Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Do you understand the difference?
Cause your solution relies on DNS resolve, which should be disabled in a productive system. -
@IntrusionCM In what situation does "localhost" resolve to the correct value where "127.0.0.1" is not a correct value? I thought it was an unchangeable fact of nature that localhost is 127.0.0.1 is loopback for whatever meaning of loopback is most appropriate in the given situation, for instance in a container it would be the same container.
-
@lorentz .
localhost *can* resolve to 127.0.0.1 - but it mustn't.
Theoretically it could be any IP address - it's just a gentleman agreement to pick 127.0.0.1 . 127.0.0.0/8 is the whole range that is typically picked for loopback addresses, so it could be one or even multiple addresses from that block.
I'm adding that explanation because it's a common misconception that localhost *must* match 127.0.0.1 .
In IPv6 they were more strict - ::1/128 is a single IP address.
Most OSes use IPv6 implicitly - so localhost can be an IPv6 or an IPv4 address, which is a very good source of confusion.
Now to add even more confusion - localhost is in MySQL an even more fucked up thing.
If you specify localhost as host parameter to e.g. mysql cli tool - it means to connect to the *unix socket*.
As in not an IP address, but really the provided socket of MySQL (systemd /run/mysqld.sock for example).
Hence my question, not to be smarty pants but because this gnarly behaviour can make someone rip their hair out.
To add even more fun to it: MySQL has multiple authentication modes.
One of the changes in MySQL 8 was to add an socket auth plugin - which does *two* things: It allows to provide an authentication via socket (that's the obvious / expected part) - but additionally verifies that the user accessing the socket matches a specific user. So e.g. if you access mysql via cli as root, mysql user must be root, the auth entry thus must be 'root'@'localhost' (as localhost refers to the socket).
https://dev.mysql.com/doc/refman/...
And now to go fully Monty Python:
https://dev.mysql.com/doc/refman/...
bind_address uses first resolved IP address if an hostname is used. So either an A record (IPv4) or the AAAA (IPv6) record in case of localhost.
If a hostname resolves to multiple addresses, one is picked randomly. :)
This is stuff for nightmares. Dunno how often it broke my brain. -
hjk10156962y@IntrusionCM good writeup!
A few years back this was particularly messy in kubernetes. Depending on the version it would do IPv6 or not. So container trying to use IPv6 on localhost would not be able to reach a sidecar service. -
for me it didnt work with localhost on my raspy. changed it to "127.0.0.1" did the trick :P
Related Rants
Have some troubles with MySQL server with multiple instances.
After some search, I have a “bind-address” parameter set to “127.0.0.1”
Changed to “localhost” do the trick. Love my work.
rant
mysql
lovemywork