refine ssl feature of mydumper

[IANTHEREAL]

Feature Request

Is your feature request related to a problem? Please describe:

The provided mydumper from the TiDB enterprise toolset downloadable tarball is probably statically linked with MySQL 5.7 which is using YaSSL and makes it very slow on SSL/TLS enabled MySQL servers

Describe alternatives you've considered:

suggest to build/link mydumper with MySQL 8, which uses openssl instead Or add a flag to disable ssl in mydumper.

[dveeden]

The --ssl flag can be used to enable TLS on 5.6 and earlier where TLS is disabled by default. For 5.7 and newer a --no-ssl flag would be useful to be able to use TLS. The best solution is to have OpenSSL instead of YaSSL.

[kennytm]

The builder simply uses the recommended cmake . && make, which will link with whatever MySQL library is installed in the system. We just need to upgrade the Jenkins container to use the MySQL 8.0 library.

To make it work on the existing centos7_mydumper image:

1. Upgrade the MySQL library from 5.7 to 8.0

   curl -L -O https://dev.mysql.com/get/mysql80-community-release-el7-2.noarch.rpm
   rpm -i mysql80-community-release-el7-2.noarch.rpm
   yum install mysql-community-devel
   mv /usr/lib64/mysql/libmysqlclient.so /usr/lib64/mysql/libmysqlclient.so~

2. Recompile a static OpenSSL to avoid pulling in libkrb5

   curl -L -O https://www.openssl.org/source/openssl-1.0.2q.tar.gz
   tar xf openssl-1.0.2q.tar.gz
   cd openssl-1.0.2q
   ./config no-shared no-krb5
   make

3. Install libstdc++ 4.9 or above (CentOS 7 provided 4.8.5 which is too old for linking with MySQL 8.0)

4. Replace the existing libstdc++.a, libssl.a and libcrypto.a with those updated copies

Download the mydumper.tar.gz rebuilt using these libraries.

[dveeden]

@kennytm are we still providing MyDumper in addition to Dumpling?