I just created a JawsDB MySQL instance and provisioned it with my app. Performing a heroku config: get JAWSDB_URL yields the following string:
mysql://(redacted-username):(redacted-password)#h40lg7qyub2umdvb.cbetxkdyhwsb.us-east-1.rds.amazonaws.com:3306/schema
When attempting to connect to this database using any database manager GUI, such as MySQL Workbench or HeidiSQL using the following parameters:
| Key | Value |
| ---------- | ------------------- |
| hostname | h40lg7qyub2umdvb.cbetxkdyhwsb.us-east-1.rds.amazonaws.com |
| port | 3306 |
| username | (redacted-username) |
| password | (redacted-password) |
| connection | TCP/IP |
...I receive the following error:
Failed to Connect to MySQL at h40lg7qyub2umdvb.cbetxkdyhwsb.us-east-1.rds.amazonaws.com:3306 with user (redacted-username)
Lost connection to MySQL server at 'reading initial communication packet', system error: 0
This is my second attempt at trying this - I received the same error with the JawsDB instance I just set up earlier, so I deleted that and receive the same error again here. Any ideas?
After further investigation, I found out that port 3306 was blocked at my University, no thanks to the unhelpful error message.
Hopefully this helps others who encounter this problem, as this isn't in the docs.
Related
I have recently started working with Security Onion as a home project and I have been having a consistent issue with MySQL server and Security Onion not wanting to work. I can't seem to find much about this issue on the internet as I have searched on it for about two weeks. I was attempting to remedy the situation through different means, like uninstalling security onion, docker, MySQL, and all other dependencies and starting the installation process over again and I keep running into the same issue.
What I am seeing from sudo cat /root/sosetup.log is an issue between FleetDB and Playbook. Mostly all modules are being successfully installed/loading into Docker, but here is a snippet from the SO setup log where the issue lies.
I am using Ubuntu 18.04
I have a static IP setup for the server I'm working on
ID: fleetdb
Function: mysql_database.present
Name: fleet
Result: False
Comment: One or more requisite failed: mysql.so-mysql
Started: 21:07:54.333399
Duration: 0.011 ms
Changes:
ID: fleetdbuser
Function: mysql_user.present
Result: False
Comment: One or more requisite failed: fleet.fleetdb
Started: 21:07:54.337203
Duration: 0.006 ms
Changes:
ID: fleetdbpriv
Function: mysql_grants.present
Result: False
Comment: One or more requisite failed: fleet.fleetdb
Started: 21:07:54.340117
Duration: 0.006 ms
Changes:
and
ID: create_playbookdbuser
Function: mysql_user.present
Name: playbookdbuser
Result: False
Comment: MySQL Error 2003: Can't connect to MySQL server on '192.168.0.19' (110)
Started: 21:08:07.936111
Duration: 261912.003 ms
Changes:
ID: query_playbookdbuser_grants
Function: mysql_query.run
Result: False
Comment: MySQL Error 2003: Can't connect to MySQL server on '192.168.0.19' (110)
Started: 21:12:29.849936
Duration: 131064.848 ms
Changes:
ID: query_updatwebhooks
Function: mysql_query.run
Result: False
Comment: MySQL Error 2003: Can't connect to MySQL server on '192.168.0.19' (110)
Started: 21:14:40.915454
Duration: 131071.339 ms
Changes:
ID: query_updatepluginurls
Function: mysql_query.run
Result: False
Comment: MySQL Error 2003: Can't connect to MySQL server on '192.168.0.19' (110)
Started: 21:16:51.987499
Duration: 131070.6 ms
Changes:
So, this mostly looks like a MySQL server issue that I am having and I am not sure how to go about this. I have MySQL Server installed, through sudo apt-get install mysql-server and I am able to access it, this is what it brings back when I look for Users and Databases.
+------------------+-----------+
| User | Host |
+------------------+-----------+
| debian-sys-maint | localhost |
| mysql.session | localhost |
| mysql.sys | localhost |
| root | localhost |
+------------------+-----------+
mysql> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
Because of these modules failing, the Security Onion setup failed and came back with Install had a problem. Please see /root/sosetup.log for details. A summary of errors can be found in /root/errors.log. Press OK to exit.
Any and all help would be very appreciated, and if you have any questions about anything regarding hardware, software, etc, feel free to ask.
Thank you
Update: This is where I am at now with this issue
I commented out the loopback address under my.cnf in /etc/mysql and that may have fixed most of the underlying issue, but I am now left with 3 playbook modules that were left 'unchanged' (broken, as I would put it). Here is the output from running so-playbook-restart:
Function: mysql_query.run
Result: None
Comment: Database query_playbookdbuser_grants is not present
Started: 16:25:17.691762
Duration: 31.445 ms
Changes:
ID: query_updatwebhooks
Function: mysql_query.run
Result: None
Comment: Database query_updatwebhooks is not present
Started: 16:25:17.723549
Duration: 30.857 ms
Changes:
ID: query_updatepluginurls
Function: mysql_query.run
Result: None
Comment: Database query_updatepluginurls is not present
Started: 16:25:17.754968
Duration: 34.591 ms
Changes:
I have a working MySQL (MariaDB) Server running on my raspberry pi. It works fine when I want to connect to it from my local network.
My specs are as followed:
MariaDB [mysql]> SHOW VARIABLES LIKE "%version%";
+-----------------------------------+------------------------------------------+
| Variable_name | Value |
+-----------------------------------+------------------------------------------+
| in_predicate_conversion_threshold | 1000 |
| innodb_version | 10.3.22 |
| protocol_version | 10 |
| slave_type_conversions | |
| system_versioning_alter_history | ERROR |
| system_versioning_asof | DEFAULT |
| version | 10.3.22-MariaDB-0+deb10u1 |
| version_comment | Raspbian 10 |
| version_compile_machine | armv8l |
| version_compile_os | debian-linux-gnueabihf |
| version_malloc_library | system |
| version_source_revision | 0152704ae3f857668dbc05803950adcf131b8685 |
| version_ssl_library | YaSSL 2.4.4 |
| wsrep_patch_version | wsrep_25.24 |
+-----------------------------------+------------------------------------------+
14 rows in set (0.013 sec)
But I want to be able to access it not only from my local network I want to be able to access it from everywhere in the world. How do I do that ?
I wouldn't recommend you to expose a database to the world. Usually a database will seat behind of an app server that will serve web pages, web services (or rest calls). This app server will read or write to the database as needed.
Having said that, it's technically possible to expose the database. Again, don't do it. ...but if you must:
Configure the engine to serve remote hosts, and not just the local apps:
sudo vi /etc/mysql/my.cnf
and set the bind address to:
bind-address = 0.0.0.0
then, restart the engine:
sudo service mysql restart
Create a MariaDB user with access from everywhere (using #'%'), as in:
create user 'myuser'#'%' identified by 'mypass';
Grant this user access to a database (assuming you already created a database):
grant all on my_database.* to 'myuser'#'%';
Finally, open your home firewall. Enter the admin page of your router and find the "Port Forwarding" section. There, add a rule to listen to the world to port 3306 (TCP) and redirect it to your local raspberry pi IP address. Save the rule. You may need to restart the router.
That's it. Your raspberri pi database is now listening to the world. I would suggest configuring SSL on the connection at least, so passwords (and data) are not sent in plain text over the wire.
Extra, for the same price: Listening on which address, you may ask? Your home address as seen by your ISP. Now, can I use a fake domain name in case the IP changes, you may ask? You can use a free DNS service such as duckdns.org. It's free and works like a charm in a raspoberry pi (I use it since 2015).
For Raspberry Pi 4 and MariaDB version:
10.5.15-MariaDB-0+deb11u1 Debian 11
you will need to edit the right configuration file as below:
sudo nano /etc/mysql/mariadb.conf.d/50-server.cnf
and set the bind address:
bind-address = 0.0.0.0
then restart the MariaDB service:
sudo service mariadb restart
there are many posts out there about resolving this issue, however, none of them work for me. I am signed in as root on MySQL within my computer. after signing in with $ mysql -u root -p and enter my password I enter in and try to create a user with CREATE USER 'test'#'localhost'; but then I get the error:
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
after printing my variables with SHOW VARIABLES LIKE 'validate_password%'; I get:
+--------------------------------------+--------+
| Variable_name | Value |
+--------------------------------------+--------+
| validate_password.check_user_name | ON |
| validate_password.dictionary_file | |
| validate_password.length | 8 |
| validate_password.mixed_case_count | 1 |
| validate_password.number_count | 1 |
| validate_password.policy | MEDIUM |
| validate_password.special_char_count | 1 |
+--------------------------------------+--------+
I have tried with this solution as well as this, however, when trying uninstall the validate password with: UNINSTALL plugin validate_password; I get:
ERROR 1305 (42000): PLUGIN validate_password does not exist
whenever I try to set a variable I get the error:
ERROR 1193 (HY000): Unknown system variable 'validate_password_policy'
in between the quotation marks above can be replaced with any variable.
I am correctly signed in as root. and just starting to lose my mind over this.
thank you for your help.
Edits:
I have tried to find my my.cnf file followingthis comment and while I have found it any editing to the file causes a socket error:
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
I have also tried uninstalling and reinstally MySQL through homebrew however the error continues with the policy requirements.
So the error was that I cannot create a user without a password: mysql> CREATE USER 'test'#'localhost'; this will fail because I cannot create a user without stating the password, even if I will assign it later I need to create and set the password.
So:
mysql> CREATE USER 'test'#'localhost' IDENTIFIED BY 'Password1';
Password1 should be replaced with your desired password.
after trying with some simple passwords, I got this error, then checked the variables table with this SHOW VARIABLES LIKE 'validate_password%';
the output shows that the policy is already set to low, then what I did is just followed what is mentioned here to build the password, which is like, using at least 8 chars, 1 number at least, mixing of case letters etc. After that performed the command 'ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password by 'mysql0_rT'; and then there was no error.
I installed MySql 8 on Linux
~$ mysql --version
mysql Ver 8.0.11 for Linux on x86_64 (MySQL Community Server - GPL)
I performed all the basic configuration (created one schema, one user with grants for that schema and some tables). I tryed to perform a connection by using xdevapi in node.js, just a simple test.
const mysqlx = require('#mysql/xdevapi');
const dbCfg = {
"host": "127.0.0.1",
"port": 3306,
"password": "xxxxxxxxx",
"user": "someuser",
"schema": "someschema"
};
mysqlx.getSession(dbCfg).then(session => {
console.log("this is the session! ", session);
});
And I get the following error:
"Error: The server connection is not using the X Protocol. Make sure you
are connecting to the correct port and using a MySQL 5.7.12 (or higher) server intance"
If I google for "the server connection is not using the X Protocol" I get just one result! to the source code of the connector (https://dev.mysql.com/doc/dev/connector-nodejs/8.0/lib_Protocol_Client.js.html).
If I try to connect via mysqlsh with the same parameters everything works ok.
If I run the query "show plugins", the mysqlx plugin is there:
| ngram | ACTIVE | FTPARSER | NULL | GPL |
| mysqlx | ACTIVE | DAEMON | NULL | GPL |
| mysqlx_cache_cleaner | ACTIVE | AUDIT | NULL | GPL |
So everything seems to be ok
Any suggestion/help?
Thanks in advance!
You are connecting to the wrong port. The X DevAPI is supported through the X Protocol and the X plugin on the server which is available, by default, on port 33060.
Mysql on Centos6 (and other distros iirc) initializes multiple root users (where host.domain is my hostname):
select User,Host,Password from mysql.user where User = 'root';
+------+-------------+-------------------------------------------+
| User | Host | Password |
+------+-------------+-------------------------------------------+
| root | localhost | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
| root | host.domain | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
| root | 127.0.0.1 | *2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19 |
+------+-------------+-------------------------------------------+
I do not understand the purpose of the root#'host.domain' and root#'127.0.0.1' entries. In what situation is the Host of a localhost connection not 'localhost'? I thought all local connections were interpreted as from 'localhost'.
Well you could if you wanted to, edit etc/hosts and set localhost to something other than 127.0.0.1 for instance.
If your running a webhost, your apache server may host multiple domains on the same server. In that case, 127.0.0.1 points to multiple domains. For example, /etc/hosts may look like this.
127.0.0.1 localhost www.gregsblog.com www.dannisrecipes.org www.schoolofsql.edu
Now when php tries to access MySQL, if its the apache system running php, his request will be root#localhost. This is good! Now what if Greg tries to get to it? His request goes in as root#www.gregsblog.com. This is good too because we don't want shady Greg getting into our database.
host.domain just makes it easier IMO if you move the host. So root#host.domain even if you eventually separate into two distinct application and data servers.
You use root#localhost versus root#remoteipaddress. They are used for remote host access so other servers can connect to your database.