From 67fee60f801f556e47a434c476b407914e92c0cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= Date: Fri, 28 Feb 2020 15:36:43 +0200 Subject: [PATCH 1/5] Fix Auth Error server status The mon_ping_or_connect_to_db resets the MYSQL handle which caused the loss of the error message. Returning a new enumeration value for authentication errors solves this problem. --- include/maxscale/monitor.h | 3 ++- server/core/monitor.cc | 27 ++++++++++--------- .../modules/monitor/mariadbmon/mariadbmon.cc | 4 +-- 3 files changed, 18 insertions(+), 16 deletions(-) diff --git a/include/maxscale/monitor.h b/include/maxscale/monitor.h index 3795e34a2..0a70391ca 100644 --- a/include/maxscale/monitor.h +++ b/include/maxscale/monitor.h @@ -179,7 +179,8 @@ typedef enum MONITOR_CONN_NEWCONN_OK, /* No existing connection or no ping reply. New connection created * successfully. */ MONITOR_CONN_REFUSED, /* No existing connection or no ping reply. Server refused new connection. */ - MONITOR_CONN_TIMEOUT /* No existing connection or no ping reply. Timeout on new connection. */ + MONITOR_CONN_TIMEOUT, /* No existing connection or no ping reply. Timeout on new connection. */ + MONITOR_CONN_ACCESS_DENIED /* Server refused new connection due to authentication failure */ } mxs_connect_result_t; /** Monitor events */ diff --git a/server/core/monitor.cc b/server/core/monitor.cc index 225072f5c..bf8b2aaa7 100644 --- a/server/core/monitor.cc +++ b/server/core/monitor.cc @@ -772,25 +772,20 @@ bool check_monitor_permissions(MXS_MONITOR* monitor, const char* query) for (MXS_MONITORED_SERVER* mondb = monitor->monitored_servers; mondb; mondb = mondb->next) { - if (!mon_connection_is_ok(mon_ping_or_connect_to_db(monitor, mondb))) + auto result = mon_ping_or_connect_to_db(monitor, mondb); + + if (!mon_connection_is_ok(result)) { MXS_ERROR("[%s] Failed to connect to server '%s' ([%s]:%d) when" - " checking monitor user credentials and permissions: %s", + " checking monitor user credentials and permissions.", monitor->name, mondb->server->name, mondb->server->address, - mondb->server->port, - mysql_error(mondb->con)); - switch (mysql_errno(mondb->con)) - { - case ER_ACCESS_DENIED_ERROR: - case ER_DBACCESS_DENIED_ERROR: - case ER_ACCESS_DENIED_NO_PASSWORD_ERROR: - break; + mondb->server->port); - default: + if (result != MONITOR_CONN_ACCESS_DENIED) + { rval = true; - break; } } else if (mxs_mysql_query(mondb->con, query) != 0) @@ -1499,7 +1494,13 @@ mxs_connect_result_t mon_ping_or_connect_to_db(MXS_MONITOR* mon, MXS_MONITORED_S } else { + auto err = mysql_errno(mysql); mysql_close(mysql); + + if (err == ER_ACCESS_DENIED_ERROR || err == ER_ACCESS_DENIED_NO_PASSWORD_ERROR) + { + conn_result = MONITOR_CONN_ACCESS_DENIED; + } } if (conn_result == MONITOR_CONN_REFUSED && (int)difftime(end, start) >= mon->connect_timeout) @@ -2844,7 +2845,7 @@ void MonitorInstanceSimple::tick() */ monitor_clear_pending_status(pMs, SERVER_DOWN_CLEAR_BITS); - if (mysql_errno(pMs->con) == ER_ACCESS_DENIED_ERROR) + if (rval == MONITOR_CONN_ACCESS_DENIED) { monitor_set_pending_status(pMs, SERVER_AUTH_ERROR); } diff --git a/server/modules/monitor/mariadbmon/mariadbmon.cc b/server/modules/monitor/mariadbmon/mariadbmon.cc index 0f00cece6..0dad79a2f 100644 --- a/server/modules/monitor/mariadbmon/mariadbmon.cc +++ b/server/modules/monitor/mariadbmon/mariadbmon.cc @@ -382,8 +382,8 @@ void MariaDBMonitor::update_server(MariaDBServer* server) // The server is not running. Clear some of the bits. User-set bits and some long-term bits // can stay. server->clear_status(SERVER_DOWN_CLEAR_BITS); - auto conn_errno = mysql_errno(conn); - if (conn_errno == ER_ACCESS_DENIED_ERROR || conn_errno == ER_ACCESS_DENIED_NO_PASSWORD_ERROR) + + if (conn_status == MONITOR_CONN_ACCESS_DENIED) { server->set_status(SERVER_AUTH_ERROR); } From 207882defb569cc5819479d8ab523288954f8d8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= Date: Mon, 2 Mar 2020 10:14:18 +0200 Subject: [PATCH 2/5] MXS-2277: Document script limitations The script should not interact with the administrative interfaces of MaxScale. --- Documentation/Monitors/Monitor-Common.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Documentation/Monitors/Monitor-Common.md b/Documentation/Monitors/Monitor-Common.md index fb95ccfb8..a4371025a 100644 --- a/Documentation/Monitors/Monitor-Common.md +++ b/Documentation/Monitors/Monitor-Common.md @@ -229,6 +229,13 @@ the message will be logged on the notice level. Whitespace before, after or between the keyword and the colon is ignored and the matching is case-insensitive. +Currently, the script must not execute any of the following MaxCtrl and/or +MaxAdmin calls as they cause a deadlock: + +* `alter monitor` to the monitor executing the script +* `stop monitor` to the monitor executing the script +* `call command` to a MariaDB-Monitor that is executing the script + ### `script_timeout` The timeout for the executed script in seconds. The default value is 90 From b7d0be97ab6ad532ce0038ab010521dcee307757 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= Date: Mon, 2 Mar 2020 10:24:05 +0200 Subject: [PATCH 3/5] MXS-2211: Auto-generate TOC The link no longer works as the section has been removed. Auto-generating the TOC solves this. --- Documentation/Reference/MaxAdmin.md | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/Documentation/Reference/MaxAdmin.md b/Documentation/Reference/MaxAdmin.md index 08a49a947..0d4175731 100644 --- a/Documentation/Reference/MaxAdmin.md +++ b/Documentation/Reference/MaxAdmin.md @@ -4,24 +4,7 @@ # The Maxscale Administrative & Monitoring Client Application - - [Overview](#overview) - - [Configuring MariaDB MaxScale for MaxAdmin](#configuring-mariadb-maxscale-for-maxadmin) - - [Running MaxAdmin](#running-maxadmin) - - [Working With Administration Interface Users](#working-with-administration-interface-users) - - [Getting Help](#getting-help) - - [Working with Services](#working-with-services) - - [Working with Servers](#working-with-servers) - - [Working with Sessions](#working-with-sessions) - - [Descriptor Control Blocks](#descriptor-control-blocks) - - [Working with Filters](#working-with-filters) - - [Working with Monitors](#working-with-monitors) - - [MariaDB MaxScale Status Commands](#maxscale-status-commands) - - [Administration Commands](#administration-commands) - - [Runtime Configuration Changes](#runtime-configuration-changes) - - [Servers](#servers) - - [Listeners](#listeners) - - [Monitors](#monitors) - - [Tuning MariaDB MaxScale](#tuning-mariadb-maxscale) +[TOC] # Overview From e2e220de661c45b65d37796f356097bdbfaf45e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= Date: Mon, 2 Mar 2020 10:47:58 +0200 Subject: [PATCH 4/5] MXS-2726: Document ccrfilter default behavior Added an explicit mention of the way the filter works. --- Documentation/Filters/CCRFilter.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Documentation/Filters/CCRFilter.md b/Documentation/Filters/CCRFilter.md index a8ba14152..adde049bf 100644 --- a/Documentation/Filters/CCRFilter.md +++ b/Documentation/Filters/CCRFilter.md @@ -8,9 +8,10 @@ The Consistent Critical Read (CCR) filter allows consistent critical reads to be done through MaxScale while still allowing scaleout of non-critical reads. When the filter detects a statement that would modify the database, it attaches -a routing hint to all following statements. This routing hint guides the routing -module to route the statement to the master server where data is guaranteed to -be in an up-to-date state. +a routing hint to all following statements done by that connection. This routing +hint guides the routing module to route the statement to the master server where +data is guaranteed to be in an up-to-date state. Writes from one session do not, +by default, propagate to other sessions. ### Controlling the Filter with SQL Comments From b23edeb111990c56d7cf95f58db27a9838474624 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= Date: Mon, 2 Mar 2020 10:04:21 +0200 Subject: [PATCH 5/5] MXS-2832: Document failover timing estimates The worst-case time it takes for failover to start is now documented. --- Documentation/Monitors/MariaDB-Monitor.md | 49 +++++------------------ 1 file changed, 9 insertions(+), 40 deletions(-) diff --git a/Documentation/Monitors/MariaDB-Monitor.md b/Documentation/Monitors/MariaDB-Monitor.md index aa86d1cd4..af885a9d0 100644 --- a/Documentation/Monitors/MariaDB-Monitor.md +++ b/Documentation/Monitors/MariaDB-Monitor.md @@ -1,45 +1,6 @@ # MariaDB Monitor -Table of Contents -================= - - * [Overview](#overview) - * [Master selection](#master-selection) - * [Configuration](#configuration) - * [Common Monitor Parameters](#common-monitor-parameters) - * [MariaDB Monitor optional parameters](#mariadb-monitor-optional-parameters) - * [assume_unique_hostnames](#assume_unique_hostnames) - * [detect_replication_lag](#detect_replication_lag) - * [detect_stale_master](#detect_stale_master) - * [detect_stale_slave](#detect_stale_slave) - * [mysql51_replication](#mysql51_replication) - * [multimaster](#multimaster) - * [ignore_external_masters](#ignore_external_masters) - * [detect_standalone_master](#detect_standalone_master) - * [failcount](#failcount) - * [allow_cluster_recovery](#allow_cluster_recovery) - * [enforce_read_only_slaves](#enforce_read_only_slaves) - * [maintenance_on_low_disk_space](#maintenance_on_low_disk_space) - * [Cluster manipulation operations](#cluster-manipulation-operations) - * [Operation details](#operation-details) - * [Manual activation](#manual-activation) - * [Automatic activation](#automatic-activation) - * [Limitations and requirements](#limitations-and-requirements) - * [External master support](#external-master-support) - * [Configuration parameters](#configuration-parameters) - * [auto_failover](#auto_failover) - * [auto_rejoin](#auto_rejoin) - * [switchover_on_low_disk_space](#switchover_on_low_disk_space) - * [replication_user and replication_password](#replication_user-and-replication_password) - * [failover_timeout and switchover_timeout](#failover_timeout-and-switchover_timeout) - * [verify_master_failure and master_failure_timeout](#verify_master_failure-and-master_failure_timeout) - * [servers_no_promotion](#servers_no_promotion) - * [promotion_sql_file and demotion_sql_file](#promotion_sql_file-and-demotion_sql_file) - * [handle_events](#handle_events) - * [Troubleshooting](#troubleshooting) - * [Failover/switchover fails](#failoverswitchover-fails) - * [Slave detection shows external masters](#slave-detection-shows-external-masters) - * [Using the MariaDB Monitor With Binlogrouter](#using-the-mariadb-monitor-with-binlogrouter) +[TOC] ## Overview @@ -257,6 +218,14 @@ multiple valid master servers in the cluster. The default value is 5 failures. +The worst-case delay between the master failure and the start of the failover +can be calculated by summing up the timeout values and `monitor_interval` and +multiplying that by `failcount`: + +``` +(monitor_interval + backend_connect_timeout) * failcount +``` + ### `allow_cluster_recovery` Deprecated and unused as of MaxScale 2.3. Can be defined but is ignored.