Hello. I have ispConfig with full service on one VM and on the second one i have only second DNS ns2.sampledomain.net After upgrade base system on first VM (ubuntu server 24) and second (debian 12.8) dns records from first one don't synchronise with second one. i tried on the second vm ispconfig_update.sh but this stops when says "Unable to connect to mysql server No such file or directory MySQL root password [mydbpassword] what i have done bad?
You should check mysql on first server as well! The 2nd dns, if configured correctly, should not be depending on mysql functioning for dns slave zone updates. You do need a working mysql for creating new slave domains, deleting existing ones or altering slave zone settings. My guess is mysql isn't working on your first server as well and therefor not adding/deleting/changing any records in your first dns. If that one is not updating then your 2nd one doesn't have anything new to sync.
Ok, so mysql seems to be working on first server. Otherwise you wouldn't be able to open and login to ISPConfig. So you have multiple problems with your 2nd server. - Mysql has issues - Dns slave zones aren't updating Fix mysql first.
something went wrong ... root@hosting2:/home/adam# systemctl start mysql Failed to start mysql.service: Unit mysql.service not found.
Ok, that's why ISPConfig can not work. Try to run: apt install mariadb-server and check if it works then.
instaled. Now when i'm try to update ispConfig i have this error Unable to connect to mysql server Access denied for user 'root'@'localhost' (using password: YES) MySQL root password [mydbpassword]:
If you have set a new mysql root password, then this new password must be set in the file /usr/local/ispconfig/server/lib/mysql_clientdb.conf too.
>> Update Operating System: Debian 12.0 (Bookworm) or compatible This application will update ISPConfig 3 on your server. Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]: no Checking MariaDB version 10.11.6 .. OK MySQL master server hostname [hosting1.mydomain.net]: MySQL master server port []: MySQL master server root username [root]: MySQL master server root password []: MySQL master server database name [dbispconfig]: Unable to connect to mysql server Connection refused
You must be able to login from slave node to master mysql server as root user. Either you removed the root user or changed its password on the master server. You must fix that before you can finish the update on the slave node.
password for slave node db is correct, for master node is the same but script cannot connect. all vm can ping each other
The problem is not the script, the problem is that a mysql client can not connect to the master db with the username root and the password you provided. You must fix the root user for the connection from slave to master on the master node so that MySQL clients can connect from slave to master.
i logged root with that same password into db on master vm so it's working. How can i chest connection priveliges?
You must test this from slave node, not master. the root user that connects from the slave is a different user. Run this on the slave to test it: mysql -h hosting1.mydomain.net -u root -p dbispconfig and enter the root password when requested by the command.
When i type this: mysql -h hosting1.mydomain.net -u root - p dbispconfig it's shows that messeges (ping hosting1.mydomain.net resolve good ip): mysql Ver 15.1 Distrib 10.11.6-MariaDB, for debian-linux-gnu (x86_64) using EditLine wrapper Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Usage: mysql [OPTIONS] [database] Default options are read from the following files in the given order: /etc/my.cnf /etc/mysql/my.cnf ~/.my.cnf The following groups are read: mysql mariadb-client client client-server client-mariadb The following options may be given as the first argument: --print-defaults Print the program argument list and exit. --no-defaults Don't read default options from any option file. The following specify which files/extra groups are read (specified before remaining options): --defaults-file=# Only read default options from the given file #. --defaults-extra-file=# Read this file after the global files are read. --defaults-group-suffix=# Additionally read default groups with # appended as a suffix. -?, --help Display this help and exit. -I, --help Synonym for -? --abort-source-on-error Abort 'source filename' operations in case of errors --auto-rehash Enable automatic rehashing. One doesn't need to use 'rehash' to get table and field completion, but startup and reconnecting may take a longer time. Disable with --disable-auto-rehash. (Defaults to on; use --skip-auto-rehash to disable.) -A, --no-auto-rehash No automatic rehashing. One has to use 'rehash' to get table and field completion. This gives a quicker start of mysql and disables rehashing on reconnect. --auto-vertical-output Automatically switch to vertical output mode if the result is wider than the terminal width. -B, --batch Don't use history file. Disable interactive behavior. (Enables --silent.) --binary-as-hex Print binary data as hex --character-sets-dir=name Directory for character set files. --column-type-info Display column type information. -c, --comments Preserve comments. Send comments to the server. The default is --skip-comments (discard comments), enable with --comments. -C, --compress Use compression in server/client protocol. -#, --debug[=#] This is a non-debug version. Catch this and exit. --debug-check Check memory and open file usage at exit. -T, --debug-info Print some debug info at exit. -D, --database=name Database to use. --default-character-set=name Set the default character set. --delimiter=name Delimiter to be used. -e, --execute=name Execute command and quit. (Disables --force and history file.) --enable-cleartext-plugin Obsolete option. Exists only for MySQL compatibility. -E, --vertical Print the output of a query (rows) vertically. -f, --force Continue even if we get an SQL error. Sets abort-source-on-error to 0 -G, --named-commands Enable named commands. Named commands mean this program's internal commands; see mysql> help . When enabled, the named commands can be used from any line of the query, otherwise only from the first line, before an enter. Disable with --disable-named-commands. This option is disabled by default. -i, --ignore-spaces Ignore space after function names. --init-command=name SQL Command to execute when connecting to MariaDB server. Will automatically be re-executed when reconnecting. --local-infile Enable/disable LOAD DATA LOCAL INFILE. -b, --no-beep Turn off beep on error. -h, --host=name Connect to host. -H, --html Produce HTML output. -X, --xml Produce XML output. --line-numbers Write line numbers for errors. (Defaults to on; use --skip-line-numbers to disable.) -L, --skip-line-numbers Don't write line number for errors. -n, --unbuffered Flush buffer after each query. --column-names Write column names in results. (Defaults to on; use --skip-column-names to disable.) -N, --skip-column-names Don't write column names in results. --sigint-ignore Ignore SIGINT (CTRL-C). -o, --one-database Ignore statements except those that occur while the default database is the one named at the command line. --pager[=name] Pager to use to display results. If you don't supply an option, the default pager is taken from your ENV variable PAGER. Valid pagers are less, more, cat [> filename], etc. See interactive help (\h) also. This option does not work in batch mode. Disable with --disable-pager. This option is disabled by default. -p, --password[=name] Password to use when connecting to server. If password is not given it's asked from the tty. -P, --port=# Port number to use for connection or 0 for default to, in order of preference, my.cnf, $MYSQL_TCP_PORT, /etc/services, built-in default (3306). --progress-reports Get progress reports for long running commands (like ALTER TABLE) (Defaults to on; use --skip-progress-reports to disable.) --prompt=name Set the command line prompt to this value. --protocol=name The protocol to use for connection (tcp, socket, pipe). -q, --quick Don't cache result, print it row by row. This may slow down the server if the output is suspended. Doesn't use history file. -r, --raw Write fields without conversion. Used with --batch. --reconnect Reconnect if the connection is lost. Disable with --disable-reconnect. This option is enabled by default. (Defaults to on; use --skip-reconnect to disable.) -s, --silent Be more silent. Print results with a tab as separator, each row on new line. -S, --socket=name The socket file to use for connection. --ssl Enable SSL for connection (automatically enabled with other flags). (Defaults to on; use --skip-ssl to disable.) --ssl-ca=name CA file in PEM format (check OpenSSL docs, implies --ssl). --ssl-capath=name CA directory (check OpenSSL docs, implies --ssl). --ssl-cert=name X509 cert in PEM format (implies --ssl). --ssl-cipher=name SSL cipher to use (implies --ssl). --ssl-key=name X509 key in PEM format (implies --ssl). --ssl-crl=name Certificate revocation list (implies --ssl). --ssl-crlpath=name Certificate revocation list path (implies --ssl). --tls-version=name TLS protocol version for secure connection. --ssl-verify-server-cert Verify server's "Common Name" in its cert against hostname used when connecting. This option is disabled by default. -t, --table Output in table format. --tee=name Append everything into outfile. See interactive help (\h) also. Does not work in batch mode. Disable with --disable-tee. This option is disabled by default. -u, --user=name User for login if not current user. -U, --safe-updates Only allow UPDATE and DELETE that uses keys. -U, --i-am-a-dummy Synonym for option --safe-updates, -U. -v, --verbose Write more. (-v -v -v gives the table output format). -V, --version Output version information and exit. -w, --wait Wait and retry if connection is down. --connect-timeout=# Number of seconds before connection timeout. --max-allowed-packet=# The maximum packet length to send to or receive from server. --net-buffer-length=# The buffer size for TCP/IP and socket communication. --select-limit=# Automatic limit for SELECT when using --safe-updates. --max-join-size=# Automatic limit for rows in a join when using --safe-updates. --secure-auth Refuse client connecting to server if it uses old (pre-4.1.1) protocol. --server-arg=name Send embedded server this as a parameter. --show-warnings Show warnings after every statement. --plugin-dir=name Directory for client-side plugins. --default-auth=name Default authentication client-side plugin to use. --binary-mode Binary mode allows certain character sequences to be processed as data that would otherwise be treated with a special meaning by the parser. Specifically, this switch turns off parsing of all client commands except \C and DELIMITER in non-interactive mode (i.e., when binary mode is combined with either 1) piped input, 2) the --batch mysql option, or 3) the 'source' command). Also, in binary mode, occurrences of '\r\n' and ASCII '\0' are preserved within strings, whereas by default, '\r\n' is translated to '\n' and '\0' is disallowed in user input. --connect-expired-password Notify the server that this client is prepared to handle expired password sandbox mode even if --batch was specified. Variables (--variable-name=value) and boolean options {FALSE|TRUE} Value (after reading options) --------------------------------- ---------------------------------------- abort-source-on-error FALSE auto-rehash TRUE auto-vertical-output FALSE binary-as-hex FALSE character-sets-dir (No default value) column-type-info FALSE comments FALSE compress FALSE debug-check FALSE debug-info FALSE database (No default value) default-character-set auto delimiter ; vertical FALSE force FALSE named-commands FALSE ignore-spaces FALSE init-command (No default value) local-infile FALSE no-beep FALSE host hosting1.czempin.net html FALSE xml FALSE line-numbers TRUE unbuffered FALSE column-names TRUE sigint-ignore FALSE port 0 progress-reports TRUE prompt \N [\d]> protocol quick FALSE raw FALSE reconnect TRUE socket /run/mysqld/mysqld.sock ssl TRUE ssl-ca (No default value) ssl-capath (No default value) ssl-cert (No default value) ssl-cipher (No default value) ssl-key (No default value) ssl-crl (No default value) ssl-crlpath (No default value) tls-version (No default value) ssl-verify-server-cert FALSE table FALSE user root safe-updates FALSE i-am-a-dummy FALSE connect-timeout 0 max-allowed-packet 16777216 net-buffer-length 16384 select-limit 1000 max-join-size 1000000 secure-auth FALSE show-warnings FALSE plugin-dir (No default value) default-auth (No default value) binary-mode FALSE connect-expired-password FALSE
Users in mysql/mariadb are on a per host basis. On the master server you need to have a root user that may connect from the slave server, besides the default root user that can connect from localhost. Unless your default master's root can connect from any host instead of only localhost. But that would be a very bad thing security wise.
ok, so on master vm i have root account, an ispconfig admin account for web panel and remote account. What i must do to connect from second VM to master database
Make sure the remote account can connect from the slave server to the master server. If it can then run the ispconfig update script again on the slave server, using that user when asked for master server root username, password etc. The script will handle the creation ispconfig users for the slave server within the master server's mysql that it will use after installation is done.
no, user "remote" cannot connect to master. Neither via mysql or ssh (ssh shows something like that) ssh [email protected] The authenticity of host 'hosting1.mydomain.net (91.236.XXX.YYY)' can't be established. ED25519 key fingerprint is SHA256:469QoiU1a8L5QxPs2Pk+bqeotGNZUJUXDyavIWg+9JI. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 'hosting1.czempin.net' (ED25519) to the list of known hosts. [email protected]'s password: Permission denied, please try again.
