Allowing Remote Connection to MariaDB from Another VM

Answered using GPT-4o Mini by GPT4oMini.app

Question:

I have two VM, one is a database mariaDB server(10.0.0.1). How can I allow one VM(10.0.0.2) to connect to this DB?

Answer:

To allow a VM (10.0.0.2) to connect to a MariaDB server running on another VM (10.0.0.1), you need to follow these steps:

Step 1: Configure MariaDB to Allow Remote Connections

  1. Edit the MariaDB Configuration File:

    • Open the MariaDB configuration file, usually located at /etc/mysql/my.cnf or /etc/my.cnf.
    • Look for the line that starts with bind-address. By default, it may be set to 127.0.0.1, which restricts connections to localhost.
    • Change it to 0.0.0.0 to allow connections from any IP address, or specify the IP address of the VM (10.0.0.1) if you want to restrict it further.
    [mysqld]
bind-address = 0.0.0.0

  2. Restart the MariaDB Service:

    • After making changes to the configuration file, restart the MariaDB service to apply the changes.
    sudo systemctl restart mariadb

Step 2: Create a User for Remote Access

  1. Log in to the MariaDB Server:

    • Use the following command to log in to the MariaDB server:
    mysql -u root -p

  2. Create a User for Remote Access:

    • You can create a user that allows connections from the specific IP address (10.0.0.2) or from any IP address (%).
    CREATE USER 'username'@'10.0.0.2' IDENTIFIED BY 'password';
    • If you want to allow access from any IP address, use:
    CREATE USER 'username'@'%' IDENTIFIED BY 'password';

  3. Grant Privileges:

    • Grant the necessary privileges to the user for the database you want to access. For example, to grant all privileges on a specific database:
    GRANT ALL PRIVILEGES ON database_name.* TO 'username'@'10.0.0.2';
    • If you used %, replace 10.0.0.2 with % in the command.

  4. Flush Privileges:

    • After creating the user and granting privileges, run the following command to ensure that the changes take effect:
    FLUSH PRIVILEGES;

  5. Exit MariaDB:

    EXIT;

Step 3: Configure Firewall (if applicable)

If you have a firewall running on the MariaDB server (10.0.0.1), you need to allow incoming connections on the default MariaDB port (3306).

  1. Using UFW (Uncomplicated Firewall):

    sudo ufw allow from 10.0.0.2 to any port 3306

  2. Using iptables:

    sudo iptables -A INPUT -p tcp -s 10.0.0.2 --dport 3306 -j ACCEPT

  3. Using firewalld:

    sudo firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="10.0.0.2" port protocol="tcp" port="3306" accept'
sudo firewall-cmd --runtime-to-permanent

Step 4: Connect from the Client VM

Now, you can connect to the MariaDB server from the client VM (10.0.0.2) using the following command:

mysql -u username -p -h 10.0.0.1

You will be prompted to enter the password for the user you created.

Troubleshooting

  • If you encounter issues connecting, check the following:
    • Ensure that the MariaDB service is running.
    • Verify that the firewall rules are correctly set.
    • Check the MariaDB logs for any error messages.
    • Ensure that the user has the correct privileges.

By following these steps, you should be able to successfully connect from one VM to the MariaDB server running on