Not Just Another AWS RDS Tutorial
AWS Relational Database Service (RDS) is widely used to host databases in the cloud. It supports several leading vendors like MySQL, PostgreSQL, Oracle and MSSQL Server. AWS also has it’s own offering Amazon Aurora, which is compatible with MySQL and PostgreSQL. In this tutorial, we will go over RDS overview, how to create an RDS instance, tips, and best practices.
RDS Overview
RDS offers the following key capabilities.
- It is a managed service in which AWS takes care of managing the underlying database infrastructure and typical database operations, such as database backups. At the same time, it gives a lot of flexibility in terms of how to set up the database instance (a.k.a. RDS instance), when to perform the backups, and so on. Thus, making common database management tasks a breeze.
- It does not require database expertise to create and manage RDS instances. Of course, you should still follow the database best practices when working with RDS.
- It supports most of the leading database platforms (a.k.a. Database Engines) like MySQL, PostgreSQL, Oracle, and MSSQL Server. AWS also has it’s own offering Amazon Aurora, which is compatible with MySQL and PostgreSQL. Aurora pricing is also a lot cheaper than the other databases.
- For Oracle databases, it supports two licensing models
- License Included: In this model, AWS RDS pricing takes into account the licensing cost as well.
- Bring-Your-Own-License (BYOL): In this model, a customer brings in their own license.
- RDS instances can be public facing or private. A private instance cannot be directly reached via the Internet and is recommended for most deployments.
- An RDS instance can be sized similar to compute instances. The DB Instance Class defines the virtual hardware specification (CPU and memory).
- You can also change the instance class on-demand (up/down).
- For storage type, you can use GP2 (which is SSD-based storage). For guaranteed IOPS you can use the IO1 storage.
- RDS supports multi-AZ deployments for high availability.
- RDS also offers various other convenience features, such as automated backups and automated upgrades. You can also specify the most suitable time windows for these.
Create an RDS Instance
Follow these simple steps to create an RDS Instance.
- Go to the RDS Console and click on Launch DB instance.
- Select the database engine. In this illustration, we will create a MySQL database instance.
Tip: Enable the Free Usage Tier checkbox to take advantage of the free tier only options. This will customize what you see on the next screens.
- Choose a use case. This choice determines the options on the subsequent screens.
- Specify the DB details.
- Provide the Instance specifications.
- Specify the license model and the database version.
- Choose a DB instance class that determines the CPU and memory. Choose conservatively. You can always change this later (up/down).
- You can choose Multi-AZ deployment for production deployments for high availability. For most development and testing environments, choose No to keep the costs low.
- For Storage type, prefer going with SSD. If you need guaranteed IOPS, use IO1 and choose the minimum number of IOPS that will meet your application needs.
- Allocate the required amount of storage only. You can change this later (increase only) as the demand grows.
- Specify the instance Settings.
- Give a logical DB instance identifier. This is used as part of your database connection specification.
Tip: Prefer using a more generic name for the instance identifier instead of an app specific one. A DB instance can be shared across multiple application databases. Hence, choosing a more generic name is generally a better idea, such as based on the organization name. - Specify the DB admin user and password. This is the DBA user.
- Give a logical DB instance identifier. This is used as part of your database connection specification.
- Provide the Instance specifications.
- Configure the advanced settings.
- Specify Network & Security information.
- Select the VPC in which the RDS instance will be hosted.
- You can let the RDS create the subnet group.
- Choose Public accessibility. For simplicity sake, here we are choosing public. However, for most deployments, you should NOT use public.
- You can create a new security group as part of the RDS setup to enable access to the database instance. For most deployments, create security groups in advance and use these instead of creating on the fly.
- You can enable automated backups and retention period in the Backup section. If you do not want backups, select 0 days. You can also specify a time window that’s more preferable, such as when you expect low database activity. In addition, enhanced monitoring can be enabled in this section.
- You can export logs to CloudWatch via the configuration in the Logs section. Another important setting you can configure is whether you would like to enable automated minor version upgrades that can be helpful for applying any relevant patches, such as security patches. If so, you can also specify a preferred time window.
- Specify Network & Security information.
- Click on Launch DB instance. The instance will now be created. This can take a few minutes.
- Once an RDS instance has been successfully created, it will appear on the Instances list.
- Click on the RDS instance to review its details. You will find the inputs you had provided at the time of creating the instance. Use the Endpoint information to connect to the RDS instance along with the master username and password.
That’s it! You have a database instance running in the cloud and you can connect to it now.
Connecting to an RDS Instance
Let’s take a look at how to connect to an RDS instance. Again, for simplicity sake, we will use the public facing instance we created in the previous section. I will use the Oracle SQL Developer to connect. But, you can use the MySQL client (depending on the database engine) or a JDBC client.
- Configure the database connection in the client based on the information in the RDS Instance details. Note that hostname is the endpoint under the RDS Instance details. Use the master user name and password for the initial connection. Once connected you can create additional database users for the application teams. The master user should only be used for DBA purpose.
- You can now connect to this database instance and try a simple query.
Sweet! Isn’t it?
RDS Management
RDS simplifies database management significantly via its console and CLI (command line interface). Following are some of the common database management operations.
- Start/stop
- Modify instance configuration (such as change instance class or storage size)
- Reboot
- Delete
- For a multi-AZ RDS instance, you can also initiate a failover.
RDS Best Practices
- Share RDS instances across multiple applications and preferably host these in a shared VPC. The application VPCs can then use a Peering Connection to talk to the database.
- Prefer using non-public RDS instances.
- Be conservative when choosing the DB Instance Class. You can also change it later (up/down). However, starting conservatively will minimize cost and will save unnecessary hassles if you decided to go from a higher class to a lower class.
- Prefer using the GP2 storage type over IO1 whenever possible to keep the costs low.
- When using IO1 storage, choose the minimum number of IOPS that meet the application needs.
- In general, you may require a round of tests to identify the most appropriate configuration and then periodically evaluate if any further optimization is needed.
- Prefer using a more generic name for the DB instance identifier instead of an app specific one. The rationale being a given RDS instance can be used by multiple applications.
- Avoid sharing the RDS master/admin user with any application team. Instead, create additional users for them with appropriate privileges.
- Although RDS makes database management quite simple and often does not require a DBA on the team, follow the database best practices.
- Prefer creating security groups in advance and associating these with the RDS instances instead of creating on the fly.
- Use security groups to restrict access to RDS instance to the required components only. For example, in a multi-tier stack, if the application tier only talks to the database, configure the security group rules to only permit access from the app tier.
Happy learning!
– Nitin
Also published on Medium.