TiDB Deployment Error

Note:
This topic has been translated from a Chinese forum by GPT and might contain errors.

Original topic: tidb 部署 报错

| username: Cheriston

SSH under the tidb user is normal, but this error is reported. What should I do?

| username: Miracle | Original post link

Do TiDB users not have sudo privileges?

| username: caiyfc | Original post link

When deploying, did you create the tidb user yourself? Did you complete this step?

| username: Kongdom | Original post link

Is it possible that passwordless mutual trust has not been set up?

| username: 霸王龙的日常 | Original post link

Check sudo and mutual trust, basically just these two issues.

| username: TiDBer_rvITcue9 | Original post link

Check sudo and mutual trust, basically just these two issues.

| username: 小于同学 | Original post link

No password-free mutual trust configured.

| username: zhanggame1 | Original post link

Your deployment command is: if you can connect with root, then deploy with root. The deployment command is -u root -p. There’s no need to configure mutual trust or create a tidb user first; it will be added automatically.

| username: DBAER | Original post link

Mutual password-free authentication

| username: kelvin | Original post link

First, configure password-free mutual trust for all machines.

| username: Jellybean | Original post link

This error usually occurs due to lack of sudo permissions or improper SSH mutual trust configuration.

The official deployment steps are very detailed. Follow the official steps again, and there should generally be no issues.

| username: TiDBer_小阿飞 | Original post link

Users who use tiup for installation must configure passwordless sudo, otherwise the tiup command will report an error.

Manually Configure SSH Mutual Trust and Passwordless Sudo

For scenarios where there is a need to manually configure mutual trust from the control machine to the target node, refer to this section. It is generally recommended to use the TiUP deployment tool, which will automatically configure SSH mutual trust and passwordless login, so this section can be ignored.

  1. Log in to the deployment target machine as the root user, create the tidb user, and set the login password.
useradd tidb && \
passwd tidb
  1. Execute the following command to add tidb ALL=(ALL) NOPASSWD: ALL to the end of the file, configuring passwordless sudo.
visudo
tidb ALL=(ALL) NOPASSWD: ALL
  1. Log in to the control machine as the tidb user and execute the following command. Replace 10.0.1.1 with your deployment target machine’s IP, enter the tidb user’s password for the deployment target machine as prompted. After successful execution, SSH mutual trust is established. The same applies to other machines. The newly created tidb user does not have a .ssh directory, so you need to execute the command to generate the rsa key to create the .ssh directory. If you need to deploy TiDB components on the control machine, you need to configure mutual trust between the control machine and itself.
ssh-keygen -t rsa
ssh-copy-id -i ~/.ssh/id_rsa.pub 10.0.1.1
  1. Log in to the control machine as the tidb user and use ssh to log in to the target machine’s IP. If you can log in successfully without entering a password, it means the SSH mutual trust configuration is successful.
ssh 10.0.1.1
[tidb@10.0.1.1 ~]$
  1. After logging in to the deployment target machine as the tidb user, execute the following command. If you can switch to the root user without entering a password, it means the tidb user’s passwordless sudo configuration is successful.
sudo -su root
[root@10.0.1.1 tidb]#
| username: redgame | Original post link

Yes, you need to configure mutual password-free access.

| username: TiDBer_aaO4sU46 | Original post link

visudo

tidb ALL=(ALL) NOPASSWD: ALL

| username: zhanggame1 | Original post link

If you can SSH into the target machine as the root user, you don’t need to bother with this.

| username: 随便改个用户名 | Original post link

It’s the SSH passwordless issue again, feels like it pops up once every day :face_with_monocle: :face_with_monocle: :face_with_monocle:

| username: 这里介绍不了我 | Original post link

If you look closely at the error message, you will know the answer: Failed to execute command over SSH for

| username: YuchongXU | Original post link

You can use root.

| username: dba远航 | Original post link

It feels like a permissions issue.

| username: 饭光小团 | Original post link

  1. Passwordless mutual trust is not set up.
  2. If step 1 is completed, you can copy the public and private keys under the .ssh directory of the tidb user to the .tiup/storage/cluster/clusters/tidbp1/ssh/ directory.