Join Log in
Score:1
Hojii avatar Server

MySQL ERROR 1045 Access denied for 'nova'@'controller'

za flag
Hojii

Description

I installed Openstack Wallaby using OpenStack Installation Guide, all command and configuration is on my Github. This LAB is running on VirtualBox and I have another LAB with the same configuration and Openstack version on ESXi without any problem.

At this point one controller with two compute node.

In the below section improve database permission confgured correctly

Databases are created properly:

user@controller001:~$ sudo mysql
MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database           |
+--------------------+
| glance             |
| information_schema |
| keystone           |
| mysql              |
| nova               |
| nova_api           |
| nova_cell0         |
| performance_schema |
| placement          |
+--------------------+

Grant all permissions for those databases:

MariaDB [(none)]> SHOW GRANTS FOR nova;
+---------------------------------------------+
| Grants for nova@%                                                                                   |
+---------------------------------------------+
| GRANT USAGE ON *.* TO `nova`@`%` IDENTIFIED BY PASSWORD '*3A4A03AC22526F6B591010973A741D59A71D728E' |
| GRANT ALL PRIVILEGES ON `nova`.* TO `nova`@`%`                                                      |
| GRANT ALL PRIVILEGES ON `nova_cell0`.* TO `nova`@`%`                                                |
| GRANT ALL PRIVILEGES ON `nova_api`.* TO `nova`@`%`                                                  |
+---------------------------------------------+

Have access to databases remotely from compute node:

user@compute001:~$ mysql -unova -popenstack -h controller001

MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| nova               |
| nova_api           |
| nova_cell0         |
+--------------------+

Mysql log after restarting nova services:

user@controller001:~$ sudo systemctl restart nova-*

user@controller001:~$ sudo tail -f /var/log/mysql/error.log
2021-10-02 12:52:12 112 [Warning] Aborted connection 112 to db: 'nova' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 118 [Warning] Aborted connection 118 to db: 'nova_api' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 116 [Warning] Aborted connection 116 to db: 'nova' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 119 [Warning] Aborted connection 119 to db: 'nova_api' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 115 [Warning] Aborted connection 115 to db: 'nova' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 113 [Warning] Aborted connection 113 to db: 'nova' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 114 [Warning] Aborted connection 114 to db: 'nova' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 117 [Warning] Aborted connection 117 to db: 'nova' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 109 [Warning] Aborted connection 109 to db: 'nova' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 110 [Warning] Aborted connection 110 to db: 'nova' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 111 [Warning] Aborted connection 111 to db: 'nova' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 108 [Warning] Aborted connection 108 to db: 'nova_cell0' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 103 [Warning] Aborted connection 103 to db: 'nova_api' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 102 [Warning] Aborted connection 102 to db: 'nova_api' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:12 105 [Warning] Aborted connection 105 to db: 'nova_cell0' user: 'nova' host: 'controller001' (Got an error reading communication packets)
2021-10-02 12:52:16 141 [Warning] Access denied for user 'nova'@'controller001' (using password: YES)
2021-10-02 12:52:16 142 [Warning] Access denied for user 'nova'@'controller001' (using password: YES)
2021-10-02 12:52:17 147 [Warning] Access denied for user 'nova'@'controller001' (using password: YES)

Got an error reading communication packets

Here are some suggestions to resolve this error:

SET GLOBAL max_allowed_packet = 1024 * 1024 * 256; 
set @@global.max_connections = 400;
SET GLOBAL interactive_timeout=6000;
SET GLOBAL innodb_buffer_pool_size = 1024 * 1024 * 2;

Any try to discover new host make the below error:

user@controller001:~$ sudo su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
....
sqlalchemy.exc.OperationalError: (pymysql.err.OperationalError) (1045, "Access denied for user 'nova'@'controller001' (using password: YES)")
(Background on this error at: http://sqlalche.me/e/13/e3q8)

And, but I am not sure it is a bug or not

user@controller001:~$ os hypervisor list
Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible.
<class 'sqlalchemy.exc.OperationalError'> (HTTP 500) (Request-ID: req-d6edcfa3-ccf2-4eb8-80f8-041cb55e772d)

name configuration:

user@controller001:~$ . admin-openrc 
user@controller001:~$ os endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                            |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
| 1e2f0fc829f84a53a337bbb70e7679af | RegionOne | nova         | compute      | True    | internal  | http://controller001:8774/v2.1 |
| 38e967a4c87f4464ba6ac965c889f6a4 | RegionOne | placement    | placement    | True    | admin     | http://controller001:8778      |
| 398d51ab439f4afc8fb7c71adc1bf3a9 | RegionOne | keystone     | identity     | True    | internal  | http://controller001:5000/v3/  |
| 4aaf9ac0ccec41978e541a0de0e55ed4 | RegionOne | nova         | compute      | True    | public    | http://controller001:8774/v2.1 |
| 52ba2047ed864b9aa6ad352ba2fe59dc | RegionOne | nova         | compute      | True    | admin     | http://controller001:8774/v2.1 |
| 659ed7ae84074b30a6a4941648b994c3 | RegionOne | placement    | placement    | True    | internal  | http://controller001:8778      |
| 9cd126c1f07e4b13946edcdc80f9f215 | RegionOne | placement    | placement    | True    | public    | http://controller001:8778      |
| aec5b18b834b4a9cad8a4efb83b1b1d7 | RegionOne | glance       | image        | True    | internal  | http://controller001:9292      |
| b1a13f51438c40b8b74ec25b89efebab | RegionOne | glance       | image        | True    | public    | http://controller001:9292      |
| c35c703090f3478aa7d960293fde1bf0 | RegionOne | keystone     | identity     | True    | admin     | http://controller001:5000/v3/  |
| ca231e48c3ad406c8ec757c765b651a6 | RegionOne | glance       | image        | True    | admin     | http://controller001:9292      |
| ff927678f6634475bd80bdba7effc3fc | RegionOne | keystone     | identity     | True    | public    | http://controller001:5000/v3/  |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
user@controller001:~$ sudo su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+---------------------------------------------+---------------------------------------------+----------+
|  Name |                 UUID                 |                Transport URL                |                Database Connection                 | Disabled |
+-------+--------------------------------------+---------------------------------------------+---------------------------------------------+----------+
| cell0 | 00000000-0000-0000-0000-000000000000 |                    none:/                   | mysql+pymysql://nova:****@controller001/nova_cell0 |  False   |
| cell1 | e62ffdc8-5f28-43ef-9bcb-404812faaeae | rabbit://openstack:****@controller001:5672/ |    mysql+pymysql://nova:****@controller001/nova    |  False   |
+-------+--------------------------------------+---------------------------------------------+---------------------------------------------+----------+
user@controller001:~$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 controller001

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

172.16.50.41    controller001
172.16.50.42    compute011
740
0 + 0
us flag
eblock
Deleted my answer, the issue seems to be a different one. If the configs differ from your github repo please add the current config settings to your post. What is the bind_address for mariadb?
0
Reply
Hojii avatar
za flag
Hojii
@eblock this is my new address you can find exact configuration: https://github.com/hojat-gazestani/Wallaby
0
Reply
Hojii avatar
za flag
Hojii
@eblock bind_address for mariadb is controller001 management interface, as you can see in file: /etc/mysql/mariadb.conf.d/99-openstack.cnf : bind-address = 172.16.50.41
0
Reply
Score:0
Hojii avatar Server
za flag
Hojii

This was not related to MariaDB permissions or databases URL.

Problem solved using this bug discription and there is another solution that doesn't work for me. Creating cells exactly like nova installation guied worked for me and adding transport-url and database-connection to nova-mange command was my fault although it was working for me in the past.

"If you don't specify --database_connection then nova-manage will use the [database]/connection value from your config file, and mangle the database name to have a _cell0 suffix."

And:

"If your databases are on separate hosts then you should specify --database_connection or make certain that the nova.conf being used has the [database]/connection value pointing to the same user/password/host that will work for the cell0 database. If the cell0 mapping was created incorrectly, it can be deleted using the nova-manage cell_v2 delete_cell command and then run map_cell0 again with the proper database connection value."

So I think what probably happened is that when you ran map_cell0, it created a nova_api.cell_mappings record with the wrong database connection URL, because now db sync, which is relying on the cell_mappings table record to connect to the cell0 database, is failing because it's looking for nova_api_cell0 but you have nova_cell0.

This is the exact code that is creating the default cell0 connection URL if you didn't specify --database-connection when running map_cell0:

So I think you probably just want to (1) delete the cell0 mapping (2) run map_cell0 again and ensure it creates a cell0 entry with the correct database connection URL and then (3) run nova-manage db sync again.

sudo su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
sudo su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --transport-url rabbit://openstack:****@controller001:5672/ --database_connection mysql+pymysql://nova:****@controller001/nova  --verbose" nova 


user@controller001:~$ sudo su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+-------------------------------------------+---------------------------------------------+----------+
|  Name |                 UUID                 |               Transport URL               |               Database Connection                | Disabled |
+-------+--------------------------------------+-------------------------------------------+---------------------------------------------+----------+
| cell0 | 00000000-0000-0000-0000-000000000000 |                   none:/                  | mysql+pymysql://nova:****@controller001/nova_cell0 |  False   |
| cell1 | 553970ef-335a-4cf1-90fb-8268c49d5fad | rabbit://openstack:****@controller001:5672/ |    mysql+pymysql://nova:****@controller001/nova    |  False   |
+-------+--------------------------------------+-------------------------------------------+---------------------------------------------+----------+

user@controller001:~$ sudo su -s /bin/sh -c "nova-manage cell_v2 delete_cell --cell_uuid  00000000-0000-0000-0000-000000000000" nova
user@controller001:~$ sudo su -s /bin/sh -c "nova-manage cell_v2 delete_cell --cell_uuid  553970ef-335a-4cf1-90fb-8268c49d5fad" nova



user@controller001:~$ sudo su -s /bin/sh -c "nova-manage api_db sync" nova
user@controller001:~$ sudo su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
user@controller001:~$ sudo  su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
--transport-url not provided in the command line, using the value [DEFAULT]/transport_url from the configuration file
--database_connection not provided in the command line, using the value [database]/connection from the configuration file
d448f914-53fa-410c-8f89-407e33c96c3f
user@controller001:~$ sudo su -s /bin/sh -c "nova-manage db sync" nova
user@controller001:~$ sudo su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+-------------------------------------------+---------------------------------------------+----------+
|  Name |                 UUID                 |               Transport URL               |               Database Connection                | Disabled |
+-------+--------------------------------------+-------------------------------------------+---------------------------------------------+----------+
| cell0 | 00000000-0000-0000-0000-000000000000 |                   none:/                  | mysql+pymysql://nova:****@controller001/nova_cell0 |  False   |
| cell1 | d448f914-53fa-410c-8f89-407e33c96c3f | rabbit://openstack:****@controller001:5672/ |    mysql+pymysql://nova:****@controller001/nova    |  False   |
+-------+--------------------------------------+-------------------------------------------+---------------------------------------------+----------+

user@controller001:~$ openstack compute service list --service nova-compute
+----+--------------+-----------+------+---------+-------+----------------------------+
| ID | Binary       | Host      | Zone | Status  | State | Updated At                 |
+----+--------------+-----------+------+---------+-------+----------------------------+
|  5 | nova-compute | compute21 | nova | enabled | up    | 2021-10-09T13:59:32.000000 |
+----+--------------+-----------+------+---------+-------+----------------------------+
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.