hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-1494: Add replication credentials to mysqlmon

Browse Source 
The credentials used for slave servers can now be controlled with the
replication_user and replication_password parameters.
This commit is contained in:
Markus Mäkelä
2017-10-24 16:56:34 +03:00
parent 75a2e190b2
commit 95ac9d501c
3 changed files with 64 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
Documentation/Monitors/MySQL-Monitor.md
View File

@ -230,6 +230,9 @@ error is logged and the failover functionality is disabled. If this happens, the
cluster must be fixed manually and the failover needs to be re-enabled via the cluster must be fixed manually and the failover needs to be re-enabled via the
REST API or MaxAdmin. REST API or MaxAdmin.
**Note:** The monitor user must have the SUPER privilege if the failover feature
is enabled.
### `failover_script` ### `failover_script`
*NOTE* By default, MariaDB MaxScale uses the MariaDB provided failover *NOTE* By default, MariaDB MaxScale uses the MariaDB provided failover
@ -296,6 +299,9 @@ path for making `server4` the new master would be:
/v1/maxscale/mysqlmon/switchover?Cluster1&server4&server2 /v1/maxscale/mysqlmon/switchover?Cluster1&server4&server2
``` ```
**Note:** The monitor user must have the SUPER privilege if the switchover
feature is enabled.
### `switchover_script` ### `switchover_script`
*NOTE* By default, MariaDB MaxScale uses the MariaDB provided switchover *NOTE* By default, MariaDB MaxScale uses the MariaDB provided switchover
@ -331,6 +337,27 @@ If no successful switchover takes place within the configured time period,
a message is logged and the failover (not switchover) functionality will not a message is logged and the failover (not switchover) functionality will not
be enabled, even if it was enabled before the switchover attempt. be enabled, even if it was enabled before the switchover attempt.
### `replication_user`
The username of the replication user. This is given as the value for
`MASTER_USER` whenever a `CHANGE_MASTER_TO` command is executed.
Both `replication_user` and `replication_password` parameters must be defined if
a custom replication user is used. If neither of the parameters is defined, the
`CHANGE MASTER TO` command will use the monitor credentials for the replication
user.
The credentials used for replication must have the `REPLICATION SLAVE`
privilege.
### `replication_password`
The password of the replication user. This is given as the value for
`MASTER_USER` whenever a `CHANGE_MASTER_TO` command is executed.
See `replication_user` parameter documentation for details about the use of this
parameter.
## Using the MySQL Monitor With Binlogrouter ## Using the MySQL Monitor With Binlogrouter
Since MaxScale 2.2 it's possible to detect a replication setup Since MaxScale 2.2 it's possible to detect a replication setup

2
server/modules/monitor/mysqlmon.h
View File

@ -69,6 +69,8 @@ typedef struct
bool switchover; /**< If master switchover is enabled */ bool switchover; /**< If master switchover is enabled */
char* switchover_script; /**< Script to call for performing master switchover */ char* switchover_script; /**< Script to call for performing master switchover */
uint32_t switchover_timeout; /**< Timeout in seconds for the master switchover */ uint32_t switchover_timeout; /**< Timeout in seconds for the master switchover */
char* replication_user; /**< Replication user for failover */
char* replication_password; /**< Replication password for failover*/
MXS_MONITOR* monitor; MXS_MONITOR* monitor;
} MYSQL_MONITOR; } MYSQL_MONITOR;

35
server/modules/monitor/mysqlmon/mysql_mon.cc
View File

@ -74,6 +74,10 @@ static const char CN_SWITCHOVER[] = "switchover";
static const char CN_SWITCHOVER_SCRIPT[] = "switchover_script"; static const char CN_SWITCHOVER_SCRIPT[] = "switchover_script";
static const char CN_SWITCHOVER_TIMEOUT[] = "switchover_timeout"; static const char CN_SWITCHOVER_TIMEOUT[] = "switchover_timeout";
// Replication credentials parameters for failover
static const char CN_REPLICATION_USER[] = "replication_user";
static const char CN_REPLICATION_PASSWORD[] = "replication_password";
/** Default failover timeout */ /** Default failover timeout */
#define DEFAULT_FAILOVER_TIMEOUT "90" #define DEFAULT_FAILOVER_TIMEOUT "90"
/** Default switchover timeout */ /** Default switchover timeout */
@ -630,6 +634,29 @@ bool init_server_info(MYSQL_MONITOR *handle, MXS_MONITORED_SERVER *database)
return rval; return rval;
} }
static bool set_replication_credentials(MYSQL_MONITOR *handle, const MXS_CONFIG_PARAMETER* params)
{
bool rval = false;
const char* repl_user = config_get_string(params, CN_REPLICATION_USER);
const char* repl_pw = config_get_string(params, CN_REPLICATION_PASSWORD);
if (!*repl_user && !*repl_pw)
{
// No replication credentials defined, use monitor credentials
repl_user = handle->monitor->user;
repl_pw = handle->monitor->password;
}
if (*repl_user && *repl_pw)
{
handle->replication_user = MXS_STRDUP_A(repl_user);
handle->replication_password = decrypt_password(repl_pw);
rval = true;
}
return rval;
}
/*lint +e14 */ /*lint +e14 */
/** /**
@ -651,6 +678,8 @@ startMonitor(MXS_MONITOR *monitor, const MXS_CONFIG_PARAMETER* params)
handle->shutdown = 0; handle->shutdown = 0;
MXS_FREE(handle->script); MXS_FREE(handle->script);
MXS_FREE(handle->switchover_script); MXS_FREE(handle->switchover_script);
MXS_FREE(handle->replication_user);
MXS_FREE(handle->replication_password);
} }
else else
{ {
@ -696,6 +725,12 @@ startMonitor(MXS_MONITOR *monitor, const MXS_CONFIG_PARAMETER* params)
bool error = false; bool error = false;
if (!set_replication_credentials(handle, params))
{
MXS_ERROR("Both '%s' and '%s' must be defined", CN_REPLICATION_USER, CN_REPLICATION_PASSWORD);
error = true;
}
if (!check_monitor_permissions(monitor, "SHOW SLAVE STATUS")) if (!check_monitor_permissions(monitor, "SHOW SLAVE STATUS"))
{ {
MXS_ERROR("Failed to start monitor. See earlier errors for more information."); MXS_ERROR("Failed to start monitor. See earlier errors for more information.");