update

2021-11-14 14:32:08 +08:00
parent f75ad8bedd
commit b0f6120151
152 changed files with 22219 additions and 8 deletions
--- a/content/post/mysql-galera.md
+++ b/content/post/mysql-galera.md
@@ -0,0 +1,115 @@
+---
+title: "CentOS7 安装 Mysql Galera 集群"
+date: 2019-10-30T11:13:44+08:00
+lastmod: 2019-10-30T11:13:44+08:00
+keywords: []
+tags: ["mysql", "galera"]
+categories: ["database"]
+---
+
+# 环境
+cpu | mem | hostname | public ip | cluster ip | CentOS | MySQL
+---- | ---- | ---- | ---- | ---- | ---- | ----
+双核 | 2GB | mysql_1 | 10.0.0.231 | 10.10.10.1 | 7.5 | 5.7
+双核 | 2GB | mysql_2 | 10.0.0.232 | 10.10.10.2 | 7.5 | 5.7
+双核 | 2GB | mysql_3 | 10.0.0.233 | 10.10.10.3 | 7.5 | 5.7
+
+# 创建 galera yum 源文件
+```bash
+cat > /etc/yum.repos.d/galera.repo <<-END
+[galera]
+name = Galera
+baseurl = http://releases.galeracluster.com/galera-3/centos/7/x86_64/
+gpgkey = http://releases.galeracluster.com/GPG-KEY-galeracluster.com
+gpgcheck = 1
+#
+[mysql-wsrep]
+name = MySQL-wsrep
+baseurl = http://releases.galeracluster.com/mysql-wsrep-5.7/centos/7/x86_64/
+gpgkey = http://releases.galeracluster.com/GPG-KEY-galeracluster.com
+gpgcheck = 1
+END
+```
+
+# 安装
+```bash
+yum install galera-3 mysql-wsrep-5.7 rsync
+```
+
+# 修改 /etc/my.cnf
+```
+[mysqld]
+datadir=/var/lib/mysql
+socket=/var/lib/mysql/mysql.sock
+user=mysql
+binlog-format=ROW
+bind-address=0.0.0.0
+default-storage-engine=innodb
+innodb-autoinc-lock-mode=2
+innodb-flush-log-at-trx-commit=0
+innodb-buffer-pool-size=1024M #物理内存一半
+wsrep-provider=/usr/lib64/galera-3/libgalera_smm.so
+wsrep-provider-options="gcache.dir=/var/lib/gcache;gcache.size=1G;gcache.recover=yes;pc.recovery=TRUE"
+wsrep-cluster-name="mysql_galera_cluster" #集群名字
+wsrep-cluster-address="gcomm://10.10.10.1,10.10.10.2,10.10.10.3"
+wsrep-sst-method=rsync
+wsrep-node-name=mysql_1 #当前节点名字
+wsrep-node-address="10.10.10.1" #当前节点 cluster ip
+#wsrep-auto-increment-control=OFF #只通过一个节点做增删改时使用
+#
+[mysql_safe]
+log-error=/var/log/mysqld.log
+pid-file=/var/run/mysqld/mysqld.pid
+#
+!includedir /etc/my.cnf.d/
+```
+
+# 随机选择一个节点，使用专用脚本 mysqld_bootstrap 初始化集群
+```bash
+/usr/bin/mysqld_bootstrap
+#该命令会启动本机的 mysqld 服务
+systemctl status mysqld
+```
+
+# 查找密码，修改初始密码
+```bash
+grep -i password /var/log/messages
+#记录输出的密码
+mysqladmin -uroot -p password 'P@sswo2d'
+#根据提示输入上一步输出的密码
+```
+
+# 在其他节点上启动 mysqld 服务
+```bash
+systemctl start mysqld
+```
+
+# 查看集群节点数量
+```sql
+show status like 'wsrep_cluster_size';
+```
+
+# ssl 加密同步数据(不推荐，存在性能损失)
+- 生成证书
+    ```bash
+    mkdir /etc/my.cnf.d/ssl && cd /etc/my.cnf.d/ssl
+    openssl genrsa 2048 > ca-key.pem
+    openssl req -new -x509 -nodes -days 365000 \
+          -key ca-key.pem -out ca-cert.pem #按提示输入信息
+    openssl req -newkey rsa:2048 -days 365000 \
+          -nodes -keyout server-key.pem -out server-req.pem #按提示输入信息，与上一步信息不同
+    openssl rsa -in server-key.pem -out server-key.pem
+    openssl x509 -req -in server-req.pem -days 365000 \
+          -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 \
+          -out server-cert.pem
+    ```
+- 修改配置文件 my.cnf
+    ```
+    #在 wsrep_provider_options 中添加如下选项，选项间用分号";"间隔
+    socket.ssl_key=/etc/my.cnf.d/ssl/server-key.pem; socket.ssl_cert=/etc/my.cnf.d/ssl/server-cert.pem; socket.ssl_ca=/etc/my.cnf.d/ssl/ca-cert.pem; socket.checksum=2; socket.ssl_cipher=AES128-SHA
+    ```
+- 重新启动集群
+
+# ssl 加密客户端(不推荐，存在性能损失)
+- MySQL 5.7 server 自带 ssl 加密，客户端连接时，指定参数 --ssl-mode=required 即可
+