Layer7 API Management

Hi there,

I was trying to add a new processing node to the primary cluster(via menu option 2 then 3) am getting following error pls advice

Error saving configuration 'Error during node configuration 'Database connection error 'Access denied for user 'gateway'@'ssg91member.mydmn.com' (using password: YES)'.''

Please advice.

Hi,

Can you please let us know who is this "ssg91member.mydmn.com", is this the node which you are trying to add to the cluster ?

The error message sounds like you don't have an entry to allow the new node to connect to the database. I think by default the gateway account is allowed to connect from any source (assuming it's an appliance gateway). So it seems like either the default permissions have changed or you're not using an appliance database. In that case you would need to add an entry to allow the gateway user to connect to the database from the new host.

Of course there are other things which could be wrong, but these are the first which come to mind.

Amusing default appliance and the using all default values such as gateway(user) and ssg(DB).

Infact, am re-adding the node to the cluster for some reason first had some problem second time seeing this Access denied issue. How could I do this below suggested, could you pls provide steps.

"In that case, you would need to add an entry to allow the gateway used to connect to the database from the new host".

If you are using the default appliance I would first make sure you are using the correct password. You could test it on the command line of the node you want to add by using something like 'mysql -h<existing primary hostname> -ugateway -p' it should ask you for the password. If you're able to connect that way, it should also work from the ssgconfig menu. If not, it could either be the password or the host which are denied. You can use standard mysql commands to grant access to the gateway user from the new host. But again, if you are using the default appliance it seems more likely to be a password issue.

If you want to see which user/host combinations are allowed, you can log in on the database on the existing host.

From the command prompt:

- mysql

- use mysql;

- select user, host from user;

This should give you a list with allowed user and host combinations. If there is a user 'gateway' with host '%', you should have access from anywhere and it must be a password issue. If not, look up the mysql grant syntax in the mysql docs online to add an entry for your new host.

Hope that helps.

Could you please kindly provide the link to lookup MySQL grant syntax in the MySQL docs online? I know generally, it would be as following but however want to follow your recommendation.

GRANT ALL PRIVILEGES ON *.* TO 'root'@'ssg9.1.mydmn.com' IDENTIFIED BY '*****' WITH GRANT OPTION;

The MySQL docs can be found here: MySQL :: MySQL 5.5 Reference Manual :: 13.7.1.3 GRANT Syntax 

I think something like the statement below should be enough. You can add the identified by part if you want to set a password specifically for this connection. I don't think you need the last part 'with grant option' as far as I know. But I don't have a gateway available right now to verify this.

GRANT ALL ON ssg.* TO 'gateway'@'newhost';

Hi

Did the answers on this thread answered your question? If it did please mark it as the right answer.
When your question is not answered or you still have additional questions please let us know.

With Kind Regards
Dirk