Galera Cluster for MySQL or Mariadb is a true Multimaster Cluster based on synchronous replication. Galera Cluster is an easy-to-use, high-availability solution, which provides high system uptime, no data loss and scalability for future growth.
Galera cluster master node
.. code-block:: yaml
galera:
version:
mysql: 5.6
galera: 3
engine: mysql or mariadb
master:
enabled: true
name: openstack
bind:
address: 192.168.0.1
port: 3306
members:
- host: 192.168.0.1
port: 4567
- host: 192.168.0.2
port: 4567
admin:
user: root
password: pass
database:
name:
encoding: 'utf8'
users:
- name: 'username'
password: 'password'
host: 'localhost'
rights: 'all privileges'
database: '*.*'
Galera cluster slave node
.. code-block:: yaml
galera:
slave:
enabled: true
name: openstack
bind:
address: 192.168.0.2
port: 3306
members:
- host: 192.168.0.1
port: 4567
- host: 192.168.0.2
port: 4567
admin:
user: root
password: pass
Enable TLS support:
.. code-block:: yaml
galera:
slave or master:
ssl:
enabled: True
ciphers:
DHE-RSA-AES128-SHA:
enabled: True
DHE-RSA-AES256-SHA:
enabled: True
EDH-RSA-DES-CBC3-SHA:
name: EDH-RSA-DES-CBC3-SHA
enabled: True
AES128-SHA:AES256-SHA:
name: AES128-SHA:AES256-SHA
enabled: True
DES-CBC3-SHA:
enabled: True
# path
cert_file: /etc/mysql/ssl/cert.pem
key_file: /etc/mysql/ssl/key.pem
ca_file: /etc/mysql/ssl/ca.pem
# content (not required if files already exists)
key: << body of key >>
cert: << body of cert >>
cacert_chain: << body of ca certs chain >>
Additional mysql users:
.. code-block:: yaml
mysql:
server:
users:
- name: clustercheck
password: clustercheck
database: '*.*'
grants: PROCESS
- name: inspector
host: 127.0.0.1
password: password
databases:
mydb:
- database: mydb
- table: mytable
- grant_option: True
- grants:
- all privileges
Additional mysql SSL grants:
.. code-block:: yaml
mysql:
server:
users:
- name: clustercheck
password: clustercheck
database: '*.*'
grants: PROCESS
ssl_option:
- SSL: True
- X509: True
- SUBJECT: <subject>
- ISSUER: <issuer>
- CIPHER: <cipher>
.. code-block:: yaml
galera:
clustercheck:
- enabled: True
- user: clustercheck
- password: clustercheck
- available_when_donor: 0
- available_when_readonly: 1
- port 9200
galera_innodb_buffer_pool_size
Default is 3138M
galera_max_connections
Default is 20000
galera_innodb_read_io_threads
Default is 8
galera_innodb_write_io_threads
Default is 8
galera_wsrep_slave_threads
Default is 8
galera_xtrabackup_parallel
Default is 4galera_error_log_enabled
Default is true
galera_error_log_path
Default is /var/log/mysql/error.log
Usage:
.. code-block:: yaml
_param:
galera_innodb_buffer_pool_size: 1024M
galera_max_connections: 200
galera_innodb_read_io_threads: 16
galera_innodb_write_io_threads: 16
galera_wsrep_slave_threads: 8
galera_xtrabackup_parallel: 2
galera_error_log_enabled: true
galera_error_log_path: /var/log/mysql/error.log
MySQL/Mariadb Galera check sripts
.. code-block:: bash
mysql> SHOW STATUS LIKE 'wsrep%';
mysql> SHOW STATUS LIKE 'wsrep_cluster_size' ;"
Galera monitoring command, performed from extra server
.. code-block:: bash
garbd -a gcomm://ipaddrofone:4567 -g my_wsrep_cluster -l /tmp/1.out -d
.. code-block:: bash
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n
... skipping.
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
my.cnf wsrep_cluster_address='gcomm://';
without restart database and change config my.cnf.
.. code-block:: bash
mysql> SET GLOBAL wsrep_cluster_address='gcomm://10.0.0.2';
http://salt-formulas.readthedocs.io/ Learn how to install and update salt-formulas
https://github.com/salt-formulas/salt-formula-galera/issues In the unfortunate event that bugs are discovered, report the issue to the appropriate issue tracker. Use the Github issue tracker for a specific salt formula
https://launchpad.net/salt-formulas For feature requests, bug reports, or blueprints affecting the entire ecosystem, use the Launchpad salt-formulas project
https://launchpad.net/~salt-formulas-users Join the salt-formulas-users team and subscribe to mailing list if required
https://github.com/salt-formulas/salt-formula-galera Develop the salt-formulas projects in the master branch and then submit pull requests against a specific formula
Use this IRC channel in case of any questions or feedback which is always welcome