Allowing Remote Connections to MariaDB from Another VM

Answered using GPT-4o Mini by GPT4oMini.app

Question:

I have two VM, one is a database mariaDB server(10.0.0.1). How can I allow one VM(10.0.0.2) or multiple address to connect to this DB?

Answer:

To allow a VM (10.0.0.2) or multiple addresses to connect to your MariaDB server (10.0.0.1), you need to follow these steps:

Step 1: Configure MariaDB to Allow Remote Connections

  1. Edit the MariaDB Configuration File: Open the MariaDB configuration file, usually located at /etc/mysql/my.cnf or /etc/my.cnf. You may also find it in /etc/mysql/mariadb.conf.d/50-server.cnf depending on your installation.

    sudo nano /etc/mysql/my.cnf

  2. Bind Address: Look for the line that starts with bind-address. By default, it may be set to 127.0.0.1, which restricts connections to localhost. Change it to 0.0.0.0 to allow connections from any IP address, or specify the IP address of the VM you want to allow (10.0.0.2).

    bind-address = 0.0.0.0

  3. Save and Exit: Save the changes and exit the text editor.

Step 2: Create a User for Remote Access

  1. Log in to MariaDB: Log in to your MariaDB server using the command line.

    mysql -u root -p

  2. Create a User: Create a user that can connect from the specific IP address (10.0.0.2) or from any IP address (%).

    To allow access from a specific IP:

    CREATE USER 'username'@'10.0.0.2' IDENTIFIED BY 'password';

    To allow access from any IP:

    CREATE USER 'username'@'%' IDENTIFIED BY 'password';

  3. Grant Privileges: Grant the necessary privileges to the user for the database you want them to access.

    GRANT ALL PRIVILEGES ON database_name.* TO 'username'@'10.0.0.2';

    Or, if you used %:

    GRANT ALL PRIVILEGES ON database_name.* TO 'username'@'%';

  4. Flush Privileges: After creating the user and granting privileges, run the following command to ensure that the changes take effect:

    FLUSH PRIVILEGES;

  5. Exit MariaDB:

    EXIT;

Step 3: Configure Firewall (if applicable)

If you have a firewall running on your MariaDB server, you need to allow traffic on the default MariaDB port (3306).

  1. For UFW (Uncomplicated Firewall):

    sudo ufw allow from 10.0.0.2 to any port 3306

    Or to allow from any IP:

    sudo ufw allow 3306

  2. For Firewalld:

    sudo firewall-cmd --zone=public --add-port=3306/tcp --permanent
sudo firewall-cmd --reload

Step 4: Restart MariaDB

After making these changes, restart the MariaDB service to apply the configuration.

sudo systemctl restart mariadb

Step 5: Test the Connection

From the VM (10.0.0.2), try to connect to the MariaDB server using the credentials you created.

mysql -u username -p -h 10.0.0.1

If everything is set up correctly, you should be able to connect to the MariaDB server from the specified VM.

Additional Notes

  • Ensure that the network settings allow communication between the two VMs.
  • If you need to allow multiple specific IP addresses, you can create separate users for each IP or use a wildcard (%) for broader access.
  • Always consider security implications when allowing remote access to your database. Use strong passwords and consider using SSL for connections if sensitive data is involved.