MySQL主从replication半同步设置及支持基于ssl复制配置
MySQL主从replication半同步设置及支持基于ssl复制配置
一、mysql的主从复制过程:
master中的dump进程将二进制文件读出,具有此服务器中replication client 和replication slave权限的从服务器的I/O 线程
读入主服务器的二进制文件并记录到relay-log中,从服务器的sql线程按照my.cnf中定义的规则,去读取relay-log,并更新到数据库中
由上述过程可知,master维护bin-log ,slave维护relay-log 从而实现主从复制
主从实现:
主服务器中的配置 (172.16.21.1)
#vim my.cnf
[mysqld]
server-id=1
sync_binlog=1 //当执行事务时,将产生的数据和DDL立即同步到binlog中
innodb_flush_logs_at_trx_commit=1
#service mysqld restart
登录数据库并添加用户,此用户具有replication client 和replication slave 的权限
mysql>grant replication client,replication slave on *.* to repl@'172.16.%.%' identifided by '123456';
mysql>show grants for repl@'172.16.%.%';
mysql> show master status;
+------------------+----------+--------------+------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+------------------+----------+--------------+------------------+
| mysql-bin.000001 | 11404543 | | |
+------------------+----------+--------------+------------------+
从服务器中的配置 (172.16.21.2)
vim my.cnf
[mysqld]
server-id=11
skip_slave_start=1
read_only=1
#bin-log=mysql-bin
relay-log=relay-bin
relay-log-index=relay-bin.index
登录数据库,将主服务器指向172.16.21.1 用户是repl 密码为123456 与上面的主服务器设置相对应
mysql>change master to master_user='repl',master_host='172.16.21.1',master_bin_log='mysql-bin.000001';
mysql>start slave;
mysql> show slave status\G
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_Host: 172.16.21.1
Master_User: repl
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.000001
Read_Master_Log_Pos: 11404543
Relay_Log_File: relay-bin.000002
Relay_Log_Pos: 11404689
Relay_Master_Log_File: mysql-bin.000001
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
Replicate_Do_DB:
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
Last_Errno: 0
Last_Error:
Skip_Counter: 0
Exec_Master_Log_Pos: 11404543
Relay_Log_Space: 11404839
Until_Condition: None
Until_Log_File:
Until_Log_Pos: 0
Master_SSL_Allowed: No
Master_SSL_CA_File:
Master_SSL_CA_Path:
Master_SSL_Cert:
Master_SSL_Cipher:
Master_SSL_Key:
Seconds_Behind_Master: 0
Master_SSL_Verify_Server_Cert: No
Last_IO_Errno: 0
Last_IO_Error:
Last_SQL_Errno: 0
Last_SQL_Error:
Replicate_Ignore_Server_Ids:
Master_Server_Id: 1
1 row in set (0.00 sec)
如果主从服务器都是第一次搭建,且没有数据存入时,在开启slave出错时的解决方法:
在主服务器中的数据库执行
mysql>flush master; //滚动二进制日志
在从服务器中执行
mysql>flush slave; //滚动中继日志
二、主主复制:
主1:(172.16.21.2)
如果是第一次开启:
开启二进制日志 和中继日志功能
[mysqld]
server-id=1
log-bin=mysql-bin
relay-log=relay-bin
relay-log-index=realy-bin.index
>grant replication client,replication slave on *.* to repl@'172.16.%.%'
>change MASTER TO MASTER_HOST='172.16.21.1',MASTER_USER='repl',MASTER_PASSWORD='123456'
MASTER_LOG_FILE='mysql-bin.000003', MASTER_LOG_POS=811 //这里的MASTER_LOG_FILE 和MASTER_LOG_POS是主服务器的
show master status;信息
>start slave;
>show slave status;
主2:(172.16.21.1)
如果是第一次开启:
开启二进制日志 和中继日志功能
[mysqld]
server-id=1
log-bin=mysql-bin
relay-log=relay-bin
relay-log-index=relay-bin.index
>grant replication client,replication slave on *.* to repl@'172.16.%.%'
>change MASTER TO MASTER_HOST='172.16.21.2',MASTER_USER='repl',MASTER_PASSWORD='123456'
MASTER_LOG_FILE='mysql-bin.000003', MASTER_LOG_POS=811 //这里的MASTER_LOG_FILE 和MASTER_LOG_POS是主服务器的
show master status;信息
>start slave;
>show slave status;
三、设置半同步:
mysql的主从复制是基于异步实现的,可以通过在master端安装 semisync_master.so 插件
在slave端安装 semisync_slave.so 插件来实现半同步,这里所谓的半同步是当一主多从时,
主给一个从实现同步,当此过程超过时间限定后(通过rpl_semi_sync_master_timeout 来设置),
则降级为异步。
设置方法:
主服务器(172.16.21.1)
mysql> INSTALL PLUGIN rpl_semi_sync_master SONAME 'semisync_master.so';
mysql> SET GLOBAL rpl_semi_sync_master_enabled = 1;
mysql> SET GLOBAL rpl_semi_sync_master_timeout = 1000;
从服务器(172.16.21.2)
mysql> INSTALL PLUGIN rpl_semi_sync_slave SONAME 'semisync_slave.so';
mysql> SET GLOBAL rpl_semi_sync_slave_enabled = 1;
mysql> STOP SLAVE IO_THREAD; START SLAVE IO_THREAD;
// 重启从服务器的IO线程 以实现插件功能
查看从服务器是否开启semi_sync
mysql> show global status like 'rpl_semi%';
+----------------------------+-------+
| Variable_name | Value |
+----------------------------+-------+
| Rpl_semi_sync_slave_status | ON |
+----------------------------+-------+
1 row in set (0.04 sec)
查看主服务器是否开启semi_sync
mysql> show global status like 'rpl_semi%';
+--------------------------------------------+-------+
| Variable_name | Value |
+--------------------------------------------+-------+
| Rpl_semi_sync_master_clients | 1 |
| Rpl_semi_sync_master_net_avg_wait_time | 0 |
| Rpl_semi_sync_master_net_wait_time | 0 |
| Rpl_semi_sync_master_net_waits | 0 |
| Rpl_semi_sync_master_no_times | 0 |
| Rpl_semi_sync_master_no_tx | 0 |
| Rpl_semi_sync_master_status | ON |
| Rpl_semi_sync_master_timefunc_failures | 0 |
| Rpl_semi_sync_master_tx_avg_wait_time | 0 |
| Rpl_semi_sync_master_tx_wait_time | 0 |
| Rpl_semi_sync_master_tx_waits | 0 |
| Rpl_semi_sync_master_wait_pos_backtraverse | 0 |
| Rpl_semi_sync_master_wait_sessions | 0 |
| Rpl_semi_sync_master_yes_tx | 0 |
+--------------------------------------------+-------+
14 rows in set (0.01 sec)
上述命令中的set后的参数可以写在各自服务器中的my.cnf [mysqld] 下,以实现永久生效
取消加载插件 可使用命令;
mysql> UNINSTALL PLUGIN rpl_semi_sync_master;
四、基于ssl的主从复制
主从复制是数据在网络中是明文传输 所以设置主从服务基于ssl的复制就显得必要 这里有官方文档,也可使用下列相关配置
官方文档地址: http://dev.mysql.com/doc/refman/5.1/en/replication-solutions-ssl.html
以下配置需要在主从复制建立的基础上进行,所以只添加ssl的配置选项,其他选项可参照主从复制配置
首先分别为主从申请证书(证书申请相关步骤略过)
master(172.16.21.1):
CA证书:/etc/pki/CA/cacert.pem
私钥:/usr/local/mysql/ssl/master.key
服务器证书:/usr/local/mysql/ssl/master.crt
vim my.cnf
[mysqld]
ssl-ca=/etc/pki/CA/cacert.pem
ssl-cert=/usr/local/mysql/ssl/master.crt
ssl-key=/usr/local/mysql/ssl/master.key
#serivce mysqld restart
slave (172.16.21.2):
CA证书:/etc/pki/CA/cacert.pem
私钥:/usr/local/mysql/ssl/slave.key
服务器证书:/usr/local/mysql/ssl/slave.crt
vim my.cnf
[client]
ssl-ca=/etc/pki/CA/cacert.pem
ssl-cert=/usr/local/mysql/ssl/slave.crt
ssl-key=/usr/local/mysql/ssl/slave.key
service mysqld restart //因为要更改master的相关选项,所以重启mysql不需要立即启动slave,可以在配置文件中定义skip_slave_start=1来实现之
登录从服务器mysql 更改master的相关选项,以实现ssl功能
mysql> CHANGE MASTER TO
-> MASTER_HOST='172.16.21.1',
-> MASTER_USER='repl',
-> MASTER_PASSWORD='123456',
-> MASTER_SSL=1,
-> MASTER_SSL_CA = '/etc/pki/CA/cacert.pem',
-> MASTER_SSL_CAPATH = '/etc/pki/CA',
-> MASTER_SSL_CERT = '/usr/local/mysql/ssl/master.crt',
-> MASTER_SSL_KEY = '/usr/local/mysql/ssl/master.key';
mysql>start slave;
mysql>show slave status;
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
Master_SSL_Allowed: Yes
Master_SSL_CA_File: /etc/pki/CA/cacert.pem
Master_SSL_CA_Path: /etc/pki/CA
Master_SSL_Cert: /usr/local/mysql/ssl/slave.crt
Master_SSL_Cipher:
Master_SSL_Key: /usr/local/mysql/slave.key
至此基于ssl功能实现
评论暂时关闭