Hello, I have two ISPCONFIG servers (main ubuntu web/email server and a fallback mirror) on seperate VNs on a local univiDM network that have been working well. ISPCONFIG on the web/email server was updated and the connection has been lost to the mirror server. There appears to be no key in operaiotn anymore. I welcome advice on what to do. Thank you Terence
Perhaps you should update also the mirror server? Verify the settings of whatever thingy that connects the two servers.
When I ttyu to update either I get the error 'PHP Fatal error: Uncaught mysqli_sql_exception: Access denied for user 'root'@'localhost' (using password: YES) in /tmp/update_runner.sh.GSxKV756Ho/install/update.php:267 Stack trace: #0 /tmp/update_runner.sh.GSxKV756Ho/install/update.php(267): mysqli_connect() #1 {main} thrown in /tmp/update_runner.sh.GSxKV756Ho/install/update.php on line 267
You probably changed the MySQL root password. If you change the root password in MySQL/MariaDB, then you must set the new password in /usr/local/ispconfig/server/lib/mysql_clientdb.conf too. And when connection to master server as root during an update fails, then this means you entered the wrong root password for the root user in the master database during update.
Thank you Till and Taleman, As far as I know, I haven't changed the mariadb root password. I found that the keys for both master and mirror were missing and ssh between was not possible doing a simple ssh test.
In the master server /usr/local/ispconfig/server/lib/mysql_clientdb.conf hasd the correct password for mariadb testing using mysql -u root -p
ISPConfig is not connecting by SSH, so that's ok if the keys are missing. An ISPConfig slave node is connecting to the master by MySQL. Please check this on the server where you got the error from post #3.
The mirror server (192.168.5.11) had the master server (192.168.6.11) mariadb password in /usr/local/ispconfig/server/lib/mysql_clientdb.conf but that was different from the root password for mariadb on the mirror server. I changed the mariadb password in /usr/local/ispconfig/server/lib/mysql_clientdb.conf on the mirror server (192.168.5.11) to the same as would open mariadb on the miirror server. The update on the mirror now goes on until MySQL master server hostname [192.168.6.11]: MySQL master server port [3306]: MySQL master server root username [root]: MySQL master server root password []: I inserted correct master mariadb root password MySQL master server database name [dbispconfig]: Then get message Unable to connect to mysql server Host '192.168.5.11' is not allowed to connect to this MariaDB server
Your master server can have multiple root users, typically you have one root user for each external IP and external hostname that connects to it. You can test it with this command, run on the slave node: mysql -h 192.168.6.11 -u root -p dbispconfig and then enter the password. This must work for the update. If it does not work, then you either use the wrong password, or you have no root user that is allowed to connect from that slave to the master, or you have a firewall in between the servers that blocks the connection.
Can ping betrween mirror (192.168.5.11) and master (192.168.6.11) and firewall on uinifiDm set currently to any/any port but get repsonse ERROR 2002 (HY000): Received error packet before completion of TLS handshake. The authenticity of the following error cannot be verified: 1130 - Host '192.168.5.11' is not allowed to connect to this MariaDB server root@shirazi:/home/tlove#
So you have no matching root user on your master server. The user must have been there, as you would not have been able to install that ISPConfig slave without it. So it was either changed or removed. You must recreate a root user in the master db server that is able to connect from the slave node to install the update.
On the master server itself I can log into mysql via mysql -u root -p using the master server's root password However when I use the same master server root password with mysql -h 192.168.6.11 -u root -p dbispconfig from the mirror I get that error 2002
As mentioned, you must have a root user who is able to log in from the slave node. You must have had it at the time you installed ISPConfig. This root user can have a different password from the password of the root user that you connect to on localhost. See chapter 2.2 of the multiserver installation guide: https://www.howtoforge.com/tutorial/ispconfig-multiserver-setup-debian-ubuntu/
Thank you Till and Taleman for your patience and your help. Problem was toitally my fault. The problem was that immediately after the update I'd moved the mirror out of the DMZ onto a backup zone (using unifiDM) as I was also using it as a restic backup server. Somehow I presumed it would still be connected as I allowed 22 and 3306 through. So in short: Mirror sync broke after ISPConfig update but the update was coincidental Mirror had been moved from DMZ VLAN (192.168.6.12) to backup VLAN (192.168.5.11) MySQL grant for ispcsrv2 still referenced the old IP 192.168.6.12 Fix was a single GRANT statement adding 192.168.5.11 Sync resumed immediately Many thanks!
