Merge branch '2.2' into develop

2018-03-12 14:38:37 +02:00
parent 6a8effaea1 aea9c36498
commit 69383c0943
14 changed files with 267 additions and 112 deletions
--- a/Documentation/Documentation-Contents.md
+++ b/Documentation/Documentation-Contents.md
@ -36,7 +36,7 @@ These tutorials are for specific use cases and module combinations.

 - [Administration Tutorial](Tutorials/Administration-Tutorial.md)
 - [Avro Router Tutorial](Tutorials/Avrorouter-Tutorial.md)
- - [Failover with Keepalived](Tutorials/Failover-with-Keepalived.md)
+ - [MaxScale Failover with Keepalived and MaxCtrl](Tutorials/MaxScale-Failover-with-Keepalived-and-MaxCtrl.md)
 - [Filter Tutorial](Tutorials/Filter-Tutorial.md)
 - [Galera Cluster Connection Routing Tutorial](Tutorials/Galera-Cluster-Connection-Routing-Tutorial.md)
 - [Galera Gluster Read Write Splitting Tutorial](Tutorials/Galera-Cluster-Read-Write-Splitting-Tutorial.md)
--- a/Documentation/Getting-Started/Configuration-Guide.md
+++ b/Documentation/Getting-Started/Configuration-Guide.md
@ -21,6 +21,7 @@ plugin modules that tailor the behavior of the program.
 * [Diagnostic Modules](#diagnostic-modules)
 * [Monitor Modules](#monitor-modules)
 * [Filter Modules](#filter-modules)
+* [Encrypting Passwords](#encrypting-passwords)
 * [Reloading Configuration](#reloading-configuration)
 * [Authentication](#authentication)
 * [Error Reporting](#error-reporting)
@ -887,9 +888,6 @@ In versions of MySQL 5.7.6 and later, the `Password` column was replaced by
 `authentication_string`. Change `user.password` above with
 `user.authentication_string`.

-**Note**: If authentication fails, MaxScale will try to refresh the list of
-database users used by the service up to 4 times every 30 seconds.
-
 <a id="passwd"></a>
 #### `password`

@ -1524,6 +1522,49 @@ can add a filter to a service and combine multiple filters in one service.
 * [Query Redirection Filter](../Filters/Named-Server-Filter.md)
 * [RabbitMQ Filter](../Filters/RabbitMQ-Filter.md)

+
+## Encrypting Passwords
+
+Passwords stored in the maxscale.cnf file may optionally be encrypted for added security.
+This is done by creation of an encryption key on installation of MariaDB MaxScale.
+Encryption keys may be created manually by executing the maxkeys utility with the argument
+of the filename to store the key. The default location MariaDB MaxScale stores
+the keys is `/var/lib/maxscale`.
+
+```
+ # Usage: maxkeys [PATH]
+maxkeys /var/lib/maxscale/
+```
+
+Changing the encryption key for MariaDB MaxScale will invalidate any currently
+encrypted keys stored in the maxscale.cnf file.
+
+## Creating Encrypted Passwords
+
+Encrypted passwords are created by executing the maxpasswd command with the location
+of the .secrets file and the password you require to encrypt as an argument.
+
+```
+# Usage: maxpasswd PATH PASSWORD
+maxpasswd /var/lib/maxscale/ MaxScalePw001
+61DD955512C39A4A8BC4BB1E5F116705
+```
+
+The output of the maxpasswd command is a hexadecimal string, this should be inserted
+into the maxscale.cnf file in place of the ordinary, plain text, password.
+MariaDB MaxScale will determine this as an encrypted password and automatically decrypt
+it before sending it the database server.
+
+```
+[Split Service]
+type=service
+router=readwritesplit
+servers=server1,server2,server3,server4
+user=maxscale
+password=61DD955512C39A4A8BC4BB1E5F116705
+```
+
+
 ## Reloading Configuration

 **Note:** This functionality has been deprecated. Use the MaxScale REST API or the
--- a/Documentation/Getting-Started/MariaDB-MaxScale-Installation-Guide.md
+++ b/Documentation/Getting-Started/MariaDB-MaxScale-Installation-Guide.md
@ -174,44 +174,9 @@ that discusses the concept and gives some examples of ways to use filters.

 ## Encrypting Passwords

-Passwords stored in the maxscale.cnf file may optionally be encrypted for added security.
-This is done by creation of an encryption key on installation of MariaDB MaxScale.
-Encryption keys may be created manually by executing the maxkeys utility with the argument
-of the filename to store the key. The default location MariaDB MaxScale stores
-the keys is `/var/lib/maxscale`.
-
-```
- # Usage: maxkeys [PATH]
-maxkeys /var/lib/maxscale/
-```
-
-Changing the encryption key for MariaDB MaxScale will invalidate any currently
-encrypted keys stored in the maxscale.cnf file.
-
-### Creating Encrypted Passwords
-
-Encrypted passwords are created by executing the maxpasswd command with the location
-of the .secrets file and the password you require to encrypt as an argument.
-
-```
-# Usage: maxpasswd PATH PASSWORD
-maxpasswd /var/lib/maxscale/ MaxScalePw001
-61DD955512C39A4A8BC4BB1E5F116705
-```
-
-The output of the maxpasswd command is a hexadecimal string, this should be inserted
-into the maxscale.cnf file in place of the ordinary, plain text, password.
-MariaDB MaxScale will determine this as an encrypted password and automatically decrypt
-it before sending it the database server.
-
-```
-[Split Service]
-type=service
-router=readwritesplit
-servers=server1,server2,server3,server4
-user=maxscale
-password=61DD955512C39A4A8BC4BB1E5F116705
-```
+Read the [Encrypting Passwords](Configuration-Guide.md#encrypting-passwords)
+section of the configuration guide to set up password encryption for the
+configuration file.

 ## Running MariaDB MaxScale

--- a/Documentation/Tutorials/Galera-Cluster-Connection-Routing-Tutorial.md
+++ b/Documentation/Tutorials/Galera-Cluster-Connection-Routing-Tutorial.md
@ -120,9 +120,8 @@ service=Galera Service
 ```

 A listener must also define the protocol module it will use for the incoming
-network protocol, currently this should be the MariaDBClient protocol for all
-database listeners. The listener may then supply a network port to listen on
-and/or a socket within the file system.
+network protocol, currently this must be the `MariaDBClient` protocol for all
+database listeners. The listener must also supply the network port to listen on.

 ```
 [Galera Listener]
@ -130,7 +129,6 @@ type=listener
 service=Galera Service
 protocol=MariaDBClient
 port=4306
-socket=/tmp/DB.Cluster
 ```

 An address parameter may be given if the listener is required to bind to a particular
--- a/Documentation/Tutorials/Galera-Cluster-Read-Write-Splitting-Tutorial.md
+++ b/Documentation/Tutorials/Galera-Cluster-Read-Write-Splitting-Tutorial.md
@ -71,7 +71,9 @@ type=listener
 service=Splitter Service
 ```

-A listener must also define the protocol module it will use for the incoming network protocol, currently this should be the `MariaDBClient` protocol for all database listeners. The listener may then supply a network port to listen on and/or a socket within the file system.
+A listener must also define the protocol module it will use for the incoming
+network protocol, currently this must be the `MariaDBClient` protocol for all
+database listeners. The listener must also supply the network port to listen on.

 ```
 [Splitter Listener]
@ -79,7 +81,6 @@ type=listener
 service=Splitter Service
 protocol=MariaDBClient
 port=3306
-socket=/tmp/ClusterMaster
 ```

 An address parameter may be given if the listener is required to bind to a particular network address when using hosts with multiple network addresses. The default behavior is to listen on all network interfaces.
--- a/Documentation/Tutorials/MariaDB-Replication-Connection-Routing-Tutorial.md
+++ b/Documentation/Tutorials/MariaDB-Replication-Connection-Routing-Tutorial.md
@ -106,7 +106,9 @@ type=listener
 service=Read-Service
 ```

-A listener must also define the protocol module it will use for the incoming network protocol, currently this should be the MariaDBClient protocol for all database listeners. The listener may then supply a network port to listen on and/or a socket within the file system.
+A listener must also define the protocol module it will use for the incoming
+network protocol, currently this must be the `MariaDBClient` protocol for all
+database listeners. The listener must also supply the network port to listen on.

 ```
 [Write-Listener]
@ -114,7 +116,6 @@ type=listener
 service=Write-Service
 protocol=MariaDBClient
 port=4306
-socket=/tmp/ClusterMaster

 [Read-Listener]
 type=listener
--- a/Documentation/Tutorials/MariaDB-Replication-Read-Write-Splitting-Tutorial.md
+++ b/Documentation/Tutorials/MariaDB-Replication-Read-Write-Splitting-Tutorial.md
@ -106,9 +106,8 @@ service=Splitter Service
 ```

 A listener must also define the protocol module it will use for the incoming
-network protocol, currently this should be the `MariaDBClient` protocol for all
-database listeners. The listener may then supply a network port to listen on
-and/or a socket within the file system.
+network protocol, currently this must be the `MariaDBClient` protocol for all
+database listeners. The listener must also supply the network port to listen on.

 ```
 [Splitter Listener]
@ -116,7 +115,6 @@ type=listener
 service=Splitter Service
 protocol=MariaDBClient
 port=3306
-socket=/tmp/ClusterMaster
 ```

 An address parameter may be given if the listener is required to bind to a