Source DB and Target DB connection settings

Available in VPC

Check the settings of the Source DB and Target DB, and set access information for database access before migration. Select which of the following cases is suitable for the situation you want to migrate and check how to set it up:

Migration in the same VPC: If the Source DB exists in a VPC in NAVER Cloud Platform and the Target DB is created in the same VPC
Migration to the Target DB in Public Subnet: If the Source DB and the Target DB have different domains, and the Target DB is created on Public Subnet
Migration to the Target DB in Private Subnet/Public Subnet: When the domains of the Source DB and the Target DB are different, and the Target DB is created in a Private Subnet or created in a Public Subnet but not assigned a public domain
Migration When the Source DB Is in a Private Subnet: This applies when the source DB and target DB are in different VPCs, and the source DB is created in a private subnet
Migration Using a Proxy Server: This applies when the target DB attempts to access the source DB using only the server's public IP address

Preparations

Proceed with the following preparations in order before connecting Source DB and Target DB:

Create Target DB in a VPC where Source DB is created on NAVER Cloud Platform console.
- Target DB should have the same type of DBMS as Source DB.
- The same DBMS major version as the Source DB is recommended.
- For more information about how to create Target DB, see Getting started with Cloud DB for MySQL.
Check the binary log settings of Source DB for Source DB replication. (Refer to the MySQL settings required for migration)

Check the Character Set/Collation and Definer account in the Source DB.

Cloud DB for MySQL supports [utf8, utf8mb4, euckr] Character Set only. If other settings are set on the Source DB, proceed after changing them.
Check if the Collation used in the Source DB is also supported by the Target DB.
For example, the versions before 8.0 do not support the utf8mb4_0900_ai_ci.
The Definer account used on the Source DB must be registered in Cloud DB for MySQL with the same account name and allowed host name in order to proceed with migration.
Source DB Character Set check query

SELECT character_set_name
FROM information_schema.TABLES T, information_schema.COLLATION_CHARACTER_SET_APPLICABILITY CCSA
WHERE CCSA.collation_name = T.table_collation AND TABLE_SCHEMA NOT IN ( 'information_schema', 'mysql', 'performance_schema', 'sys' ) AND CCSA.character_set_name NOT IN ( 'utf8', 'utf8mb3', 'utf8mb4', 'euckr' );

SELECT DEFAULT_CHARACTER_SET_NAME
FROM information_schema.SCHEMATA T
WHERE SCHEMA_NAME NOT IN ( 'information_schema', 'mysql', 'performance_schema', 'sys' ) AND DEFAULT_CHARACTER_SET_NAME NOT IN ( 'utf8', 'utf8mb3', 'utf8mb4', 'euckr');

Source DB Collation check query

SELECT DISTINCT (table_collation) as table_collate FROM information_schema.TABLES WHERE TABLE_SCHEMA NOT IN ('information_schema', 'mysql', 'performance_schema', 'sys'); 
SELECT DISTINCT (COLLATION_CONNECTION) as table_collate FROM information_schema.views WHERE TABLE_SCHEMA NOT IN ('information_schema', 'mysql', 'performance_schema', 'sys'); 
SELECT DISTINCT (COLLATION_CONNECTION) as table_collate FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA NOT IN ('information_schema', 'mysql', 'performance_schema', 'sys'); 
SELECT DISTINCT (DATABASE_COLLATION) as table_collate FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA NOT IN ('information_schema', 'mysql', 'performance_schema', 'sys'); 
SELECT DISTINCT (COLLATION_CONNECTION) as table_collate FROM information_schema.TRIGGERS WHERE TRIGGER_SCHEMA NOT IN ('information_schema', 'mysql', 'performance_schema', 'sys');
SELECT DISTINCT (DATABASE_COLLATION) as table_collate FROM information_schema.TRIGGERS WHERE TRIGGER_SCHEMA NOT IN ('information_schema', 'mysql', 'performance_schema', 'sys');
SELECT DISTINCT (DEFAULT_COLLATION_NAME) as table_collate FROM information_schema.SCHEMATA WHERE SCHEMA_NAME NOT IN ('information_schema', 'mysql', 'performance_schema', 'sys');

Source DB Definer account check query

SELECT DEFINER FROM information_schema.ROUTINES
WHERE ROUTINE_SCHEMA NOT IN ( 'information_schema', 'mysql', 'performance_schema', 'sys' ) AND SECURITY_TYPE = 'DEFINER';

SELECT DEFINER FROM information_schema.VIEWS
WHERE table_schema NOT IN ( 'information_schema', 'mysql', 'performance_schema', 'sys' ) AND SECURITY_TYPE = 'DEFINER' ;

(When migrating from MySQL 5.7 to 8.0 with mysqldump) check the sql_mode.

The sql_mode='NO_AUTO_CREATE_USER' setting, which is supported by MySQL 5.7 and MariaDB 10.1.7 and later versions as the Default value, is not supported starting with MySQL 8.0.
The following checks are required when performing the mysqldump method: When migrating through mydumper, sql_mode follows the Target DB settings, so no separate check is required.
If the relevant settings are applied to the Source DB, see the following and take proper actions and then proceed to the migration:
sql_mode settings check query

SELECT ROUTINE_SCHEMA, ROUTINE_NAME, SQL_MODE
FROM information_schema.routines
WHERE ROUTINE_SCHEMA NOT IN ('sys','mysql');

SELECT TRIGGER_SCHEMA, TRIGGER_NAME, sql_mode
FROM information_schema.triggers
WHERE TRIGGER_SCHEMA NOT IN ('sys','mysql');

SELECT @@sql_mode ;

How to take action for issues of compatibility with sql_mode

 - Source DB > In [DB Config management], set to remove the sql_mode='NO_AUTO_CREATE_USER'
 - Source DB > Delete the Procedure, Function, and Trigger and then re-create  
 1. Create the sql files with the phrases of drop and create only for the Procedure, Function, and Trigger
    $ mysqldump -u {user name} -p -h {Source DB host name} --set-gtid-purged=OFF --routines --triggers  --no-create-info --no-data --no-create-db --add-drop-trigger {user DB} > backup.sql
 2. Within the backup.sql file, remove all the syntax of NO_AUTO_CREATE_USER
    ex) SET sql_mode = 'STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION'  => SET sql_mode = 'STRICT_TRANS_TABLES,NO_ENGINE_SUBSTITUTION'
 3. Apply
    $ mysql -u {user name} -p -h {Source DB host name} {user DB} < backup.sql

Migration in the same VPC

The following describes how to set access information if the Source DB exists in a VPC in NAVER Cloud Platform and the Target DB is created in the same VPC:
Proceed with the following steps in order:

1. Set Target DB access

Set the ACG's Outbound rules applied to the Target DB server to allow access from the Target DB to the Source DB.

Note

The following describes only the details required for setting access: For more information about ACG settings, see ACG in the Server user guide.

To set ACG rules:

Check ACG applied to the Target DB server in the details on the Target DB.
Go to the ACG page by clicking in the ACG field.
Click the ACG applied to the Target DB and then click [ACG settings].
Click the [Outbound] tab.
Enter the following rules, and then click [Add]:
- Protocol: Select TCP
- Destination point: Enter the IP address range of a subnet where the Source DB is created (Example: 10.0.0.0/24)
- Allowed port: Input Source DB access port
Click [Apply].

2. Set Source DB access

You need to set the Source DB access information. Set the ACG rules and ACL applied to the Source DB.

Set ACG on the Source DB server

You must set the firewall for the Source DB server (ACG) for access from the Target DB.
Edit ACG's Inbound rules applied to the Source DB server to allow the following traffic. For more information, see ACG:
- Protocol: TCP
- Access source: IP address range of a subnet where the Target DB is created (Example: 10.0.0.0/24)
- Allowed port: Target DB access port
For the following cases, set the Outbound to the Source DB:
- NAVER Cloud Platform Server for which the Source DB uses NACL policy, not ACG
- For servers other than NAVER Cloud Platform Server

Note

As ACG follows stateful, it does not require setting the outbound separately.
However, as the network ACL follows stateless, set the outbound.

Creating a Source DB account and setting ACL

Create the following account and add it to ACL to connect the Source DB and the Target DB. For more information, see manage DB User:

The account's access IP (Host): IP address range of a subnet where the Target DB is created
Account's DB permissions
- Set to include permissions for database backup and recovery
- See minimum permissions required for migration
Password: Be sure to use a password created in the mysql_native_password format. For more information, see MySQL start/stop and access procedures.

Migration to the Target DB in Public Subnet

The following describes how to set access information if the Source DB and the Target DB have different domains and the Target DB is created on a Public Subnet:
Proceed with the following steps in order:

Assign the Public domain to the Target DB and the Source DB. For more information, see manage Public domain.
1. Set Target DB access
2. Set Source DB access

1. Set Target DB access

Set the ACG's Outbound rules applied to the Target DB server to allow access from the Target DB to the Source DB.

Note

The following describes only the details required for setting access: For more information about ACG settings, see ACG in the Server user guide.

To set ACG rules:

Check ACG applied to the Target DB server in the details on the Target DB.
Go to the ACG page by clicking in the ACG field.
Click the ACG applied to the Target DB and then click [ACG settings].
Click the [Outbound] tab.
Enter the following rules, and then click [Add]:
- Protocol: Select TCP
- Destination point: Enter the Public domain IP address on the Source DB (Example: 101.101.220.90/32)
- Allowed port: Input Source DB access port
Click [Apply].

2. Set Source DB access

You need to set the Source DB access information. Set the ACG rules and ACL applied to the Source DB.

Set ACG on the Source DB server

You must set the firewall for the Source DB server (ACG) for access from the Target DB. Edit ACG's Inbound rules applied to the Source DB server to allow the following traffic:
- Protocol: TCP
- Access source: Public domain IP address allocated to Target DB (Example:101.101.220.246/32)
- Allowed port: Target DB access port
For the following cases, set the Outbound to the Source DB:
- NAVER Cloud Platform Server for which the Source DB uses NACL policy, not ACG
- For servers other than NAVER Cloud Platform Server

Note

As ACG follows stateful, it does not require setting the outbound separately.
However, as the network ACL follows stateless, set the outbound.

Creating a Source DB account and setting ACL

Create the following account and add it to ACL to connect the Source DB and the Target DB:

Account's access IP (Host): IP address of a Public domain assigned to the Target DB
Account's DB permissions
- Set to include permissions for database backup and recovery
- See minimum permissions required for migration
Password: Be sure to use a password created in the mysql_native_password format. For more information, see MySQL start/stop and access procedures.

Migration to the Target DB in Private Subnet/Public Subnet

The following describes how to set access information if the Source DB and the Target DB have different domains and the Target DB is created on a Private Subnet:
Even if the Target DB is created as Public Subnet, it is possible to proceed with the following method:
Proceed with the following steps in order:

Assign the Public domain to the Source DB. For more information, see manage Public domain.
1. Set Target DB access
2. Set Source DB access

1. Set Target DB access

Set the Target DB access information. Proceed with the following steps in order:

1. Create NAT Gateway

Create a NAT Gateway to connect the Target DB server.

Note

The following describes only the details required for setting access: For more information about creating a NAT Gateway, see Create NAT Gateway in the VPC user guide.

To create a NAT Gateway:

From the NAVER Cloud Platform console's VPC environment, navigate to > Services > Networking > VPC.
Click Subnet Management.
Click [Create subnet].
Create a Subnet for Public NatGateway.
Click NAT Gateway.
Click [Create NAT Gateway].
Create a public NAT Gateway.
Enter the NAT Gateway name and then select VPC and subnet where the Target DB is created.
Click [Create].
Check the IP address of the NAT Gateway created.

2. Connect Route Table

Create the Route Table and add NAT Gateway to the routing rules. Apply the Route Table to the subnet where the Target DB exists.

Note

The following describes only the details required for setting access: For more information about Route Tables, see Route Table in the VPC user guide.

Caution

Since DMS uses public communication, you only need to add a NAT Gateway setting to the route table of the subnet where the target DB is located.
You must configure separate route tables for the subnet with the NAT Gateway and the subnet with the target DB.
If you add both the NAT Gateway setting and the associated subnet to a single route table, a routing conflict may occur.

To apply a Route Table:

From the NAVER Cloud Platform console's VPC environment, navigate to > Services > Networking > VPC.
Click Route Table.
Click [Create Route Table].
Enter the Route Table name and select VPC and Subnet support types.
- VPC: Select a VPC where the Target DB is created
- Supported Subnet types:
  - Select public with Public NatGateway if the Target DB is Private Subnet
  - Select public if Target DB is Public Subnet
Click [Create].
Click the Route Table created and then click [Set Route].
Enter the following information and then click [Create]:
- Destination: Enter the Public domain IP address assigned to the Source DB (Example: 101.101.220.90/32)
- Target Type: Select NATGW
- Target Name: Select the NAT Gateway created in 1. Create NAT Gateway
Click [OK].
Click Route Table and then click [Related Subnet settings].
Select a subnet where the NatGateway is created in Subnet name and then click [Create].
Click [OK].

3. Set ACG on the Target DB server

Set the ACG's Outbound rules applied to the Target DB server to allow access from the Target DB to the Source DB.

Note

The following describes only the details required for setting access: For more information about ACG settings, see ACG in the Server user guide.

To set ACG rules:

Check ACG applied to the Target DB server in the details on the Target DB.
Go to the ACG page by clicking in the ACG field.
Click the ACG applied to the Target DB and then click [ACG settings].
Click the [Outbound] tab.
Enter the following rules, and then click [Add]:
- Protocol: Select TCP
- Destination point: Enter the Public domain IP address on the Source DB (Example: 101.101.220.90/32)
- Allowed port: Input Source DB access port
Click [Apply].

2. Set Source DB access

You need to set the Source DB access information. Set the ACG rules and ACL applied to the Source DB.

Set ACG on the Source DB server

You must set the firewall for the Source DB server (ACG) for access from the Target DB. Edit ACG's Inbound rules applied to the Source DB server to allow the following traffic:
- Protocol: TCP
- Access source: IP address of NAT Gateway created in 1. create NAT Gateway
- Allowed port: Target DB access port
For the following cases, set the Outbound to the Source DB:
- NAVER Cloud Platform Server for which the Source DB uses NACL policy, not ACG
- For servers other than NAVER Cloud Platform Server

Note

As ACG follows stateful, it does not require setting the outbound separately.
However, as the network ACL follows stateless, set the outbound.

Creating a Source DB account and setting ACL

Create the following account and add it to ACL to connect the Source DB and the Target DB:

Account's access IP (Host): IP address of NAT Gateway created in 1. create NAT Gateway
Account's DB permissions
- Set to include permissions for database backup and recovery
- See minimum permissions required for migration
Password: Be sure to use a password created in the mysql_native_password format. For more information, see MySQL start/stop and access procedures.

Migration when Source DB is a Private Subnet

The following describes how to set access information if the Source DB and the Target DB are in different VPCs and the Source DB is created on a Private Subnet:

Proceed with the following steps in order:

For more information on communication between Target DB and Source DB, see Create VPC Peering (VPC Peering).
Set Target DB access
Set Source DB access
Set Endpoint

1. Create VPC Peering

The following describes how to configure VPC Peering for TCP communication between Source DB and Target DB: Because TCP operates on a bidirectional communication model, the implementation requires the creation of two VPC Peering solutions—each utilizing Source DB VPC and Target DB VPC as requesting VPCs for their individual peering connections.

Note

The following describes only the details required for setting access: For more information about creating a VPC Gateway, see VPC Peering in the Networking user guides.

To configure VPC Peering:

From the NAVER Cloud Platform console's VPC environment, navigate to > Services > Networking > VPC.
Click VPC Peering.
Click [Create VPC Peering].
- Requesting VPC: Select a VPC to which the Target DB belongs
- Accepting VPC: Select a VPC to which the Source DB belongs
Click [Create].

Create additional VPC Peering for bidirectional communication.

From the NAVER Cloud Platform console's VPC environment, navigate to > Services > Networking > VPC.
Click VPC Peering.
Click [Create VPC Peering].
- Requesting VPC: Select a VPC to which the Source DB belongs.
- Accepting VPC: Select a VPC to which the Target DB belongs.
Click [Create].

2. Set Target DB access

Set ACG on the Target DB Server

Set the ACG's Outbound rules applied to the Target DB to allow access from the Target DB to the Source DB.

Note

The following describes only the details required for setting access: For more information about ACG settings, see ACG in the Server user guide.

To set ACG rules:

Check ACG applied to the Target DB server in the details on the Target DB.
Go to the ACG page by clicking of the ACG item.
Click the ACG applied to the Target DB and then click [Set ACG].
Click [Outbound].
Enter the following rules, and then click [Add]:
- Protocol: Select TCP
- Destination point: Enter the private IP address of the Source DB server (Example: 10.1.2.16/32)
  - How to check private IP: nslookup {Private domain}
- Allowed port: Input Source DB access port
Click [Apply].

Connect Route Table

Create the Route Table and add VPC Peering to the routing rules.

Note

The following describes only the details required for setting access: For more information about how to set Route Tables, see Route Table in the VPC user guides.

To apply a Route Table:

From the NAVER Cloud Platform console's VPC environment, navigate to > Services > Networking > VPC.
Click Route Table.
Click [Create Route Table].
Enter the Route Table name and select VPC and Supported Subnet types.
- VPC: Select a VPC to which the Target DB belongs
- Supported Subnet types:
  - Select Private if Target DB belongs to a Private Subnet
  - Select Public if Target DB belongs to a Public Subnet
Click [Create].
Click the Route Table created and then click [Route settings].
Enter the following information and then click [Create]:
- Destination: Enter the IP address range of a Subnet to which the Source DB belongs (Example: 10.1.2.0/24)
- Target Type: Select VPCPEERING
- Target Name: Select a VPC Peering product created in VPC Peering creation.
Click [OK].
Click Route Table and then click [Related Subnet settings].
In Subnet name select the Subnet where VPC Peering was created and click [Create].
Click [OK].

3. Set Source DB access

Set ACG on the Source DB server

You must set the firewall for the Source DB server (ACG) for access from the Target DB. Edit ACG's Inbound rules applied to the Source DB server to allow the following traffic:

Protocol: TCP
Destination point: Enter the private IP address on the Target DB server (Example: 10.2.0.7/32)
- How to check private IP: nslookup {Private domain}
Allowed port: Enter Target DB access port

Connect Route Table

Create the Route Table and add VPC Peering to the routing rules.

Note

The following describes only the details required for setting access: For more information about how to set Route Tables, see Route Table in the VPC user guides.

To apply a Route Table:

From the NAVER Cloud Platform console's VPC environment, navigate to > Services > Networking > VPC.
Click Route Table.
Click [Create Route Table].
Enter the Route Table name and select VPC and Supported Subnet types.
- VPC: Select a VPC to which the Source DB belongs
- Supported Subnet types: Select Private because Source DB belongs to a Private Subnet.
Click [Create].
Click the Route Table created and then click [Route settings].
Enter the following information and then click [Create]:
- Destination: Enter the IP address of the Subnet to which Target DB belongs (Example: 10.2.0.0/24)
- Target Type: Select VPCPEERING
- Target Name: Select a VPC Peering product created in VPC Peering creation.
Click [OK].
Click Route Table and then click [Related Subnet settings].
In Subnet name select the Subnet where VPC Peering was created and click [Create].
Click [OK].

Creating a Source DB account and setting ACL

Create the following account and add it to ACL to connect the Source DB and the Target DB:

Account's access IP (Host): Private IP address of the Target DB
Account's DB permissions
- Set to include permissions for database backup and recovery
- See minimum permissions required for migration
Password: Be sure to use a password created in the mysql_native_password format. For more information, see MySQL start/stop and access procedures.

4. Set Endpoint

The following explains how to set a Source DB Endpoint for Migration:

Note

The following describes only the details required for setup: For more information about Endpoint settings, see Endpoint Management in the VPC user guides.

Endpoint URL: Private Domain of the Source DB
DB PORT: Source DB access port
DB User: Source DB access account
DB password: Source DB access password

Migration using a Proxy Server

Describes how to configure connection settings by deploying a proxy server when the source DB is in a private subnet and the target DB is in a public subnet. Used when the target DB attempts to access the source DB only through the Proxy Server's public IP. In this case, the source DB and the Proxy Server must be located in the same VPC.

Proceed with the following steps in order:

1. Setting up Proxy Server using Nginx

Describes how to set up a Proxy Server so that the target DB can access the source DB using only the server's public IP address. Before proceeding, you must create a server in the public subnet where the target DB is located and assign a public IP address.

Note

The following describes only the details required for setting Proxy: For more information on creating and connecting to a server, see Server in the Compute guide.

To create a Proxy server:

After connecting to the server, install Nginx.

wget https://nginx.org/download/nginx-1.24.0.tar.gz

Extract the downloaded Nginx package.
```
 tar -zxvf nginx-1.24.0.tar.gz
```

Navigate to the extracted directory and compile.

 ./configure --with-stream
 sudo make install

Note

Since stream-based communication is required, be sure to compile and install Nginx with the --with-stream option enabled.

Create the nginx.service file to run Nginx as a service.

# vi /etc/systemd/system/nginx.service
---
[Unit]
Description=nginx
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true

[Install]
WantedBy=multi-user.target

 systemctl daemon-reload # Register
 systemctl enable --now nginx # Automatically restart Nginx when the server reboots
 systemctl status nginx # Check the current status of the Nginx service

Note

If an error occurs, use the journalctl -xe command to check the logs.

Caution

If Couldn't stat /var/log/lastlog: No such file or directory error occurs when checking the status of Nginx, create the corresponding file in the same directory.

 touch /var/log/lastlog

Edit the nginx.conf file as follows:

#user  nobody;
worker_processes  1;

error_log  logs/error.log;
error_log  logs/error.log  notice;
error_log  logs/error.log  info;

pid        logs/nginx.pid;

stream {
    upstream db_servers {
            server [Source DB private IP address]:[Source DB port];
    }
    server {
            listen [Port to communicate with the target DB] so_keepalive=on;
            proxy_pass db_servers;
            proxy_socket_keepalive on;
            proxy_connect_timeout 30s;
    }
}

events {
    worker_connections  1024;
}

Restart Nginx.
```
 systemctl restart nginx
```

Note

This guide uses Nginx version 1.24.0 as an example for downloading, but you should download the latest version that is appropriate for your environment.

2. Set Target DB access

Set ACG on the Target DB Server

Set the ACG's Outbound rules applied to the Target DB to allow access from the Target DB to the Source DB.

Note

The following describes only the details required for setting access: For more information about ACG settings, see ACG in the Server user guide.

To set ACG rules:

Check ACG applied to the Target DB Server in the details on the Target DB.
Go to the ACG page by clicking in the ACG field.
Click the ACG applied to the Target DB and then click [ACG settings].
Click the [Outbound] tab.
Enter the following rules, and then click [Add]:

Protocol: Select TCP
Destination point: Enter the public IP address of the created server (Example: 223.101.151.223/32)
Allowed Port: Enter the port to be used for communication with the target DB

Click [Apply].

3. Set Source DB access

You must configure ACG rules for the source DB to enable communication with the proxy server. Set ACG's Inbound rules applied to the Source DB server to allow communication.

Add the following rule to the [Inbound] rules:

Protocol: TCP
Destination point: The ACG applied to the created server (Example: mysql-vpc-default-acg)
Allowed port: Input Source DB access port

4. Set Proxy Server connection

To allow communication between the source DB and target DB through the proxy server, you must configure ACG rules for the created server. Modify both the Inbound and Outbound rules of the ACG applied to the server.

Note

In this case, you will need the public IP address of the target DB, which is created in the public subnet, to configure the ACG. To issue the public domain of the target DB, go to: [Cloud DB for MySQL > DB Server > Select Target DB > DB Management > Manage Public Domain]

How to check the Public IP address

 nslookup {Target DB Public 도메인}

Add the following rule to the [Inbound] rules:

Protocol: TCP
Destination point: Enter the public IP address of the Target DB (Example: 211.101.130.211/32)
Allowed Port: Enter the port to be used for communication with the target DB

Add the following rule to the [Outbound] rules:

Protocol: TCP
Destination point: Enter the private IP address of the source DB (Example: 10.1.2.16/32)
Allowed port: Input Source DB access port

5. Set Endpoint

The following explains how to set a Source DB Endpoint for Migration: Since communication with the proxy server has been configured, you can set the endpoint using the server's public IP address without specifying a separate source DB URL.

Note

The following describes only the details required for setup: For more information about Endpoint settings, see Endpoint Management in the VPC user guides.

Endpoint URL: Enter the public IP address of the created server
DB PORT: Source DB access port
DB User: Source DB access account
DB password: Source DB access password

MySQL settings required for migration

This section describes the prerequisite settings required for the Source DB to perform migration.

Required field: Enable binary log
- Check whether the log_bin value is displayed as ON
- server_id value assignment
Recommendations: Set the binary log storage period as more than 5 days
- Set the value of the settings variable expire_logs_days or binlog_expire_logs_seconds
- If the binary log storage period is shorter than the time elapsed for migration, the following error messages will be displayed when performing replication: In this case, you need to delete and recreate migration after changing the source DB settings.
  Got fatal error 1236 from master when reading data from binary log: 'Could not find first log file name in binary log index file

Note

If the Source DB is AWS Aurora or AWS RDS, the following changes to the log_bin and GTID settings are required to migrate to NCP Cloud DB for MySQL.

binlog_format = ROW
log_bin = ON
gtid_mode = ON
enforce_gtid_consistency = ON

Minimum permissions required for migration

Execute the following command if the Source DB is in GTID mode:

Backup method: If mysqldump is selected

When the Target DB is below 8.0.32

GRANT PROCESS, SHOW DATABASES, REPLICATION SLAVE, REPLICATION CLIENT, SHOW_ROUTINE ON *.* TO '[User name]'@'[HOST IP]';
GRANT SELECT ON mysql.* TO '[User name]'@'[HOST IP]';
GRANT SELECT, SHOW VIEW, LOCK TABLES, TRIGGER ON [User DB].* TO '[User name]'@'[HOST IP]';

When the Target DB is equal to or higher than 8.0.32

GRANT {RELOAD|FLUSH_TABLES}, PROCESS, SHOW DATABASES, REPLICATION SLAVE, REPLICATION CLIENT, SHOW_ROUTINE ON *.* TO '[User name]'@'[HOST IP]';
GRANT SELECT ON mysql.* TO '[User name]'@'[HOST IP]';
GRANT SELECT, SHOW VIEW, LOCK TABLES, TRIGGER ON [User DB].* TO '[User name]'@'[HOST IP]';

Execute the following command if the Source DB is not in GTID mode:

GRANT RELOAD, PROCESS, SHOW DATABASES, REPLICATION SLAVE, REPLICATION CLIENT, SHOW_ROUTINE ON *.* TO '[User name]'@'[HOST IP]';
GRANT SELECT ON mysql.* TO '[User name]'@'[HOST IP]';
GRANT SELECT, SHOW VIEW, TRIGGER ON [User DB].* TO '[User name]'@'[HOST IP]';

Note

If the Source DB is not in GTID mode, the [RELOAD] permission is required for the Source DB user. If the policy doesn't grant the permission, perform migration after changing the Source DB to GTID mode.
If you want to perform migration in the AWS RDS environment, you need to change to GTID mode and then proceed to migration because of permission policies.
The [SHOW_ROUTINE] permission is required for Routine Dumps since MySQL 8.0.20 version.
From the Target DB 8.0.32, the [RELOAD] or [FLUSH_TABLES] permission is additionally required even if the Source DB is in GTID mode.
A [Y] setting for system table permission is required.

Backup method: If mydumper is selected

GRANT BACKUP_ADMIN, {RELOAD|FLUSH_TABLES}, PROCESS, SHOW DATABASES, REPLICATION SLAVE, REPLICATION CLIENT, SHOW_ROUTINE ON *.* TO '[User name]'@'[HOST IP]';
GRANT SELECT ON mysql.* TO '[User name]'@'[HOST IP]';
GRANT SELECT ON sys.* TO '[User name]'@'[HOST IP]';
GRANT SELECT, SHOW VIEW, LOCK TABLES, TRIGGER ON [User DB].* TO '[User name]'@'[HOST IP]';

Note

To use mydumper, the Source DB user account needs the BACKUP_ADMIN, {RELOAD|FLUSH_TABLES} permission.
Check the appropriate permissions and request it if necessary through customer inquiry.
A [Y] setting for system table permission is required.