blob: 788e908a8d54e707e0a2168fc55e398783c8a311 [file] [log] [blame]
=====
Usage
=====
Galera Cluster for MySQL is a true Multimaster Cluster based on synchronous
replication. Galera Cluster is an easy-to-use, high-availability solution,
which provides high system uptime, no data loss and scalability for future
growth.
Sample pillars
==============
Galera cluster master node
.. code-block:: yaml
galera:
version:
mysql: 5.6
galera: 3
master:
enabled: true
name: openstack
bind:
address: 192.168.0.1
port: 3306
members:
- host: 192.168.0.1
port: 4567
- host: 192.168.0.2
port: 4567
admin:
user: root
password: pass
database:
name:
encoding: 'utf8'
users:
- name: 'username'
password: 'password'
host: 'localhost'
rights: 'all privileges'
database: '*.*'
Galera cluster slave node
.. code-block:: yaml
galera:
slave:
enabled: true
name: openstack
bind:
address: 192.168.0.2
port: 3306
members:
- host: 192.168.0.1
port: 4567
- host: 192.168.0.2
port: 4567
admin:
user: root
password: pass
Enable TLS support:
.. code-block:: yaml
galera:
slave or master:
ssl:
enabled: True
ciphers:
DHE-RSA-AES128-SHA:
enabled: True
DHE-RSA-AES256-SHA:
enabled: True
EDH-RSA-DES-CBC3-SHA:
name: EDH-RSA-DES-CBC3-SHA
enabled: True
AES128-SHA:AES256-SHA:
name: AES128-SHA:AES256-SHA
enabled: True
DES-CBC3-SHA:
enabled: True
# path
cert_file: /etc/mysql/ssl/cert.pem
key_file: /etc/mysql/ssl/key.pem
ca_file: /etc/mysql/ssl/ca.pem
# content (not required if files already exists)
key: << body of key >>
cert: << body of cert >>
cacert_chain: << body of ca certs chain >>
Additional mysql users:
.. code-block:: yaml
mysql:
server:
users:
- name: clustercheck
password: clustercheck
database: '*.*'
grants: PROCESS
- name: inspector
host: 127.0.0.1
password: password
databases:
mydb:
- database: mydb
- table: mytable
- grant_option: True
- grants:
- all privileges
Additional mysql SSL grants:
.. code-block:: yaml
mysql:
server:
users:
- name: clustercheck
password: clustercheck
database: '*.*'
grants: PROCESS
ssl_option:
- SSL: True
- X509: True
- SUBJECT: <subject>
- ISSUER: <issuer>
- CIPHER: <cipher>
Additional check params:
========================
.. code-block:: yaml
galera:
clustercheck:
- enabled: True
- user: clustercheck
- password: clustercheck
- available_when_donor: 0
- available_when_readonly: 1
- port 9200
Configurable soft parameters
============================
- ``galera_innodb_buffer_pool_size``
Default is ``3138M``
- ``galera_max_connections``
Default is ``20000``
- ``galera_innodb_read_io_threads``
Default is ``8``
- ``galera_innodb_write_io_threads``
Default is ``8``
- ``galera_wsrep_slave_threads``
Default is ``8``
- ``galera_xtrabackup_parallel``
Default is 4
- ``galera_error_log_enabled``
Default is ``true``
- ``galera_error_log_path``
Default is ``/var/log/mysql/error.log``
When the following parameters are set to 0, theirs
defaults will be calclulated automatically based on number
of cpu cores:
- galera_innodb_read_io_threads
- galera_innodb_write_io_threads
- galera_wsrep_slave_threads
Usage:
.. code-block:: yaml
_param:
galera_innodb_buffer_pool_size: 1024M
galera_max_connections: 200
galera_innodb_read_io_threads: 16
galera_innodb_write_io_threads: 16
galera_wsrep_slave_threads: 8
galera_xtrabackup_parallel: 2
galera_error_log_enabled: true
galera_error_log_path: /var/log/mysql/error.log
Usage
=====
MySQL Galera check sripts
.. code-block:: bash
mysql> SHOW STATUS LIKE 'wsrep%';
mysql> SHOW STATUS LIKE 'wsrep_cluster_size' ;"
Galera monitoring command, performed from extra server
.. code-block:: bash
garbd -a gcomm://ipaddrofone:4567 -g my_wsrep_cluster -l /tmp/1.out -d
#. salt-call state.sls mysql
#. Comment everything starting wsrep* (wsrep_provider, wsrep_cluster, wsrep_sst)
#. service mysql start
#. run on each node mysql_secure_install and filling root password.
.. code-block:: bash
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n
... skipping.
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
#. service mysql stop
#. uncomment all wsrep* lines except first server, where leave only in
my.cnf wsrep_cluster_address='gcomm://';
#. start first node
#. Start third node which is connected to first one
#. Start second node which is connected to third one
#. After starting cluster, it must be change cluster address at first starting node
without restart database and change config my.cnf.
.. code-block:: bash
mysql> SET GLOBAL wsrep_cluster_address='gcomm://10.0.0.2';
Read more
=========
* https://github.com/CaptTofu/ansible-galera
* http://www.sebastien-han.fr/blog/2012/04/15/active-passive-failover-cluster-on-a-mysql-galera-cluster-with-haproxy-lsb-agent/
* http://opentodo.net/2012/12/mysql-multi-master-replication-with-galera/
* http://www.codership.com/wiki/doku.php
* http://www.sebastien-han.fr/blog/2012/04/01/mysql-multi-master-replication-with-galera/