Access denied for user 'repluser'@'masternode' - ERROR 1410 (42000): You are not allowed to create a user with GRANT
search cancel

Access denied for user 'repluser'@'masternode' - ERROR 1410 (42000): You are not allowed to create a user with GRANT

book

Article ID: 232186

calendar_today

Updated On: 10-17-2023

Products

CA API Gateway

Issue/Introduction

We are getting the following error trying to re-initialize cluster database replication

error reconnecting to master 'repluser@<gatewayhost.domainName>:3307' - retry-time: 100 retries: 23667 message: Access denied for user 'repluser'@'<gatewayhost.domainName>'

We found this article but the link in the resolution section is not working

https://knowledge.broadcom.com/external/article/10901/running-the-cluster-database-replication.html

- if trying to re-create the grants by running  /opt/SecureSpan/Appliance/bin/add_slave_user.sh , is showing
ERROR 1410 (42000): You are not allowed to create a user with GRANT

Environment

Release : 10.0

Component : API GATEWAY

Cause

repluser grants were dropped .

in Both Node (Master/Slave) show-grants.txt (/opt/DCT/database/show-grants.txt ) shows this Error for repluser:
ERROR 1141 (42000) at line 1: There is no such grant defined for user 'repluser' on host '<gatewayhost.domainName>'

Resolution

1. From Primary node run :

 /opt/SecureSpan/Appliance/bin/add_slave_user.sh 

Note : use short gateway servername instead the FQDN

ie : use "<gatewayhost>" instead of "<gatewayhost.domainName>

2. Repeat the same operation on node2 (Secondary) to re-create the grants for repluser 

 /opt/SecureSpan/Appliance/bin/add_slave_user.sh

 when prompt for MASTER Name use short name too : <gatewayhost>

3. Then,  run the "API Gateway: Reinitialize replication in a multi-node cluster" procedure 

https://knowledge.broadcom.com/external/article?articleId=44402 

4. check Replication status using :   mysql -e "show slave status\G"

- the  mysql cluster replication should be recovered without errors after the steps above

- also check if gateway service is running from ssg Menu option #2 , then Option# 7 :

1) Configure system settings
 2) Display Layer7 API Gateway configuration menu
 3) Use a privileged shell (root)
 4) Change the Master Passphrase
 5) Display Remote Management configuration menu
 6) Manage HSM
 8) Display Patch Management menu
 9) Display Log Viewing menu
 R) Reboot the Layer7 API Gateway appliance (apply the new configuration)
 X) Exit (no reboot)

Please make a selection: 2

then option : 7) Manage Layer7 API Gateway status

should see something like this output :

----------------------------------------------------------------------
Layer7 API Gateway Status
----------------------------------------------------------------------

Configuration:
    Node Status = RUNNING
    Node Status Timestamp = 2022-01-13 04:21:39
    Node Status Since = 2022-01-06 07:06:23

Powered by Wolken Software