node are configured using the bind_address and port system variables:

[mariadb]
..
bind_address=*
port=3307

Xpand Node

When clients connect directly to an Xpand node, the client provides the nodes IP address and TCP port. The IP address and TCP port used by the node are configured using the xpdnode_install.py installation wizard:

$ sudo ./xpdnode_install.py --wizard
..
6 - Database Listen Address (Front-End IP): 0.0.0.0 (Listen on all available interfaces)
7 - Database MySQL TCP Port: 3306
..

User Credentials

When connecting to a database, a username and a password for a database user account must be provided.

When mariadb client is used, the username can be provided via the --user option, and password authentication can be enabled by specifying the --password option:

$ mariadb --host=192.0.2.10 \
   --port=3307 \
   --user=app_user \
   --password

Certificate, Key, and CA Chain for TLS/SSL

When data-in-transit encryption is required, a certificate, key, and CA chain file might be required.

When mariadb client is used, several options can be used:

  • The certificate file can be provided via the --ssl-cert option

  • The key file can be provided via the --ssl-key option

  • The CA chain can be provided via the --ssl-ca options (for single .pem files) or the --ssl-capath option (for a directory of individual .pem files)

$ mariadb --host=192.0.2.10 \
   --port=3307 \
   --user=app_user \
   --password \
   --ssl-ca tls-ca-chain.pem \
   --ssl-key tls-key.pem \
   --ssl-cert tls-cert.pem