Creating a MySQL Server

Warning

  • The following MySQL authentication plugins are supported for communication between Fudo Enterprise and the database server: mysql_clear_password mysql_native_password, caching_sha2_password.

  • For communication between the client and Fudo Enterprise, only mysql_clear_password plugin is supported, which is why TLS is enforced for MySQL listeners.

Note

  • A server object can be linked to only one anonymous account.

  • A server object can be linked to only one forward account.

  1. Click + icon next to the Servers tab of the Management sub-section, or

  2. Select Management > Servers and then click + Add server.

../../_images/5-6-add-server.png

  1. Enter server’s unique name.

  1. Select Blocked option if the object should be unavailable after creation. A blocked server cannot be used to establish connections until it is manually unblocked. Providing a reason for blocking is required.

  2. Optionally, click the Description checkbox and provide a text that will help identifying this server object.

SETTINGS TAB

  1. Go to the SETTINGS tab.

  2. In the Protocol section, select MySQL.

Warning

After server’s definition is saved, protocol’s field is uneditable.

  1. Select the TLS enabled to connect to monitored server over TLS.

    • Check the TLS required option to enforce the use of TLS when establishing the connection.

    • Select Legacy crypto option to allow negotiating older encryption algorithms (DSA(1024), RSA(1024)) when establishing connections.

  2. From the Bind address drop-down list, select the IP address from which connections to the monitored server will be initiated.

Note

  • The Bind address drop-down list elements are IP address defined in the Network configuration menu (Network Interfaces Configuration) or labeled IP addresses (Labeled IP Addresses).

  • In case of cluster configuration, select a labeled IP address from the Bind address drop-down list and make sure that other nodes have IP addresses assigned to this label. For more information refer to the Labeled IP Addresses topic.

  1. In the Destination section, define the address of the target server:

    • Select Host, IPv4, or IPv6,

    • Enter the Address and Port if the port differs from the protocol default. You can also specify a port range. For details, see Port Ranges in Server Configuration.

Note

Depending on selected option, default values for the Mask and Port fields are filled out automatically. This way the Fudo Enterprise system detects server as one with unique address. In order to set up address for entire subnet, provide a dedicated value for the Address and the Mask fields.

  1. In the Server Verification section, specify the server verification method:

    • Select Server certificate to verify the server based on its certificate,

    • Select CA certificate to verify the server certificate using a trusted certificate authority,

    • Select None to disable server certificate verification.

../../_images/5-6-server-mysql.png

  1. Click Save.

OBJECT RIGHTS TAB

The OBJECT RIGHTS tab is used to define which users and roles are allowed to manage the object and which capabilities (Read, Modify, Delete, Block) are assigned to them.


  1. Go to the OBJECT RIGHTS tab.

  2. Open the USERS sub-tab.

  3. Click Assign User, select the users from the list, and click Save.

  4. In the Users list, select the capabilities for each user by enabling one or more of the following options: Read, Modify, Delete, or Block.

  5. Open the Roles sub-tab.

  6. Click Assign Role, select the roles from the list, and click Save.

  7. In the Roles list, select the capabilities for each role by enabling one or more of the following options: Read, Modify, Delete, or Block.

../../_images/5-6-servers-object-rights.png

Related topics: