Galera Cluster: Difference between revisions
From Lolly's Wiki
Jump to navigationJump to search
No edit summary |
|||
| Line 3: | Line 3: | ||
=Setup the Cluster= | =Setup the Cluster= | ||
==Install the packages== | |||
On each node do as root: | |||
* Add sources | |||
<source lang=bash> | |||
# cat > /etc/apt/sources.list.d/mariadb.list << EOF | |||
# MariaDB Server | |||
# To use a different major version of the server, or to pin to a specific minor version, change URI below. | |||
deb [arch=amd64] http://downloads.mariadb.com/MariaDB/mariadb-10.5/repo/ubuntu $(lsb_release -cs) main | |||
deb [arch=amd64] http://downloads.mariadb.com/MariaDB/mariadb-10.5/repo/ubuntu $(lsb_release -cs) main/debug | |||
# MariaDB MaxScale | |||
# To use the latest stable release of MaxScale, use "latest" as the version | |||
# To use the latest beta (or stable if no current beta) release of MaxScale, use "beta" as the version | |||
deb [arch=amd64] https://dlm.mariadb.com/repo/maxscale/latest/apt $(lsb_release -cs) main | |||
# MariaDB Tools | |||
deb [arch=amd64] http://downloads.mariadb.com/Tools/ubuntu $(lsb_release -cs) main | |||
EOF | |||
</source> | |||
* Install the packages | |||
<source lang=bash> | |||
# apt update | |||
# apt install mariadb-server mariadb-backup galera-4 | |||
</source> | |||
==Setup certificates for the cluster comunication== | ==Setup certificates for the cluster comunication== | ||
===Make a CA certificate=== | ===Make a CA certificate=== | ||
| Line 22: | Line 48: | ||
done | done | ||
</source> | </source> | ||
===Copy keys and certificates to the nodes=== | |||
Copy the specific keys and certs to each node: | |||
<source lang=bash> | |||
$ sudo mkdir --mode=0700 /etc/mysql/priv # put in here: maria-${node}.server.de-key.pem | |||
$ sudo mkdir --mode=0750 /etc/mysql/cert # put in here: maria-${node}.server.de-cert.pem , ca-cert.pem | |||
</source> | |||
==Configure the MariaDB Galera Cluster== | |||
=== Show wsrep_provider_options === | === Show wsrep_provider_options === | ||
Revision as of 15:51, 12 November 2021
Setup the Cluster
Install the packages
On each node do as root:
- Add sources
# cat > /etc/apt/sources.list.d/mariadb.list << EOF
# MariaDB Server
# To use a different major version of the server, or to pin to a specific minor version, change URI below.
deb [arch=amd64] http://downloads.mariadb.com/MariaDB/mariadb-10.5/repo/ubuntu $(lsb_release -cs) main
deb [arch=amd64] http://downloads.mariadb.com/MariaDB/mariadb-10.5/repo/ubuntu $(lsb_release -cs) main/debug
# MariaDB MaxScale
# To use the latest stable release of MaxScale, use "latest" as the version
# To use the latest beta (or stable if no current beta) release of MaxScale, use "beta" as the version
deb [arch=amd64] https://dlm.mariadb.com/repo/maxscale/latest/apt $(lsb_release -cs) main
# MariaDB Tools
deb [arch=amd64] http://downloads.mariadb.com/Tools/ubuntu $(lsb_release -cs) main
EOF
- Install the packages
# apt update
# apt install mariadb-server mariadb-backup galera-4
Setup certificates for the cluster comunication
Make a CA certificate
Make a CA certificate with a very long lifetime as you dont want to make normal certificate updates at this point.
$ subject='/C=DE/ST=Hamburg/L=Hamburg/O=Organisation/OU=Databases/CN=Galera Cluster'
$ openssl req -new -x509 -nodes -days 365000 -newkey rsa:4096 -sha256 -keyout ca-key.pem -out ca-cert.pem -batch -subj "${subject}"
Create a certificate for each cluster node
$ for node in {1..4}
do
emailAddress="dbadmin@server.de"
servername="maria-${node}.server.de"
subject="/C=DE/ST=Hamburg/L=Hamburg/O=Organisation/OU=Databases/CN=${servername}/emailAddress=${emailAddress}"
openssl req -newkey rsa:4096 -nodes -keyout ${servername}-key.pem -out ${servername}-req.pem -batch -subj "${subject}"
openssl x509 -req -days 365000 -set_serial $(printf "%02d" "${node}") -in ${servername}-req.pem -out ${servername}-cert.pem -CA ca-cert.pem -CAkey ca-key.pem
done
Copy keys and certificates to the nodes
Copy the specific keys and certs to each node:
$ sudo mkdir --mode=0700 /etc/mysql/priv # put in here: maria-${node}.server.de-key.pem
$ sudo mkdir --mode=0750 /etc/mysql/cert # put in here: maria-${node}.server.de-cert.pem , ca-cert.pem
Configure the MariaDB Galera Cluster
Show wsrep_provider_options
$ mariadb -NBABe 'show variables like "wsrep_provider_options"' | awk '{gsub(/$/,":\n",$1); gsub(/(;|$)/,";\n"); printf $0; }'
