Database servers

/
/
Error “MySQL response timeout exceeded” when installing an alternative DBMS

Error “MySQL response timeout exceeded” when installing an alternative DBMS

Symptoms

The installation process of the alternative DBMS fails, the error message “MySQL response timeout exceeded” appears in the web interface of the panel.

Causes

  1. AppArmor enabled
  2. Insufficient RAM
  3. Docker is blocked by firewall rules
  4. Docker servers unavailable
  5. "Devicemapper" driver is used in Docker

Solution

Disabling AppArmor

Disabling AppArmor is one of the conditions for the correct installation and operation of the ispmanager panel.

Connect to the server via SSH as administrator and run the following commands to disable AppArmor:

aa-teardown
systemctl disable apparmor

Insufficient RAM

To ensure optimal performance of a single Docker container, a minimum of 1.5 GB of available RAM is necessary. To find out the amount of RAM available for use, the following command can be employed:

free -h | awk '{print $6}'

In case of insufficient memory, the container with the alternative DBMS will be unable to start. Errors pertaining to the operation of the "oom-killer" will be registered in the system log, which can be detected using the command:

  • grep "Out of" /var/log/syslog - for Debian and Ubuntu
  • grep "Out of" /var/log/messages - for RHEL-based systems (e.g., CentOS and AlmaLinux)

In this instance, it would be advisable to increase the amount of available RAM by increasing the total amount of RAM and/or optimising the RAM consumption by other applications.

After that, repeat the installation of the alternative DBMS.

Configuration of firewall rules

When Docker is installed, specific rule chains are created within the operating system firewall. Blocking or removal of these chains can cause Docker to malfunction.

PLEASE NOTE!

Recommendations in this article segment are applicable only to default installations. In case the firewall rules have been modified manually, it will be necessary to analyze the current rules.

Make sure that the ACCEPT policy is installed for the INPUT, OUTPUT, and FORWARD chains using the following command:

iptables -S INPUT | head -1 && iptables -S OUTPUT | head -1 && iptables -S FORWARD | head -1

The next step is to check the rules that Docker has installed. To do this, enter the following command:

iptables -S | grep DOCKER

The output should contain the following chains and rules:

-N DOCKER
-N DOCKER-ISOLATION-STAGE-1
-N DOCKER-ISOLATION-STAGE-2
-N DOCKER-USER
-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION-STAGE-1
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 3306 -j ACCEPT
-A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
-A DOCKER-ISOLATION-STAGE-1 -j RETURN
-A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
-A DOCKER-ISOLATION-STAGE-2 -j RETURN
-A DOCKER-USER -j RETURN

If any of the lines above are missing, restart the Docker service with the following command:

systemctl restart docker

Docker servers unavailable

To check the availability of the Docker servers, execute the following command:

curl -ikLv https://download.docker.com

The server is considered available if the output contains the value ‘HTTP/2 200’. Otherwise, it is advisable to check the network settings on the server and higher-level equipment, such as the hosting or Internet provider's side.

Also verify that the  download.docker.com domain is resolved on your server by executing the following command:

dig A download.docker.com +short

The correct output should include IP addresses and domain names, for example:

d2h67oheeuigaw.cloudfront.net.
3.164.240.119
3.164.240.123

If the output contains errors, it is advisable to verify the DNS settings on the server and the operational status of the DNS servers in use, which are documented in /etc/resolve.conf.

Usage of 'devicemapper'

The "devicemaper" driver is a deprecated file system driver for Docker that is no longer supported in current versions of Docker. The current up-to-date driver is "overlay2". To check which driver Docker is using, use the command:

docker info | grep 'Storage Driver'

There is no quick solution to this issue as the changes affect the operating system kernel. The best solution is to migrate to a modern OS.

In this article