Galera Cluster
Setup the Cluster
Install the packages
On each node do as root:
- Add sources
<syntaxhighlight lang=bash>
- cat > /etc/apt/sources.list.d/mariadb.list << EOF
- MariaDB Server
- To use a different major version of the server, or to pin to a specific minor version, change URI below.
deb [arch=amd64] http://downloads.mariadb.com/MariaDB/mariadb-10.5/repo/ubuntu $(lsb_release -cs) main
deb [arch=amd64] http://downloads.mariadb.com/MariaDB/mariadb-10.5/repo/ubuntu $(lsb_release -cs) main/debug
- MariaDB MaxScale
- To use the latest stable release of MaxScale, use "latest" as the version
- To use the latest beta (or stable if no current beta) release of MaxScale, use "beta" as the version
deb [arch=amd64] https://dlm.mariadb.com/repo/maxscale/latest/apt $(lsb_release -cs) main
- MariaDB Tools
deb [arch=amd64] http://downloads.mariadb.com/Tools/ubuntu $(lsb_release -cs) main EOF </source>
- Install the packages
<syntaxhighlight lang=bash>
- apt update
- apt install mariadb-server mariadb-backup galera-4
</source>
Setup certificates for the cluster comunication
Make a CA certificate
Make a CA certificate with a very long lifetime as you dont want to make normal certificate updates at this point. <syntaxhighlight lang=bash> $ subject='/C=DE/ST=Hamburg/L=Hamburg/O=Organisation/OU=Databases/CN=Galera Cluster' $ openssl req -new -x509 -nodes -days 365000 -newkey rsa:4096 -sha256 -keyout ca-key.pem -out ca-cert.pem -batch -subj "${subject}" </source>
Create a certificate for each cluster node
<syntaxhighlight lang=bash> $ for node in {1..4} do
emailAddress="dbadmin@server.de"
servername="maria-${node}.server.de"
subject="/C=DE/ST=Hamburg/L=Hamburg/O=Organisation/OU=Databases/CN=${servername}/emailAddress=${emailAddress}"
openssl req -newkey rsa:4096 -nodes -keyout ${servername}-key.pem -out ${servername}-req.pem -batch -subj "${subject}"
openssl x509 -req -days 365000 -set_serial $(printf "%02d" "${node}") -in ${servername}-req.pem -out ${servername}-cert.pem -CA ca-cert.pem -CAkey ca-key.pem
done </source>
Copy keys and certificates to the nodes
Copy the specific keys and certs to each node: <syntaxhighlight lang=bash> $ sudo mkdir --mode=0700 /etc/mysql/priv # put in here: maria-${node}.server.de-key.pem $ sudo mkdir --mode=0750 /etc/mysql/cert # put in here: maria-${node}.server.de-cert.pem , ca-cert.pem </source>
Configure the MariaDB Galera Cluster
Create a mariabackup user on each node
<syntaxhighlight lang=bash>
- mariadb
MariaDB [(none)]> grant reload, process, lock tables, replication client on *.* to 'mariabackup'@'localhost' identified by 'the_very_secret_mariabackup_password'; MariaDB [(none)]> grant reload, process, lock tables, binlog monitor on *.* to 'mariabackup'@'maria-1.server.de' identified by 'the_very_secret_mariabackup_password'; MariaDB [(none)]> grant reload, process, lock tables, binlog monitor on *.* to 'mariabackup'@'maria-2.server.de' identified by 'the_very_secret_mariabackup_password'; MariaDB [(none)]> grant reload, process, lock tables, binlog monitor on *.* to 'mariabackup'@'maria-3.server.de' identified by 'the_very_secret_mariabackup_password'; MariaDB [(none)]> grant reload, process, lock tables, binlog monitor on *.* to 'mariabackup'@'maria-4.server.de' identified by 'the_very_secret_mariabackup_password'; MariaDB [(none)]> flush privileges; MariaDB [(none)]> </source>
Galera settings
/etc/mysql/mariadb.conf.d/zz-galera.cnf <syntaxhighlight lang=ini> [galera]
- Cluster Configuration
wsrep_provider = /usr/lib/galera/libgalera_smm.so
- gcomm://{ comma seperated list of all cluster node IPs }
wsrep_cluster_address = gcomm://10.33.6.1,10.33.6.2,10.33.6.3,10.33.6.4 wsrep_cluster_name = MariaDB Galera Cluster wsrep_on = ON
- Snapshot state transfer (SST): copy entire database, when new node joins
wsrep_sst_method = mariabackup
- set the the_very_secret_mariabackup_password to your real mariabackup password
wsrep_sst_auth = mariabackup:the_very_secret_mariabackup_password
[mariadb] binlog_format = ROW innodb_autoinc_lock_mode = 2 </source>
Get knowledge about your Cluster
Show wsrep_provider_options
<syntaxhighlight lang=bash> $ mariadb -NBABe 'show variables like "wsrep_provider_options"' | awk '{gsub(/$/,":\n",$1); gsub(/(;|$)/,";\n"); printf $0; }' </source>
