When C and C++ are mixed in a project, main() should be compiled
as C++ to ensure that all C++ static initializations are performed
properly. That may not be strictly true anymore, depending on the
used compiler and environment, but better to do that to be on the
safe side.
The code that checked whether a server was added to a service did not
check whether the server reference was active. This caused problems when
an old server was added again to a service that once had used it.
If a master once had slaves and is in the stale status, it will not retain
this status after a restart. Without storing on-disk information, the
stale master status cannot be deduced by looking at the master
alone. Because of this, the user should be able to manually enable the
stale master status.
The listen() backlog is now set to INT_MAX which should guarantee that the
internal limit is always higher than the system limit. This means that the
length of the queue always follows /proc/sys/net/ipv4/tcp_max_syn_backlog.
When a service is added or removed from a service, a supplementary
configuration file is created. This allows MaxScale to survive restars and
unexpected downtime even if runtime changes to the servers of a service
have been made.
With these changes, it is possible to start MaxScale without any servers,
create servers, add the created servers to services and monitors and
restart Maxscale without losing the runtime configuration changes.
When a server is added to a monitor, an supplementary configuration file
is generated to persist this information. This will allow dynamic
modifications to server lists which will survive restarts and unexpected
downtime.
The monitor will only add new servers to its list of monitored
servers. This prevents duplicate entries in the list and makes it safe to
persist all used servers to the supplementary configuration file instead of only the ones that are not listed in the main configuration.
Servers created at runtime can now be configured to use SSL. The
configuration is only possible if the server is not in use.
The `alter server` command in maxadmin now takes a list of `key=value`
strings. This allows the user to define multiple alter operations with one
command.
The functions allow simple operations on configuration context
objects. This makes it easier to understand what the code does and allows
reuse of the configuration processing code.
Together with the field names, now qc_get_field_info also returns
field usage information, that is, in what context a field is used.
This allows, for instance, the cache to take action if a a particular
field is selected (SELECT a FROM ...), but not if it is used in a
GROUP BY clause (...GROUP BY a).
This caused a significant modifications of qc_mysqlembedded that
earlier did not walk the parse-tree, but instead looped over of a
list of st_select_lex instances that, the name notwithstanding,
also contain information about other things but SELECTs. The former
approach lost all contextual information, so it was not possible
to know where a particular field was used.
Now the parse tree is walked, which means that the contextual
information is known, and thus the field usage can be updated.
The checks for the server active status are now hidden behind a
macro. This allows for the conditions of the activity to change without
having to alter the code that uses it.
Now that servers use an array for the server name, name truncation can
occur. Although this is nigh impossible, a warning message is a prudent
precaution.
Server creation and allocation are now the same apart from the fact that
allocation only adds the server to the running configuration where as the
creation of a server also persist it to disk.
The server serialization should not be seen through the server.h API. This
allows the serialization method to change without actually having to
change the interfaces.
The MySQL Monitor did not reset the pointer to the root master reference
which would lead to a crash if the master was removed.
When service details were shown, it listed all servers that existed. Only
servers that haven't been removed or destroyed should be shown.
If a server were to be destroyed, it should not show up among
non-destroyed servers. Even though the servers aren't actually destroyed,
it hides unnecessary information from the user.
Previously, negative values were allowed for persistpoolmax and
persistmaxtime. Now they cause an error. Also, monitor_interval
allowed negative (or zero) values, which were then implicitly cast to
unsigned, causing unintended behaviour. Now this causes a warning
and the default value is used.
When a server is created via MaxAdmin, it will be serialized to disk. This
allows created servers to be retained through a restart of MaxScale.
Currently, all serialized objects are stored in one folder and there is no
structure in the created files. In the future, servers could be created
under a `servers` subdirectory so that it is easier to see what was
added. Whether there is a need for this will be seen.
The server credentials are only used if both the monuser and monpw
parameters are defined. This is a sort of a bugfix as a monitor connection
could use a username from server but a password from the monitor.
The server monuser and monpw members were used with the assumption that
they could be NULL. This is no longer true since they were converted to
arrays.
The name member of the server was freed leading to a crash when the server
unit test was run.
The persisted configuration directory is created and/or read when MaxScale
starts. This allows the servers created at runtime to be recreated when
MaxScale is restarted.
The persisted configuration subdirectory will be used to store changes to
the configuration. The gwdirs.h header now supports setting and getting
the value for this directory.
The address, port, monuser and monpw parameters of an existing server can
be changed at runtime. The support for enabling SSL will come in a later
commit.
Allowing servers to be modified could also be done by destroying and
recreating them. Since the servers are never actually destroyed, it is
better to allow the alteration of the existing ones.
MaxScale can now start without any defined monitors. This allows the core
services to be configured beforehand. With the changes to dynamic
modifications to servers, automatic scaling of slaves is possible.
The `add server` command accepts a server name and either a service name
or a monitor name. It will add servers to services and monitors. Since all
monitors use the MONITOR_SERVER structures directly, the monitors need
to be stopped before new servers are added to them
The function serializes a server to a file. This is intended to be used
with dynamically created servers. The output of the server serialization
will eventually be stored in the configuration file directory (default is
/etc/maxscale.cnf.d/) so that created servers persist even after a
restart.
Servers can now be added and removed from services which allows routers to
use them with new sessions. The routers don't fully use the new
functionality in the server references which prevents new servers from
being taken into use.
If shutdown has been initiated (via maxadmin or by sending a
SIGINT or SIGTERM) and a SIGTERM is received, the process
is terminated.
If shutdown has been initiated (via maxadmin or by sending a
SIGINT or SIGTERM) and a SIGINT (Ctrl-C) is received, a warning
is printed that shutdown is in progess. Then, if an additional
SIGINT is received, the process is terminated.
So, in practice:
- If MaxScale is running as a daemon, the first SIGTERM initiates
shutdown and a second one unconditionally terminates the process.
- If MaxScale is running in the console, the first Ctrl-C initiates
shutdown, the second prints a warning and the third terminates
the process.
This is to ensure that MaxScale can be forced to exit, in
case some thread is hung for whatever reason, and is thus preventing
the controlled shutdown.
If the user running MaxScale could open the .secrets-file and the
file permissions were anything other than owner:read, the
secrets_readkeys() would fail with error message
"Ignoring secrets file <path>, invalid permissions." Now the
message is more accurate in stating the expected permissions.
The hangup code was refactored into a common function which should only be
used after the server states have been updated. This will remove erroneus
connections to already failed servers.
