[2002] Can't connect to MySQL server on 'mysql_database_ip' (13)
Hello Zabbix experts,
Sorry for the lengthy post, but I've looked everywhere and tried almost everything. I'm out of options at this point so any help would be greatly appreciated.
I'm having trouble connecting our zabbix server to mysql, all on-prem.
Setup:
zabbixvm1 -- Centos 8 | Zabbix Front End, Zabbix Server
zabbixvm2 -- Centos 8 | MySQL database
I'm able to connect to the MySQL database via Front End on zabbixvm1, just not by zabbix server.
I'm also able to remotely connect to the mysql vm from the zabbix server vm via:
[root@zabbixvm1 ~]# mysql -u zabbixvm1-server -h zabbix_vm2_password -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2024
Server version: 8.0.26 Source distribution
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
Disabling SELinux stops zabbix-server. So I'm unable to do that.
The error I get is:
database is down: reconnecting in 10 seconds
[Z3001] connection to database 'zabbix' failed: [2002] Can't connect to MySQL server on 'zabbixvm2_ip_address' (13)
I think it may have something to do with SELINUX blocking the connection. I've executed the following on the zabbix server vm to no avail:
setsebool -P httpd_can_connect_zabbix on
setsebool -P httpd_can_network_connect_db on
service httpd restart
The audit log also shows denied connections for zabbix_server dest=3306.
More info on the setup below:
MySQL users:
mysql> SELECT user FROM mysql.user;
+-------------------+
| user |
+-------------------+
| zabbixvm1-server |
| zabbixvm1-webui |
| mysql.infoschema |
| mysql.session |
| mysql.sys |
| root |
| zabbixvm2-local |
+-------------------+
7 rows in set (0.00 sec)
Plan:
Allocating the zabbixvm1-server user for zabbix server on zabbixvm1.
Allocating the zabbixvm1-webui user for zabbix front end on zabbixvm1.
Permissions:
mysql> SHOW GRANTS FOR 'zabbixvm1-webui'@'123.123.123.123';
+------------------------------------------------------------------------+
| Grants for [email protected] |
+------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `zabbixvm1-webui`@`123.123.123.123` |
| GRANT ALL PRIVILEGES ON `zabbix`.* TO `zabbixvm1-webui`@`123.123.123.123` |
+------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql> SHOW GRANTS FOR 'zabbixvm1-server'@'123.123.123.123';
+-------------------------------------------------------------------------+
| Grants for [email protected] |
+-------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `zabbixvm1-server`@`123.123.123.123` |
| GRANT ALL PRIVILEGES ON `zabbix`.* TO `zabbixvm1-server`@`123.123.123.123` |
+-------------------------------------------------------------------------+
2 rows in set (0.00 sec)
/etc/zabbix/web/zabbix.conf.php
$DB['TYPE'] = 'MYSQL';
$DB['SERVER'] = 'zabbixvm2';
$DB['PORT'] = '0';
$DB['DATABASE'] = 'zabbix';
$DB['USER'] = 'zabbixvm1-webui';
$DB['PASSWORD'] = 'my_password';
/etc/zabbix/zabbix_server.conf
DBHost=zabbixvm2_ip_address
DBName=zabbix
DBUser=zabbixvm1-server
DBPassword=my_password
DBPort=3306
Sorry for the lengthy post, but I've looked everywhere and tried almost everything. I'm out of options at this point so any help would be greatly appreciated.
I'm having trouble connecting our zabbix server to mysql, all on-prem.
Setup:
zabbixvm1 -- Centos 8 | Zabbix Front End, Zabbix Server
zabbixvm2 -- Centos 8 | MySQL database
I'm able to connect to the MySQL database via Front End on zabbixvm1, just not by zabbix server.
I'm also able to remotely connect to the mysql vm from the zabbix server vm via:
[root@zabbixvm1 ~]# mysql -u zabbixvm1-server -h zabbix_vm2_password -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2024
Server version: 8.0.26 Source distribution
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
Disabling SELinux stops zabbix-server. So I'm unable to do that.
The error I get is:
database is down: reconnecting in 10 seconds
[Z3001] connection to database 'zabbix' failed: [2002] Can't connect to MySQL server on 'zabbixvm2_ip_address' (13)
I think it may have something to do with SELINUX blocking the connection. I've executed the following on the zabbix server vm to no avail:
setsebool -P httpd_can_connect_zabbix on
setsebool -P httpd_can_network_connect_db on
service httpd restart
The audit log also shows denied connections for zabbix_server dest=3306.
More info on the setup below:
MySQL users:
mysql> SELECT user FROM mysql.user;
+-------------------+
| user |
+-------------------+
| zabbixvm1-server |
| zabbixvm1-webui |
| mysql.infoschema |
| mysql.session |
| mysql.sys |
| root |
| zabbixvm2-local |
+-------------------+
7 rows in set (0.00 sec)
Plan:
Allocating the zabbixvm1-server user for zabbix server on zabbixvm1.
Allocating the zabbixvm1-webui user for zabbix front end on zabbixvm1.
Permissions:
mysql> SHOW GRANTS FOR 'zabbixvm1-webui'@'123.123.123.123';
+------------------------------------------------------------------------+
| Grants for [email protected] |
+------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `zabbixvm1-webui`@`123.123.123.123` |
| GRANT ALL PRIVILEGES ON `zabbix`.* TO `zabbixvm1-webui`@`123.123.123.123` |
+------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql> SHOW GRANTS FOR 'zabbixvm1-server'@'123.123.123.123';
+-------------------------------------------------------------------------+
| Grants for [email protected] |
+-------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `zabbixvm1-server`@`123.123.123.123` |
| GRANT ALL PRIVILEGES ON `zabbix`.* TO `zabbixvm1-server`@`123.123.123.123` |
+-------------------------------------------------------------------------+
2 rows in set (0.00 sec)
/etc/zabbix/web/zabbix.conf.php
$DB['TYPE'] = 'MYSQL';
$DB['SERVER'] = 'zabbixvm2';
$DB['PORT'] = '0';
$DB['DATABASE'] = 'zabbix';
$DB['USER'] = 'zabbixvm1-webui';
$DB['PASSWORD'] = 'my_password';
/etc/zabbix/zabbix_server.conf
DBHost=zabbixvm2_ip_address
DBName=zabbix
DBUser=zabbixvm1-server
DBPassword=my_password
DBPort=3306
Comment