This is a cross post from cloudsql channel in GCP Slack, but I have not received any response yet. So, please allow me to post it here too.
-- https://googlecloud-community.slack.com/archives/C0H0GRV39/p1590525710126000
Hello. I tested if Cloud SQL MySQL (version 5.7) blocks access from its clients when the number of connection related errors exceeds the value of `max_connect_errors` variable.
I used "echo | nc -v X.X.X.X 3306" from my workstation and a VM in GCP against a publicly accessible Cloud SQL MySQL instance (X.X.X.X is the server IP address). I did this to simulate an incomplete handshake, but the instance didn't block access from the sources; even though the number of failed handshakes exceeded the max_connect_errors value.
I did the same testing against an existing on-premise MySQL instance and another instance built from source code (5.7.25). I confirmed it blocked access on the client side from sources that reached max_connect_errors. It gave the message, "Host 'Y.Y.Y.Y' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'".
I noticed there was no entry in performance_schema.host_cache table even after upgrading the machine type to db-n1-highmem-4, which is a requirement to enable performance_schema.
So, I am wondering if Google dropped the host blocking logic from Cloud SQL MySQL. I searched GCP docs, but couldn't find any. Does anybody have information about host blocking in Cloud SQL MySQL?
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/ef515a51-fb6e-4371-a71e-6442f8c08613%40googlegroups.com.
No comments:
Post a Comment