Thursday, December 23, 2010

MySQL blocked because of many connection errors

Suddenly Tomcat was sending back errors to the clients, restarting fixed it but only for a while, inspecting the logs the cause was apparently not enough connections available:
"Host 'myhost.com' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'"

Issuing the command would be the next measure and even applying brute force a script doing this every so often. Wait a minute we know better. There must be an (intentionally or not) attack.

The cluprit

Monit was configured to monitor mysql like:
if failed host 192.168.0.161 port 3306 then restart

This is a problem as all it does is opening a socket and then dropping the connection without any SQL handshaking.

Solution

Specifying mysql protocol could solve the problem but mysql is so mature and stable that it would be enough to check just the socket file:
if failed unixsocket /var/lib/mysql/mysql.sock with timeout 5 seconds then restart

No comments:

Followers