openstack-api-site

Ubuntu mysql won't accept remote connections

Bug #1724023 reported by Matt Verran
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openstack-api-site
Confirmed
Undecided
Unassigned

Bug Description

This bug tracker is for errors with the documentation, use the following as a template and remove or add fields as you see fit. Convert [ ] into [x] to check boxes:

- [ ] This doc is inaccurate in this way: ______
- [ ] This is a doc addition request.
- [x] I have a fix to the document that I can paste below including example: input and output.

We need to correct the userdata for the api-services install to change /etc/mysql/conf.d/mysql.cnf

sed -i 's/^bind-address/#bind-address/g' /etc/mysql/mysql.conf.d/mysqld.cnf

Failure to do so gives connection refused from the api-workers.

If you have a troubleshooting or support issue, use the following resources:

 - Ask OpenStack: http://ask.openstack.org
 - The mailing list: http://lists.openstack.org
 - IRC: 'openstack' channel on Freenode

-----------------------------------
Release: 0.1 on 2017-10-15 08:38
SHA: 3a85f163cb7433ef2063ead9ae4a823b25322e4a
Source: https://git.openstack.org/cgit/openstack/api-site/tree/doc/source/scaling_out.rst
URL: https://developer.openstack.org/firstapp-libcloud/scaling_out.html

Tags: firstapp
Revision history for this message
Matt Verran (mv-2112) wrote :

Actually looks like the issue is in https://git.openstack.org/cgit/openstack/faafo/plain/contrib/install.sh. Its attempting to do it but however its intending to do it it doesn't work for ubuntu 16.04. Will update if I find a workaround.

if [[ $INSTALL_DATABASE -eq 1 ]]; then
        if [[ $ID = 'ubuntu' || $ID = 'debian' ]]; then
            sudo DEBIAN_FRONTEND=noninteractive apt-get install -y mysql-server python-mysqldb
            sudo sed -i -e "/bind-address/d" /etc/mysql/my.cnf
            sudo service mysql restart
        elif [[ $ID = 'fedora' ]]; then
            sudo dnf install -y mariadb-server python-mysql
            printf "[mysqld]\nbind-address = 127.0.0.1\n" | sudo tee /etc/my.cnf.d/faafo.conf
            sudo systemctl enable mariadb
            sudo systemctl start mariadb
        else
            echo "error: distribution $ID not supported"
            exit 1
        fi
        sudo mysqladmin password password
        sudo mysql -uroot -ppassword mysql -e "CREATE DATABASE IF NOT EXISTS faafo; GRANT ALL PRIVILEGES ON faafo.* TO 'faafo'@'%' IDENTIFIED BY 'password';"
        URL_DATABASE='mysql://root:password@localhost/faafo'
    fi

Revision history for this message
Matt Verran (mv-2112) wrote :

using this diff on https://git.openstack.org/cgit/openstack/faafo/plain/contrib/install.sh allows faafo list to work, faafo create etc.

*************** if [[ -e /etc/os-release ]]; then
*** 84,91 ****
      if [[ $INSTALL_DATABASE -eq 1 ]]; then
          if [[ $ID = 'ubuntu' || $ID = 'debian' ]]; then
              sudo DEBIAN_FRONTEND=noninteractive apt-get install -y mysql-server python-mysqldb
! sudo sed -i -e "/bind-address/d" /etc/mysql/my.cnf
! sudo service mysql restart
          elif [[ $ID = 'fedora' ]]; then
              sudo dnf install -y mariadb-server python-mysql
              printf "[mysqld]\nbind-address = 127.0.0.1\n" | sudo tee /etc/my.cnf.d/faafo.conf
--- 84,93 ----
      if [[ $INSTALL_DATABASE -eq 1 ]]; then
          if [[ $ID = 'ubuntu' || $ID = 'debian' ]]; then
              sudo DEBIAN_FRONTEND=noninteractive apt-get install -y mysql-server python-mysqldb
! #sudo sed -i -e "/bind-address/d" /etc/mysql/my.cnf
! #sudo service mysql restart
! sudo sed -i 's/^bind-address/#bind-address/g' /etc/mysql/mysql.conf.d/mysqld.cnf
! sudo systemctl restart mysql
          elif [[ $ID = 'fedora' ]]; then
              sudo dnf install -y mariadb-server python-mysql
              printf "[mysqld]\nbind-address = 127.0.0.1\n" | sudo tee /etc/my.cnf.d/faafo.conf

Unfortunately, something is still not quite right as the file sizes are all 0bytes.

ubuntu@app-api-1:~$ faafo list
2017-10-16 18:20:43.499 8667 INFO faafo.client [-] listing all fractals
+--------------------------------------+-------------------+----------+
| UUID | Dimensions | Filesize |
 +--------------------------------------+-------------------+----------+
| 3773be9c-bd40-4b74-bfe2-79246597e9d6 | 540 x 718 pixels | 0 bytes |
| 5e79b660-441f-430a-a132-18fc0e3344de | 692 x 356 pixels | 0 bytes |
| 96b7aab4-8680-4ed1-8eed-6564bf26c6b0 | 740 x 397 pixels | 0 bytes |
| 96b8c1e7-73d2-4154-8b17-bdee51e56ace | 951 x 1006 pixels | 0 bytes |
| a975ff83-d2f8-4e95-a41b-ae48bfdfc28a | 713 x 618 pixels | 0 bytes |
| fae5cfb9-fed0-462f-bc6c-f6c37df20fdb | 632 x 300 pixels | 0 bytes |
 +--------------------------------------+-------------------+----------+

Revision history for this message
Matt Verran (mv-2112) wrote :

The 0 byte issue is due to workers not being able to auth against the messaging server. Since Rabbitmq 3.3.x the guest user cannot connect remotely.

Revision history for this message
Matt Verran (mv-2112) wrote :

Horrendously insecure but fixes this issue too. Not recommended for fix but does work.

ubuntu@app-services:/var/log/rabbitmq$ sudo sudo rabbitmqctl set_permissions -p / guest ".*" ".*" ".*"
Setting permissions for user "guest" in vhost "/" ...
ubuntu@app-services:/var/log/rabbitmq$ sudo service rabbitmq-server restart

ubuntu@app-services:~$ cat /etc/rabbitmq/rabbitmq.config
[{rabbit, [{loopback_users, []}]}].

Tom Fifield (fifieldt)
Changed in openstack-api-site:
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.