Saltstack Official Galera Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

README.rst 8.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304
  1. =====
  2. Usage
  3. =====
  4. Galera Cluster for MySQL or Mariadb is a true Multimaster Cluster based on synchronous
  5. replication. Galera Cluster is an easy-to-use, high-availability solution,
  6. which provides high system uptime, no data loss and scalability for future
  7. growth.
  8. Sample pillars
  9. ==============
  10. Galera cluster master node
  11. .. code-block:: yaml
  12. galera:
  13. version:
  14. mysql: 5.6
  15. galera: 3
  16. engine: mysql or mariadb
  17. master:
  18. enabled: true
  19. name: openstack
  20. bind:
  21. address: 192.168.0.1
  22. port: 3306
  23. members:
  24. - host: 192.168.0.1
  25. port: 4567
  26. - host: 192.168.0.2
  27. port: 4567
  28. admin:
  29. user: root
  30. password: pass
  31. database:
  32. name:
  33. encoding: 'utf8'
  34. users:
  35. - name: 'username'
  36. password: 'password'
  37. host: 'localhost'
  38. rights: 'all privileges'
  39. database: '*.*'
  40. Galera cluster slave node
  41. .. code-block:: yaml
  42. galera:
  43. slave:
  44. enabled: true
  45. name: openstack
  46. bind:
  47. address: 192.168.0.2
  48. port: 3306
  49. members:
  50. - host: 192.168.0.1
  51. port: 4567
  52. - host: 192.168.0.2
  53. port: 4567
  54. admin:
  55. user: root
  56. password: pass
  57. Enable TLS support:
  58. .. code-block:: yaml
  59. galera:
  60. slave or master:
  61. ssl:
  62. enabled: True
  63. ciphers:
  64. DHE-RSA-AES128-SHA:
  65. enabled: True
  66. DHE-RSA-AES256-SHA:
  67. enabled: True
  68. EDH-RSA-DES-CBC3-SHA:
  69. name: EDH-RSA-DES-CBC3-SHA
  70. enabled: True
  71. AES128-SHA:AES256-SHA:
  72. name: AES128-SHA:AES256-SHA
  73. enabled: True
  74. DES-CBC3-SHA:
  75. enabled: True
  76. # path
  77. cert_file: /etc/mysql/ssl/cert.pem
  78. key_file: /etc/mysql/ssl/key.pem
  79. ca_file: /etc/mysql/ssl/ca.pem
  80. # content (not required if files already exists)
  81. key: << body of key >>
  82. cert: << body of cert >>
  83. cacert_chain: << body of ca certs chain >>
  84. Additional mysql users:
  85. .. code-block:: yaml
  86. mysql:
  87. server:
  88. users:
  89. - name: clustercheck
  90. password: clustercheck
  91. database: '*.*'
  92. grants: PROCESS
  93. - name: inspector
  94. host: 127.0.0.1
  95. password: password
  96. databases:
  97. mydb:
  98. - database: mydb
  99. - table: mytable
  100. - grant_option: True
  101. - grants:
  102. - all privileges
  103. Additional mysql SSL grants:
  104. .. code-block:: yaml
  105. mysql:
  106. server:
  107. users:
  108. - name: clustercheck
  109. password: clustercheck
  110. database: '*.*'
  111. grants: PROCESS
  112. ssl_option:
  113. - SSL: True
  114. - X509: True
  115. - SUBJECT: <subject>
  116. - ISSUER: <issuer>
  117. - CIPHER: <cipher>
  118. Additional check params:
  119. ========================
  120. .. code-block:: yaml
  121. galera:
  122. clustercheck:
  123. - enabled: True
  124. - user: clustercheck
  125. - password: clustercheck
  126. - available_when_donor: 0
  127. - available_when_readonly: 1
  128. - port 9200
  129. Configurable soft parameters
  130. ============================
  131. - ``galera_innodb_buffer_pool_size``
  132. Default is ``3138M``
  133. - ``galera_max_connections``
  134. Default is ``20000``
  135. - ``galera_innodb_read_io_threads``
  136. Default is ``8``
  137. - ``galera_innodb_write_io_threads``
  138. Default is ``8``
  139. - ``galera_wsrep_slave_threads``
  140. Default is ``8``
  141. - ``galera_xtrabackup_parallel``
  142. Default is 4
  143. - ``galera_error_log_enabled``
  144. Default is ``true``
  145. - ``galera_error_log_path``
  146. Default is ``/var/log/mysql/error.log``
  147. Usage:
  148. .. code-block:: yaml
  149. _param:
  150. galera_innodb_buffer_pool_size: 1024M
  151. galera_max_connections: 200
  152. galera_innodb_read_io_threads: 16
  153. galera_innodb_write_io_threads: 16
  154. galera_wsrep_slave_threads: 8
  155. galera_xtrabackup_parallel: 2
  156. galera_error_log_enabled: true
  157. galera_error_log_path: /var/log/mysql/error.log
  158. Usage
  159. =====
  160. MySQL/Mariadb Galera check sripts
  161. .. code-block:: bash
  162. mysql> SHOW STATUS LIKE 'wsrep%';
  163. mysql> SHOW STATUS LIKE 'wsrep_cluster_size' ;"
  164. Galera monitoring command, performed from extra server
  165. .. code-block:: bash
  166. garbd -a gcomm://ipaddrofone:4567 -g my_wsrep_cluster -l /tmp/1.out -d
  167. #. salt-call state.sls mysql
  168. #. Comment everything starting wsrep* (wsrep_provider, wsrep_cluster, wsrep_sst)
  169. #. service mysql start
  170. #. run on each node mysql_secure_install and filling root password.
  171. .. code-block:: bash
  172. Enter current password for root (enter for none):
  173. OK, successfully used password, moving on...
  174. Setting the root password ensures that nobody can log into the MySQL
  175. root user without the proper authorisation.
  176. Set root password? [Y/n] y
  177. New password:
  178. Re-enter new password:
  179. Password updated successfully!
  180. Reloading privilege tables..
  181. ... Success!
  182. By default, a MySQL installation has an anonymous user, allowing anyone
  183. to log into MySQL without having to have a user account created for
  184. them. This is intended only for testing, and to make the installation
  185. go a bit smoother. You should remove them before moving into a
  186. production environment.
  187. Remove anonymous users? [Y/n] y
  188. ... Success!
  189. Normally, root should only be allowed to connect from 'localhost'. This
  190. ensures that someone cannot guess at the root password from the network.
  191. Disallow root login remotely? [Y/n] n
  192. ... skipping.
  193. By default, MySQL comes with a database named 'test' that anyone can
  194. access. This is also intended only for testing, and should be removed
  195. before moving into a production environment.
  196. Remove test database and access to it? [Y/n] y
  197. - Dropping test database...
  198. ... Success!
  199. - Removing privileges on test database...
  200. ... Success!
  201. Reloading the privilege tables will ensure that all changes made so far
  202. will take effect immediately.
  203. Reload privilege tables now? [Y/n] y
  204. ... Success!
  205. Cleaning up...
  206. #. service mysql stop
  207. #. uncomment all wsrep* lines except first server, where leave only in
  208. my.cnf wsrep_cluster_address='gcomm://';
  209. #. start first node
  210. #. Start third node which is connected to first one
  211. #. Start second node which is connected to third one
  212. #. After starting cluster, it must be change cluster address at first starting node
  213. without restart database and change config my.cnf.
  214. .. code-block:: bash
  215. mysql> SET GLOBAL wsrep_cluster_address='gcomm://10.0.0.2';
  216. Read more
  217. =========
  218. * https://github.com/CaptTofu/ansible-galera
  219. * http://www.sebastien-han.fr/blog/2012/04/15/active-passive-failover-cluster-on-a-mysql-galera-cluster-with-haproxy-lsb-agent/
  220. * http://opentodo.net/2012/12/mysql-multi-master-replication-with-galera/
  221. * http://www.codership.com/wiki/doku.php
  222. * http://www.sebastien-han.fr/blog/2012/04/01/mysql-multi-master-replication-with-galera/
  223. Documentation and bugs
  224. ======================
  225. * http://salt-formulas.readthedocs.io/
  226. Learn how to install and update salt-formulas
  227. * https://github.com/salt-formulas/salt-formula-galera/issues
  228. In the unfortunate event that bugs are discovered, report the issue to the
  229. appropriate issue tracker. Use the Github issue tracker for a specific salt
  230. formula
  231. * https://launchpad.net/salt-formulas
  232. For feature requests, bug reports, or blueprints affecting the entire
  233. ecosystem, use the Launchpad salt-formulas project
  234. * https://launchpad.net/~salt-formulas-users
  235. Join the salt-formulas-users team and subscribe to mailing list if required
  236. * https://github.com/salt-formulas/salt-formula-galera
  237. Develop the salt-formulas projects in the master branch and then submit pull
  238. requests against a specific formula
  239. * #salt-formulas @ irc.freenode.net
  240. Use this IRC channel in case of any questions or feedback which is always
  241. welcome