Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.Original topic: TIDB如何设置访问白名单
|
username: TiDBer_7Oi7Om69
[TiDB Usage Environment] Production Environment / Testing / PoC
[TiDB Version]
tidb 6.1.1
As the title suggests, how to set up an access whitelist for the cluster?
Are you referring to a whitelist for SQL users? Can this type of host restriction for login users be done like this:
|
username: CREATE USER `rw_user`@`192.168.%`;
This is for setting a whitelist for a single user. There is a problem here, which is how to set multiple IPs, such as company and home IPs, without using wildcards.
Apart from setting it for a single user, I want to see if there is a way to set a whitelist for cluster access directly, so that IPs outside the whitelist are not allowed to make requests at all.
This suggestion should be implemented in Load Balance. According to the official website, the enterprise edition has this feature:
Can multiple IPs be filled in for a single user host restriction?
The host cannot have multiple IPs. You can do something like this:
|
username: CREATE USER `rw_user`@`192.168.1.1` IDENTIFIED BY '111111';
CREATE USER `rw_user`@`192.168.1.2` IDENTIFIED BY '111111';
Opening a firewall whitelist on the load balance node is also an option.
Each IP has one account, but the account passwords are all the same.
|
username: