Communication Wordpress inside Kubernetes and external MySQL server. - MySQL Connection Error: (2002)

10/29/2019

In Azure cloud, I have the following infrastructure:

A Vnet with two subnets in.

  • Vnet: 10.0.0.0/8
    • aks-subnet: 10.240.0.0/16
    • persistence-subnet: 10.241.0.0/27

An Azure Kubernetes cluster was installed and associated to the aks-subnet.

In the persistence-subnet a managed Azure Database for MySQL paas, is deployed and associated to it.

The persistence-subnet has two service endpoints: Microsoft.Sql and Microsoft.Storage

The aks-subnet has the Microsoft.Sql service endpoint

The Azure Kubernetes cluster was deployed using the Azure CNI network profile so, every pod get an ip address belonging to the aks-subnet. Also I decided to choose Azure CNI,because I need to to communicate the pods inside aks-subnet with the MySQL managed service.

In the managed Azure Database for MySQL paas service I have whitelisted the aks-subnet ip address range, in order to allow to the pods inside aks-subnet access to the MySQL service.

"StartIpAddress": "10.240.0.0",
"EndIpAddress": "10.240.255.255"

In the AKS cluster, I am using helm3 to deploy the Wordpress helm chart, with this command

helm3 install wordpress-site-1 stable/wordpress --set image.registry=myregistry.azurecr.io,image.repository=wordpress,image.tag=5.2.4,image.pullPolicy=Always,wordpressUsername=site1,wordpressPassword=my-password,wordpressEmail=my@gmail.com,mariadb.enabled=false,externalDatabase.host=database-db.mysql.database.azure.com,externalDatabase.user=user@wdatabase-db,externalDatabase.password=my-password,externalDatabase.database=wordpress-site-1,externalDatabase.port=3306
NAME: wordpress-site-1
LAST DEPLOYED: Tue Oct 29 13:24:03 2019
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
1. Get the WordPress URL:

  NOTE: It may take a few minutes for the LoadBalancer IP to be available.
        Watch the status with: 'kubectl get svc --namespace default -w wordpress-site-1'
  export SERVICE_IP=$(kubectl get svc --namespace default wordpress-site-1 --template "{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}")
  echo "WordPress URL: http://$SERVICE_IP/"
  echo "WordPress Admin URL: http://$SERVICE_IP/admin"

2. Login with the following credentials to see your blog

  echo Username: site1
  echo Password: $(kubectl get secret --namespace default wordpress-site-1 -o jsonpath="{.data.wordpress-password}" | base64 --decode)

The deployment is running, but when I check the wordpress pod logs, I got this error message:

MySQL Connection Error: (2002) php_network_getaddresses: getaddrinfo failed: Name or service not known
[29-Oct-2019 13:01:13 UTC] PHP Warning:  mysqli::__construct(): php_network_getaddresses: getaddrinfo failed: Name or service not known in Standard input code on line 22
[29-Oct-2019 13:01:13 UTC] PHP Warning:  mysqli::__construct(): (HY000/2002): php_network_getaddresses: getaddrinfo failed: Name or service not known in Standard input code on line 22

MySQL Connection Error: (2002) php_network_getaddresses: getaddrinfo failed: Name or service not known

WARNING: unable to establish a database connection to 'mysql'
  continuing anyways (which might have unexpected results)

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 10.240.0.36. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 10.240.0.36. Set the 'ServerName' directive globally to suppress this message
[Tue Oct 29 13:01:14.027023 2019] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/7.3.11 configured -- resuming normal operations
[Tue Oct 29 13:01:14.027099 2019] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
10.240.0.4 - - [29/Oct/2019:13:01:22 +0000] "GET /wp-login.php HTTP/1.1" 500 3003 "-" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:13:01:32 +0000] "GET /wp-login.php HTTP/1.1" 500 3003 "-" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:13:01:42 +0000] "GET /wp-login.php HTTP/1.1" 500 3003 "-" "kube-probe/1.14"

Looks like the wordpress pod, located inside aks-subnet is not able to reach the MySQL service, located in the persistence-subnet, despite I am providing it via helm install command the correct parameters.

It's weird, the pods has access to Internet, and also I have been checking of a careful way the rules and permissions to allow that communication.

Is there something that I am unknowing?

How can I reach the MySQL database from the Wordpress service deployed inside the Aks cluster?


UPDATE:

Before to deploy Wordpress with helm install command, I've created the docker registry secret pointing to Azure Container Registry data, of a manual way:

kubectl create secret docker-registry regcred --docker-server=my-registry.azurecr.io --docker-username=my-username --docker-password=my-password --docker-email=my-email@outlook.com

I referenced that regcred in my local helm chart in the deployment.yaml and I deployed Wordpress using the helm install command and looks like it works, or at least MySQL is not causing problems.

Just the ServerName Apache directive, because I don't have any hostname yet involved in my deploymnet process, not yet.

⟩ kubectl logs pod/wordpress-site-1-7f44b567d6-2949w -f

WordPress not found in /var/www/html - copying now...
Complete! WordPress has been successfully copied to /var/www/html

### APACHE SERVERNAME WARNING
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 10.240.0.103. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 10.240.0.103. Set the 'ServerName' directive globally to suppress this message

##### 


[Tue Oct 29 16:13:16.327549 2019] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/7.3.11 configured -- resuming normal operations
[Tue Oct 29 16:13:16.327630 2019] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
10.240.0.4 - - [29/Oct/2019:16:13:18 +0000] "GET / HTTP/1.1" 302 255 "-" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:16:13:18 +0000] "GET /wp-admin/setup-config.php HTTP/1.1" 200 4289 "http://10.240.0.103:80/" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:16:13:28 +0000] "GET / HTTP/1.1" 302 255 "-" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:16:13:28 +0000] "GET /wp-admin/setup-config.php HTTP/1.1" 200 4289 "http://10.240.0.103:80/" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:16:13:38 +0000] "GET / HTTP/1.1" 302 255 "-" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:16:13:40 +0000] "GET / HTTP/1.1" 302 255 "-" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:16:13:40 +0000] "GET /wp-admin/setup-config.php HTTP/1.1" 200 4289 "http://10.240.0.103:80/" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:16:13:38 +0000] "GET /wp-admin/setup-config.php HTTP/1.1" 200 4289 "http://10.240.0.103:80/" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:16:13:48 +0000] "GET / HTTP/1.1" 302 255 "-" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:16:13:50 +0000] "GET / HTTP/1.1" 302 255 "-" "kube-probe/1.14"
10.240.0.4 - - [29/Oct/2019:16:13:50 +0000] "GET /wp-admin/setup-config.php HTTP/1.1" 200 4289 "http://10.240.0.103:80/" "kube-probe/1.14"

I understand that at this point nothing should happens with the database because we need to access to the Wordpress site via web and deploy the site, so is at that moment when the database tables will be created right?

So I did a port-forward operation from kubernetes:

⟩ kubectl port-forward pod/wordpress-site-1-7f44b567d6-2949w 8002:80
Forwarding from 127.0.0.1:8002 -> 80
Forwarding from [::1]:8002 -> 80
Handling connection for 8002
Handling connection for 8002
Handling connection for 8002
Handling connection for 8002
Handling connection for 8002

And when I go to http://localhost:8002/, the browser redirect to me to http://localhost:8002/wp-admin/setup-config.php and I can see the wordpress wizard.

So I fill the data with my db name previously created in the database server

enter image description here

And when I submit the data in the wizard UI I got the following:

enter image description here

The message reference problems with the data connection

This either means that the username and password information in your wp-config.php file is incorrect or we can’t contact the database server at wordpresssentiaassessment-db.mysql.database.azure.com. This could mean your host’s database server is down.

Are you sure you have the correct username and password?
Are you sure that you have typed the correct hostname?
Are you sure that the database server is running?

But maybe because from port-forward operation we cannot contact to the database from my local machine?

I mean, the process is not in able to do a reverse port forward to contact the database?

Do I need to expose the Wordpress service application to some domain and Ip public address in order to contact to the db and install Wordpresss?

So, I enter to the pod wordpress container to check wp-config.php

kubectl exec -it pod/wordpress-site-1-7f44b567d6-2949w /bin/sh

But the wp-config.php file does not exist,

# ls
index.php    wp-activate.php     wp-comments-post.php  wp-cron.php    wp-load.php   wp-settings.php   xmlrpc.php
license.txt  wp-admin        wp-config-sample.php  wp-includes    wp-login.php  wp-signup.php
readme.html  wp-blog-header.php  wp-content        wp-links-opml.php  wp-mail.php   wp-trackback.php
# cat wp-config.php
cat: wp-config.php: No such file or directory

I have a wp-config-sample.php and this is their content, but I cannot see anything about FQDN.

Or maybe do I need to do something in the wp-config.php, maybe rename the wp-config-sample.php to wp-config.php and add the variables injected in the pod in that file?

# nano wp-config-sample.php
<?php
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the
 * installation. You don't have to use the web site, you can
 * copy this file to "wp-config.php" and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://codex.wordpress.org/Editing_wp-config.php
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'database_name_here' );

/** MySQL database username */
define( 'DB_USER', 'username_here' );

/** MySQL database password */
define( 'DB_PASSWORD', 'password_here' );

/** MySQL hostname */
define( 'DB_HOST', 'localhost' );

/** Database Charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' );

/** The Database Collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define( 'AUTH_KEY',         'put your unique phrase here' );
define( 'SECURE_AUTH_KEY',  'put your unique phrase here' );
define( 'LOGGED_IN_KEY',    'put your unique phrase here' );
define( 'NONCE_KEY',        'put your unique phrase here' );
define( 'AUTH_SALT',        'put your unique phrase here' );
define( 'SECURE_AUTH_SALT', 'put your unique phrase here' );
define( 'LOGGED_IN_SALT',   'put your unique phrase here' );
define( 'NONCE_SALT',       'put your unique phrase here' );

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix = 'wp_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the Codex.
 *
 * @link https://codex.wordpress.org/Debugging_in_WordPress
 */
define( 'WP_DEBUG', false );

/* That's all, stop editing! Happy publishing. */

/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
    define( 'ABSPATH', dirname( __FILE__ ) . '/' );
}

/** Sets up WordPress vars and included files. */
require_once( ABSPATH . 'wp-settings.php' );
-- bgarcial
azure
kubernetes-helm
mysql
vnet
wordpress

1 Answer

10/29/2019

It looks as though the application is trying to perform a reverse lookup of the IP address you have specified, probably because it intends on using SSL to authenticate the remote server. PTR records to assist in reverse lookup will not be available with a standard configuration for an internal IP address.

Try using the FQDN for your MySQL instance instead of the IP address.

It should look something like this:

{yourservername}.mysql.database.azure.com

This way your application will not need to perform reverse lookup, and Azure will cater for the routing appropriately.

EDIT:

The following line indicated your application is trying to connect to host 'mysql':

WARNING: unable to establish a database connection to 'mysql'

Check the FQDN has populated properly in wp-config.php

-- Architect Jamie
Source: StackOverflow