0

The ultimate goal is to have the latest Zabbix release running in container, monitoring a bunch of switches.

Zabbix wants some flavor of MySQL (or postgres) so I figured I would set use the official (Oracle) MySQL 8.0.19 MySQL FOSS image. I have a running MySQL container but I accidentally set up my zabbix db user to only have local connection privileges.

mysql> SELECT user,host FROM mysql.user;
+------------------+-----------+
| user             | host      |
+------------------+-----------+
| root             | %         |
| mysql.infoschema | localhost |
| mysql.session    | localhost |
| mysql.sys        | localhost |
| root             | localhost |
| zabbix           | localhost |
+------------------+-----------+
6 rows in set (0.00 sec)

I can't seem to alter this user so it can connect from the other containers in the group, zabbix-server-mysql and zabbix-web-apache-mysql.
Perhaps there's some way of launching a new container so that database 'zabbix' is available to user zabbix over the network.
And I don't understand docker well enough to know if I actually need to have the containers talking to each other over the network or is there some magical docker funtionality whereby they can communicate without IP networking.

Please advise.

mr.zog
  • 902
  • 3
  • 16
  • 36

1 Answers1

1

The easiest way is to use RENAME USER statement:

RENAME USER 'zabbix'@'localhost' TO 'zabbix'@'%';

Also that root % at the top isn't good. That means root has remote access to the database from anywhere on the network. You generally want to restrict that to localhost only so drop that user and you should be good. (You'll need to make sure you have a way to get into the docker container via the local machine so you can access MySQL locally otherwise you may lose access when you drop this user)

DROP USER 'root'@'%';

Check your grants to make sure user zabbix@% has access to database 'zabbix':

SHOW GRANTS FOR 'zabbix'@'%';

That'll get your MySQL users configured properly. You'll just have to figure out how to configure your docker containers to communicate properly with each other. I'm not sure they can communicate without specifically giving them network access.

https://dev.mysql.com/doc/refman/8.0/en/rename-user.html
https://dev.mysql.com/doc/refman/8.0/en/drop-user.html
https://dev.mysql.com/doc/refman/8.0/en/create-user.html
https://dev.mysql.com/doc/refman/8.0/en/alter-user.html
https://dev.mysql.com/doc/refman/8.0/en/show-grants.html

Justa Guy
  • 189
  • 4