When migrating from a self-managed MySQL master-slave setup to Amazon RDS, one critical piece of information often becomes elusive - the private IP address of your RDS instance. This becomes particularly important when you need to maintain hybrid replication with external slaves outside AWS ecosystem.
Unlike EC2 instances, RDS doesn't display private IP addresses in the console because:
- RDS uses DNS-based endpoint routing
- IP addresses may change during maintenance events
- AWS encourages using the provided endpoint name
Here are several reliable methods to discover your RDS instance's private IP:
1. Using nslookup or dig
# Linux/macOS
nslookup your-rds-endpoint.rds.amazonaws.com
# Windows
nslookup your-rds-endpoint.rds.amazonaws.com2. From Within a Connected EC2 Instance
mysql -h your-rds-endpoint.rds.amazonaws.com -u admin -p
mysql> SHOW VARIABLES LIKE 'hostname';
+---------------+-----------------------------+
| Variable_name | Value |
+---------------+-----------------------------+
| hostname | ip-10-0-5-201.ec2.internal |
+---------------+-----------------------------+3. Using VPC Flow Logs
Enable VPC flow logs and filter for traffic to port 3306 (MySQL default port).
Once you have the private IP, configure your external slave:
CHANGE MASTER TO
MASTER_HOST='10.0.5.201',
MASTER_USER='repl_user',
MASTER_PASSWORD='securepassword',
MASTER_AUTO_POSITION=1;- Ensure proper VPC peering or VPN setup for cross-environment connectivity
- Configure appropriate security groups to allow traffic from your external slave
- Monitor replication lag as cross-region/cloud setups may introduce latency
For dynamic environments, create a script to periodically resolve and update the IP:
#!/bin/bash
RDS_IP=$(nslookup your-rds-endpoint.rds.amazonaws.com | awk '/Address/ { print $2 }' | tail -n1)
mysql -h localhost -u admin -p -e "CHANGE MASTER TO MASTER_HOST='$RDS_IP'; START SLAVE;"When migrating from a self-managed MySQL master-slave setup to Amazon RDS, one common hurdle is establishing replication between an external slave and your new RDS master instance. Unlike EC2 instances where you can directly query the private IP, RDS abstracts this information for managed service reasons.
For replication to work properly, your external slave needs to connect to the RDS master using its private IP address rather than the public endpoint. This ensures:
- Lower latency within AWS network
- No data transfer costs
- Better security through VPC isolation
Here are three reliable methods to find your RDS instance's private IP:
1. Using AWS CLI
The most programmatic approach is using AWS CLI:
aws rds describe-db-instances \
--db-instance-identifier your-rds-instance-name \
--query 'DBInstances[0].Endpoint.Address' \
--output text
This returns the DNS name which will resolve to the private IP when called from within your VPC.
2. DNS Lookup from EC2
From an EC2 instance in the same VPC:
nslookup your-rds-endpoint.rds.amazonaws.com
Example output showing the private IP:
Server: 10.0.0.2
Address: 10.0.0.2#53
Non-authoritative answer:
Name: your-rds-endpoint.rds.amazonaws.com
Address: 10.0.1.45
3. VPC Flow Logs Analysis
For existing connections, check VPC flow logs filtering by your RDS security group. The private IP will appear in the destination field.
Once you have the IP, configure your external slave:
CHANGE MASTER TO
MASTER_HOST='10.0.1.45',
MASTER_USER='repl_user',
MASTER_PASSWORD='securepassword',
MASTER_AUTO_POSITION=1;
START SLAVE;
- Ensure proper security group rules allowing traffic from slave to master
- Verify both instances use the same MySQL version
- Consider using RDS Read Replicas instead of external slaves for better integration
- Monitor replication lag carefully during the migration period
Remember that RDS private IPs can change during maintenance events, so always use the DNS name in long-term configurations.