Mysql problem

Discussion in 'ISPConfig 3 Priority Support' started by Stian Hartviksen, Apr 18, 2019.

  1. Stian Hartviksen

    Stian Hartviksen New Member HowtoForge Supporter

    Hi.
    Have got a strange problem that I cannot find a solution to. Hope someone have had a similar problem and can guide me to a solution.

    Have multiple ISPConfig server 3.1.13p1 (Ubuntu) in a multiserver setup. One month ago one of my servers (WEB3 with ip 10.100.20.91) lost database connection to the main server (ISPCONFIG ip 10.20.10.90). All other communication between the 2 servers are ok (eg SSH, FTP, Web ++) and there are no firewalls between the 2 ip segments - just a VPN tunnel between 2 different locations. Trying to connect to one of the other database servers (DB1 - IP 10.20.10.93) with mysql command is ok from WEB3. All other servers can connect to ISPCONFIG database - just not WEB3 which is "blocked out on port 3306" to ISPCONFIG. I cannot find any information in UFW, iptables or fail2ban regarding the ip of WEB3 on server ISPCONFIG.
    Have tried to install a new machine called DNS02 according to the "perfect server setup - Ubuntu 18.04". I was then able to connect to the database with "root" user to ISPCONFIG server. I then installed ispconfig in expert mode to connect to the ISPCONFIG server. The install was ok (ussed root user during install), but immediately after install I lost database connection to the ISPCONFIG server (Same problem as I had with WEB3).

    When trying to use the mysql command from DNS02 (which is server ISPCSRV8) to ISPCONFIG I get a connection timed out.
    The command is : [email protected]:~# mysql -hISPCONFIG -uispcsrv8 -pXXXXXXXXXXXXXXXX (correct password)
    Errormessage is : ERROR 2003 (HY000): Can't connect to MySQL server on 'ISPCONFIG' (110 "Connection timed out")
    Same error when trying to connect with "root" user with correct password. (Connection to machine DB1 is working with user root)
    Have also tried to telnet from DNS02 to ISPCONFIG to port 3306, and are only getting time out error.
    Have tried to reset the password for the ISPCSRV8 user on ISPCONFIG through phpmyadmin interface and then "flush PRIVILEGES" just to check if there was a problem with the password. the ISPCSRV8 user have the same privileges to the same databases as all the other ISPCSRVx users have, and it exists one user for domain name and one for ip adress.

    Have tried to check the mysql logs on the ISPCONFIG server, but cannot find any information there that DNS02 tries to connect or that it should be banned.

    Looking at phpmyadmin on ISPCONFIG server at "Status" -> "Processes" I can find a process from ispcsrv8 which is sleeping.
    Have tried to restart both ISPCONFIG and DNS02 server to force emptying of cache and blocking, but no luck. Have also updated all servers to latest software versions (apt update / apt upgrade).

    Database version on the different servers are :
    DNS02 : mysql Ver 15.1 Distrib 10.1.38-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
    ISPCONFIG : mysql Ver 15.1 Distrib 10.0.38-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2

    Looking at Ispconfig webgui under "Monitor" -> "System State" I can see all servers including the new DNS02 server, but there are missing some information on the DNS02 line:
    Server: ispconfig.skteknikk.no (Ubuntu 16.04.6 LTS (Xenial Xerus)) ISPConfig 3.1.13p1
    Server: dns02.skteknikk.no

    Looking at the "logfiles" in the webgui for DNS02 then I can see 18 lines in Freshhclam Log with timecode during installing of ispconfig - all other logfiles are empty.

    Hoping that someone have seen this before, and that I'm missing something basic with a easy fix.

    Thanks in advance.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    I never had this on any server, but my guess is that its a firewall problem. The 'symptoms' that you see in ISPConfig are the symptoms that one would expect when there is no database connection, so the whole problems come down MySQL connection failure from slave to master. Did you check with iptables and route if there are any rules or deny routes that might block the connection?
     

Share This Page