Mariadb 主从复制、双主复制、半同步复制、基于SSL复制
一、Mariabd数据复制原理和功能
Mysql内建的复制功能是构建大型,高性能应用程序的基础。将Mysql的数据分布到多个系统上去,这种分布的机制,是通过将Mysql的某一台主机的数据复制到其它主机(slaves)上,并重新执行一遍来实现的。复制过程中一个服务器充当主服务器,而一个或多个其它服务器充当从服务器。主服务器将更新写入二进制日志文件,并维护文件的一个索引以跟踪日志循环。这些日志可以记录发送到从服务器的更新。当一个从服务器连接主服务器时,它通知主服务器从服务器在日志中读取的最后一次成功更新的位置。从服务器接收从那时起发生的任何更新,然后封锁并等待主服务器通知新的更新。
复制的功用:数据分布;负载均衡读;数据备份;高可用和故障切换;MySQL升级测试
二、Mariabd主从复制的实现
主节点(MASTER)配置
①、启动二进制日志、为当前节点设置一个全局惟的ID号
[root@localhost ~]# vim /etc/my.cn log_bin = mysql-bin #启动二进制日志 server_id = 1 #设置服务器ID innodb_file_per_table = ON #设置每表使用单独事务日志 skip-name-resolve = ON #跳过域名解析 [root@localhost ~]# systemctl restart mariadb.service
②、创建有复制权限的用户账号
MariaDB [(none)]> GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'wlw'@'192.168.0.%' IDENTIFIED BY 'wlw'; MariaDB [(none)]> SHOW MASTER STATUS; +------------------+----------+--------------+------------------+ | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | +------------------+----------+--------------+------------------+ | mysql-bin.000003 | 413 | | | +------------------+----------+--------------+------------------+ #这里二进制日志已经滚到到第三个文件了,前两个文件为数据库初始化创建的mysql管理库等信息,所以我们等一下配置 #配置从的Position只需要从这一刻的413开始即可
从节点(SLAVE)配置
①、启动中继日志、为当前节点设置一个全局惟的ID号
[root@localhost ~]# vim /etc/my.cn relay_log = relay-log #启动中继日志 relay_log_index = relay-log.index read-only = 1 #开启只读模式,此限制对拥有SUPER权限的用户均无效 #如果需要锁定所有用户,可以执行SQL语句(FLUSH TABLES WITH READ LOCK;) server_id = 8 innodb_file_per_table = ON skip-name-resolve = ON
②、配置前查看一下从服务器的状态和是否启动了复制线程
MariaDB [(none)]> SHOW SLAVE STATUS; Empty set (0.01 sec) #这里我们查看从服务器的状态,可以看到还没有配置,为空 MariaDB [(none)]> SHOW PROCESSLIST; +----+------+-----------+------+---------+------+-------+------------------+----------+ | Id | User | Host | db | Command | Time | State | Info | Progress | +----+------+-----------+------+---------+------+-------+------------------+----------+ | 2 | root | localhost | NULL | Query | 0 | NULL | SHOW PROCESSLIST | 0.000 | +----+------+-----------+------+---------+------+-------+------------------+----------+ #可以看到从服务器还没有启动复制线程
③、使用有复制权限的用户账号连接至主服务器,并启动复制线程
MariaDB [(none)]> CHANGE MASTER TO MASTER_HOST='192.168.0.151', MASTER_USER='wlw', MASTER_PASSWORD='wlw', MASTER_LOG_FILE='mysql-bin.000003', MASTER_LOG_POS=413; MariaDB [(none)]> START SLAVE;
④、配置后查看一下从服务器的状态和是否启动了复制线程
MariaDB [(none)]> SHOW SLAVE STATUS\G *************************** 1. row *************************** Slave_IO_State: Waiting for master to send event Master_Host: 192.168.0.151 #主服务器IP Master_User: wlw #复制授权的用户 Master_Port: 3306 #主服务器端口 Connect_Retry: 60 #重试时间 Master_Log_File: mysql-bin.000003 #读取二进制的文件 Read_Master_Log_Pos: 413 #读取二进制的开始位置 Relay_Log_File: relay-log.000002 #读取的中继日志文件 Relay_Log_Pos: 529 #读取的中继日志位置 Relay_Master_Log_File: mysql-bin.000003 Slave_IO_Running: Yes #I/O Thread启动 Slave_SQL_Running: Yes #SQL Thread启动 Replicate_Do_DB: Replicate_Ignore_DB: Replicate_Do_Table: Replicate_Ignore_Table: Replicate_Wild_Do_Table: Replicate_Wild_Ignore_Table: Last_Errno: 0 Last_Error: Skip_Counter: 0 Exec_Master_Log_Pos: 413 Relay_Log_Space: 817 Until_Condition: None Until_Log_File: Until_Log_Pos: 0 Master_SSL_Allowed: No Master_SSL_CA_File: Master_SSL_CA_Path: Master_SSL_Cert: Master_SSL_Cipher: Master_SSL_Key: Seconds_Behind_Master: 0 Master_SSL_Verify_Server_Cert: No Last_IO_Errno: 0 Last_IO_Error: Last_SQL_Errno: 0 Last_SQL_Error: Replicate_Ignore_Server_Ids: Master_Server_Id: 1 MariaDB [(none)]> SHOW PROCESSLIST; +----+-------------+-----------+------+---------+------+-----------------------------------------------------------------------------+------------------+----------+ | Id | User | Host | db | Command | Time | State | Info | Progress | +----+-------------+-----------+------+---------+------+-----------------------------------------------------------------------------+------------------+----------+ | 2 | root | localhost | NULL | Query | 0 | NULL | SHOW PROCESSLIST | 0.000 | | 3 | system user | | NULL | Connect | 404 | Waiting for master to send event | NULL | 0.000 | | 4 | system user | | NULL | Connect | 403 | Slave has read all relay log; waiting for the slave I/O thread to update it | NULL | 0.000 | +----+-------------+-----------+------+---------+------+-----------------------------------------------------------------------------+------------------+----------+ #可以看到启动了两个线程,一个时等待主服务器发送的时间,一个是读取中继日志做同步 [root@c7node1 ~]# ll /var/lib/mysql/master.info -rw-rw----. 1 mysql mysql 75 Nov 8 09:00 /var/lib/mysql/master.info #这个文件保存了主服务器的链接信息,包括账号密码等,下次重启服务会自动通过此文件连接主服务器 [root@c7node1 ~]# cat /var/lib/mysql/relay-log.info ./relay-log.000002 691 mysql-bin.000003 575 #此文件保存从服务器使用的中继日志、POS和主服务器使用的二进制日志、POS,服务器启动也会读取此文件
⑤、测试实验结果,在主服务器创建数据库看从服务器是否自动复制
MariaDB [(none)]> CREATE DATABASE wlw; MariaDB [(none)]> CREATE DATABASE WLW; MariaDB [(none)]> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | WLW | | mysql | | performance_schema | | test | | wlw | +--------------------+ #可以看到主服务器创建的数据库从服务器已经自动复制完成
三、Mariabd双主复制的实现(容易产生数据不一致,慎用)
主节点一:c7node1.wlw.com 192.168.88.11
主节点二:c7node2.wlw.com 192.168.88.22
①、各节点使用一个惟一server_id、启动binary log和relay log
[root@c7node1 ~]# vim /etc/my.cnf log_bin = mysql-bin relay_log = relay-log server_id = 1 innodb_file_per_table = ON skip-name-resolve = ON auto_increment_offset = 1 auto_increment_increment = 2 #如果表中有字段为自动增长,需要配置上面两项,防止数据不一致 [root@c7node2 ~]# vim /etc/my.cnf log_bin = mysql-bin relay_log = relay-log server_id = 8 innodb_file_per_table = ON skip-name-resolve = ON auto_increment_offset = 2 auto_increment_increment = 2
②、各节点创建拥有复制权限的用户账号
c7node1节点数据库: MariaDB [(none)]> GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'wlw'@'192.168.88.22' IDENTIFIED BY 'wlw'; MariaDB [(none)]> FLUSH PRIVILEGES; c7node2节点数据库: MariaDB [(none)]> GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'wlw'@'192.168.88.11' IDENTIFIED BY 'wlw'; MariaDB [(none)]> FLUSH PRIVILEGES;
③、各节点均把对方指定为主节点,并启动复制线程
c7node1节点数据库: MariaDB [(none)]> SHOW MASTER STATUS; +------------------+----------+--------------+------------------+ | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | +------------------+----------+--------------+------------------+ | mysql-bin.000003 | 500 | | | +------------------+----------+--------------+------------------+ MariaDB [(none)]> CHANGE MASTER TO MASTER_HOST='192.168.88.22', MASTER_USER='wlw', MASTER_PASSWORD='wlw', MASTER_LOG_FILE='mysql-bin.000003', MASTER_LOG_POS=500; MariaDB [(none)]> START SLAVE; c7node2节点数据库: MariaDB [(none)]> SHOW MASTER STATUS; +------------------+----------+--------------+------------------+ | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | +------------------+----------+--------------+------------------+ | mysql-bin.000003 | 500 | | | +------------------+----------+--------------+------------------+ MariaDB [(none)]> CHANGE MASTER TO MASTER_HOST='192.168.88.11', MASTER_USER='wlw', MASTER_PASSWORD='wlw', MASTER_LOG_FILE='mysql-bin.000003', MASTER_LOG_POS=500; MariaDB [(none)]> START SLAVE;
③、测试实验结果,在c7node1和c7node2节点上各创建自动增长字段的表进行测试
c7node1节点数据库:
MariaDB [(none)]> CREATE DATABASE wlw;
MariaDB [wlw]> INSERT INTO tb1 (name) VALUES ('wlw4'),('wlw5');
c7node2节点数据库:
MariaDB [(none)]> USE wlw
#可以看到从节点一复制过来的wlw数据库,我们在此数据库创建一个表做测试
MariaDB [wlw]> CREATE TABLE tb1 (id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,name CHAR(30));
MariaDB [wlw]> INSERT INTO tb1 (name) VALUES ('wlw1'),('wlw2'),('wlw3');
MariaDB [wlw]> SELECT * FROM tb1;
+----+------+
| id | name |
+----+------+
| 2 | wlw1 |
| 4 | wlw2 |
| 6 | wlw3 |
| 7 | wlw4 |
| 9 | wlw5 |
+----+------+
四、Mariabd半同步复制的实现(基于插件实现)
[root@localhost ~]# rpm -ql mariadb-server /usr/lib64/mysql/plugin/semisync_master.so /usr/lib64/mysql/plugin/semisync_slave.so #半同步复制使用的插件
主节点(MASTER)配置
①、启动二进制日志、为当前节点设置一个全局惟的ID号
[root@localhost ~]# vim /etc/my.cnf log_bin = mysql-bin server_id = 1 innodb_file_per_table = ON skip-name-resolve = ON
②、创建拥有复制权限的用户账号
MariaDB [(none)]> GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'wlw'@'192.168.88.22' IDENTIFIED BY 'wlw'; MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> SHOW MASTER STATUS; +------------------+----------+--------------+------------------+ | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | +------------------+----------+--------------+------------------+ | mysql-bin.000003 | 490 | | | +------------------+----------+--------------+------------------+
③、安装插件
MariaDB [(none)]> INSTALL PLUGIN rpl_semi_sync_master SONAME 'semisync_master.so'; MariaDB [(none)]> SHOW PLUGINS; #查看插件是否加载成功 MariaDB [(none)]> SHOW GLOBAL VARIABLES LIKE '%semi%'; +------------------------------------+-------+ | Variable_name | Value | +------------------------------------+-------+ | rpl_semi_sync_master_enabled | OFF | #是否启动为半同步复制的主节点 | rpl_semi_sync_master_timeout | 10000 | #等待从节点的超时时间,10s | rpl_semi_sync_master_trace_level | 32 | #跟踪级别 | rpl_semi_sync_master_wait_no_slave | ON | #在没有从节点的时候是否等待 +------------------------------------+-------+ MariaDB [(none)]> SHOW GLOBAL STATUS LIKE '%semi%'; +--------------------------------------------+-------+ | Variable_name | Value | +--------------------------------------------+-------+ | Rpl_semi_sync_master_clients | 0 | #有多少个半同步节点 | Rpl_semi_sync_master_net_avg_wait_time | 0 | | Rpl_semi_sync_master_net_wait_time | 0 | | Rpl_semi_sync_master_net_waits | 0 | | Rpl_semi_sync_master_no_times | 0 | | Rpl_semi_sync_master_no_tx | 0 | | Rpl_semi_sync_master_status | OFF | | Rpl_semi_sync_master_timefunc_failures | 0 | | Rpl_semi_sync_master_tx_avg_wait_time | 0 | | Rpl_semi_sync_master_tx_wait_time | 0 | | Rpl_semi_sync_master_tx_waits | 0 | | Rpl_semi_sync_master_wait_pos_backtraverse | 0 | | Rpl_semi_sync_master_wait_sessions | 0 | | Rpl_semi_sync_master_yes_tx | 0 | +--------------------------------------------+-------+ MariaDB [(none)]> SET GLOBAL rpl_semi_sync_master_enabled = ON; #启动为半同步复制的主节点
从节点(SLAVE)配置
①、启动中继日志、为当前节点设置一个全局惟的ID号
[root@localhost ~]# vim /etc/my.cnf relay_log = relay-log server_id = 8 innodb_file_per_table = ON skip-name-resolve = ON
②、安装插件
MariaDB [(none)]> INSTALL PLUGIN rpl_semi_sync_slave SONAME 'semisync_slave.so'; MariaDB [(none)]> SHOW PLUGINS; MariaDB [(none)]> SHOW GLOBAL VARIABLES LIKE '%semi%'; +---------------------------------+-------+ | Variable_name | Value | +---------------------------------+-------+ | rpl_semi_sync_slave_enabled | OFF | #是否启动为半同步复制的从节点 | rpl_semi_sync_slave_trace_level | 32 | #跟踪级别 +---------------------------------+-------+ MariaDB [(none)]> SET GLOBAL rpl_semi_sync_slave_enabled = ON; #启动为半同步复制的从节点
③、使用有复制权限的用户账号连接至主服务器,并启动复制线程
MariaDB [(none)]> CHANGE MASTER TO MASTER_HOST='192.168.88.11', MASTER_USER='wlw', MASTER_PASSWORD='wlw', MASTER_LOG_FILE='mysql-bin.000003', MASTER_LOG_POS=490; MariaDB [(none)]> START SLAVE;
④、实验测试结果,创建数据库和数据表并查看状态信息
MariaDB [(none)]> CREATE DATABASE wlw; MariaDB [(none)]> USE wlw MariaDB [wlw]> CREATE TABLE tb(id int); MariaDB [wlw]> SHOW GLOBAL STATUS LIKE '%semi%'; +--------------------------------------------+--------+ | Variable_name | Value | +--------------------------------------------+--------+ | Rpl_semi_sync_master_clients | 1 | | Rpl_semi_sync_master_net_avg_wait_time | 55693 | | Rpl_semi_sync_master_net_wait_time | 111387 | | Rpl_semi_sync_master_net_waits | 2 | | Rpl_semi_sync_master_no_times | 0 | | Rpl_semi_sync_master_no_tx | 0 | | Rpl_semi_sync_master_status | ON | | Rpl_semi_sync_master_timefunc_failures | 0 | | Rpl_semi_sync_master_tx_avg_wait_time | 85545 | | Rpl_semi_sync_master_tx_wait_time | 171091 | | Rpl_semi_sync_master_tx_waits | 2 | | Rpl_semi_sync_master_wait_pos_backtraverse | 0 | | Rpl_semi_sync_master_wait_sessions | 0 | | Rpl_semi_sync_master_yes_tx | 2 | +--------------------------------------------+--------+
五、Mariabd复制过滤器
①、让从节点仅复制指定的数据库,或指定数据库的指定表;
(1) 主服务器仅向二进制日志中记录与特定数据库(特定表)相关的事件(时间还原无法实现,不建议使用)
[root@localhost ~]# vim /etc/my.cnf binlog_do_db= # 数据库白名单列表 binlog_ignore_db= # 数据库黑名单列表
(2) 从服务器SQL_THREAD在replay中继日志中的事件时,仅读取与特定数据库(特定表)相关的事件并应用于本地(会造成网络及磁盘IO浪费)
[root@localhost ~]# vim /etc/my.cnf replicate_do_db= #数据库白名单列表 replicate_ignore_db= #数据库黑名单列表 replicate_do_table= #表白名单列表 replicate_ignore_table= #表黑名单列表 replicate_wild_do_table= #使用通配符定义表白名单列表 replicate_wild_ignore_table= #使用通配符定义表黑名单列表
如果需要永久有用需要保存到配置文件中,下面我们测试在会话级别修改测试实验
从节点(SLAVE)配置
MariaDB [(none)]> STOP SLAVE; #关闭复制线程 MariaDB [(none)]> SET GLOBAL replicate_do_db = wlw; #设置wlw数据库为数据库白名单,只有此数据库才能同步复制 MariaDB [(none)]> START SLAVE; #启动复制线程 MariaDB [(none)]> SHOW SLAVE STATUS\G Replicate_Do_DB: wlw #这里可以看到白名单列表
主节点的创建其他数据库并在wlw数据库中插入表或修改数据查看实验结果
主服务器Mariadb MariaDB [wlw]> CREATE DATABASE slaves; Query OK, 1 row affected (0.09 sec) 从服务器Mariadb MariaDB [(none)]> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | test | | wlw | +--------------------+ #可以看到新创建的slaves数据库并没有复制过来 主服务器Mariadb MariaDB [wlw]> INSERT INTO tb VALUES (99); Query OK, 1 row affected (0.03 sec) 从服务器Mariadb MariaDB [(none)]> SELECT * FROM wlw.tb; +------+ | id | +------+ | 0 | | 99 | +------+ #可以看到,只有对数据库白名单的操作才能复制,其他数据库的任何操作都不进行复制
六、Mariabd基于SSL复制的实现
①、在主服务器上为CA生成私钥
[root@localhost ~]# cd /etc/pki/CA/ [root@localhost CA]# touch index.txt [root@localhost CA]# echo 01 > serial [root@localhost CA]# (umask 077;openssl genrsa 2048 > private/cakey.pem)
②、生成自签证书
[root@localhost CA]#[root@localhost CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 7300
③、主服务器生成证书
[root@localhost CA]# mkdir /var/lib/mysql/ssl [root@localhost CA]# cd /var/lib/mysql/ssl [root@localhost ssl]# (umask 077;openssl genrsa 1024 > master.key) [root@localhost ssl]# openssl req -new -key master.key -out master.csr [root@localhost ssl]# openssl ca -in master.csr -out master.crt -days 365 [root@localhost ssl]# cp /etc/pki/CA/cacert.pem /var/lib/mysql/ssl/ [root@localhost ssl]# chown -R mysql.mysql /var/lib/mysql/ssl//* [root@localhost ssl]# ll 总用量 16 -rw-r--r--. 1 mysql mysql 1407 11月 8 12:50 cacert.pem -rw-r--r--. 1 mysql mysql 3847 11月 8 12:49 master.crt -rw-r--r--. 1 mysql mysql 696 11月 8 12:48 master.csr -rw-------. 1 mysql mysql 887 11月 8 12:47 master.key
④、从服务器生成签署证书
[root@c7node1 ~]# mkdir /var/lib/mysql/ssl [root@c7node1 ~]# cd /var/lib/mysql/ssl [root@c7node1 ssl]# (umask 077;openssl genrsa 1024 > slave.key) [root@c7node1 ssl]# openssl req -new -key slave.key -out slave.csr
⑤、把签署证书发送到主服务器上,在主服务器上签署证书后在发给从服务器
[root@c7node1 ssl]# scp ./slave.csr 192.168.88.11:/root [root@localhost ~]# openssl ca -in slave.csr -out slave.crt -days 360 [root@localhost ~]# scp ./slave.crt 192.168.88.22:/var/lib/mysql/ssl [root@localhost ~]# cd /etc/pki/CA [root@localhost CA]# scp ./cacert.pem 192.168.88.22:/var/lib/mysql/ssl [root@c7node1 ssl]# cd /var/lib/mysql/ssl [root@c7node1 ssl]# chown -R mysql:mysql /var/lib/mysql/ssl/.* [root@c7node1 ssl]# ll total 16 -rw-r--r--. 1 mysql mysql 1407 Nov 8 17:27 cacert.pem -rw-r--r--. 1 mysql mysql 3842 Nov 8 17:23 slave.crt -rw-r--r--. 1 mysql mysql 696 Nov 8 17:18 slave.csr -rw-------. 1 mysql mysql 891 Nov 8 17:17 slave.key
⑥、修改主从的数据库配置文件
主节点配置 [root@localhost ~]# vim /etc/my.cnf log_bin = mysql-bin server_id = 1 innodb_file_per_table = ON skip-name-resolve = ON ssl ssl-ca = /var/lib/mysql/ssl/cacert.pem ssl-cert = /var/lib/mysql/ssl/master.crt ssl-key = /var/lib/mysql/ssl/master.key MariaDB [(none)]> SHOW GLOBAL VARIABLES LIKE '%ssl%'; +---------------+-------------------------------+ | Variable_name | Value | +---------------+-------------------------------+ | have_openssl | YES | | have_ssl | YES | | ssl_ca | /var/lib/mysql/ssl/cacert.pem | | ssl_capath | | | ssl_cert | /var/lib/mysql/ssl/master.crt | | ssl_cipher | | | ssl_key | /var/lib/mysql/ssl/master.key | +---------------+-------------------------------+ #只要查询到have_openssl和have_ssl为YES,代表配置没有错,正常开启了ssl功能 从节点配置 [root@c7node1 ssl]# vim /etc/my.cnf relay_log = relay-log server_id = 8 innodb_file_per_table = ON skip-name-resolve = ON ssl ssl-ca = /var/lib/mysql/ssl/cacert.pem ssl-cert = /var/lib/mysql/ssl/slave.crt ssl-key = /var/lib/mysql/ssl/slave.key MariaDB [(none)]> SHOW GLOBAL VARIABLES LIKE '%ssl%'; +---------------+-------------------------------+ | Variable_name | Value | +---------------+-------------------------------+ | have_openssl | YES | | have_ssl | YES | | ssl_ca | /var/lib/mysql/ssl/cacert.pem | | ssl_capath | | | ssl_cert | /var/lib/mysql/ssl/slave.crt | | ssl_cipher | | | ssl_key | /var/lib/mysql/ssl/slave.key | +---------------+-------------------------------+
⑦、主上创建ssl链接的用户
MariaDB [(none)]> GRANT REPLICATION SLAVE, REPLICATION CLIENT ON *.* TO 'wlw'@'192.168.88.22' IDENTIFIED BY 'wlw' REQUIRE SSL; #授权只能通过SSL连接的账户 MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> SHOW MASTER STATUS; +------------------+----------+--------------+------------------+ | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | +------------------+----------+--------------+------------------+ | mysql-bin.000003 | 245 | | | +------------------+----------+--------------+------------------+
⑧、从服务器上通过ssl链接主服务器
MariaDB [(none)]> CHANGE MASTER TO MASTER_HOST='192.168.88.11', MASTER_USER='wlw', MASTER_PASSWORD='wlw', MASTER_LOG_FILE='mysql-bin.000003', MASTER_LOG_POS=245,master_ssl=1,master_ssl_ca='/var/lib/mysql/ssl/cacert.pem', master_ssl_cert='/var/lib/mysql/ssl/slave.crt', master_ssl_key='/var/lib/mysql/ssl/slave.key'; MariaDB [(none)]> START SLAVE; MariaDB [(none)]> SHOW SLAVE STATUS\G *************************** 1. row *************************** Slave_IO_State: Waiting for master to send event Master_Host: 192.168.88.11 Master_User: wlw Master_Port: 3306 Connect_Retry: 60 Master_Log_File: mysql-bin.000003 Read_Master_Log_Pos: 577 Relay_Log_File: relay-log.000002 Relay_Log_Pos: 861 Relay_Master_Log_File: mysql-bin.000003 Slave_IO_Running: Yes Slave_SQL_Running: Yes Replicate_Do_DB: Replicate_Ignore_DB: Replicate_Do_Table: Replicate_Ignore_Table: Replicate_Wild_Do_Table: Replicate_Wild_Ignore_Table: Last_Errno: 0 Last_Error: Skip_Counter: 0 Exec_Master_Log_Pos: 577 Relay_Log_Space: 1149 Until_Condition: None Until_Log_File: Until_Log_Pos: 0 Master_SSL_Allowed: Yes Master_SSL_CA_File: /var/lib/mysql/ssl/cacert.pem Master_SSL_CA_Path: Master_SSL_Cert: /var/lib/mysql/ssl/slave.crt Master_SSL_Cipher: Master_SSL_Key: /var/lib/mysql/ssl/slave.key Seconds_Behind_Master: 0 Master_SSL_Verify_Server_Cert: No Last_IO_Errno: 0 Last_IO_Error: Last_SQL_Errno: 0 Last_SQL_Error: Replicate_Ignore_Server_Ids: Master_Server_Id: 1
⑧、验证是否使用了ssl加密
[root@c7node1 mysql]# mysql --ssl-ca='/var/lib/mysql/ssl/cacert.pem' --ssl-cert='/var/lib/mysql/ssl/slave.crt' --ssl-key='/var/lib/mysql/ssl/slave.key' -uwlw -h192.168.88.11 -pwlw MariaDB [(none)]> \s -------------- mysql Ver 15.1 Distrib 5.5.41-MariaDB, for Linux (x86_64) using readline 5.1 Connection id: 12 Current database: Current user: [email protected] SSL: Cipher in use is DHE-RSA-AES256-GCM-SHA384 #可以看到是于SSL加密 Current pager: stdout Using outfile: '' Using delimiter: ; Server: MariaDB Server version: 5.5.41-MariaDB-log MariaDB Server Protocol version: 10 Connection: 192.168.88.11 via TCP/IP Server characterset: latin1 Db characterset: latin1 Client characterset: utf8 Conn. characterset: utf8 TCP port: 3306 Uptime: 20 min 1 sec Threads: 3 Questions: 20 Slow queries: 0 Opens: 0 Flush tables: 2 Open tables: 26 Queries per second avg: 0.016 #由于SSL相关的配置写进了配置文件,则默认是加密连接的。也可以使用--skip-ssl选项取消加密连接。
七、复制的监控和维护
①、清理日志:
MariaDB [(none)]> PURGE BINARY LOGS TO 'mysql-bin.000002'; #只会清理mysql-bin.000002之前的,不会清理mysql-bin.000002 MariaDB [(none)]> PURGE BINARY LOGS BEFORE '2015-11-11 11:11:11'; #只会清理指定时间前的二进制日志
②、复制监控
MariaDB [(none)]> SHOW MASTER STATUS; MariaDB [(none)]> SHOW BINLOG EVENTS; MariaDB [(none)]> SHOW BINARY LOGS MariaDB [(none)]> SHOW SLAVE STATUS; MariaDB [(none)]> SHOW PROCESSLIST;
③、从服务器是否落后于主服务:
MariaDB [(none)]> SHOW BINLOG LOGS; Seconds_Behind_Master: 0
④、如何确定主从节点数据是否一致;
使用工具:percona-tools
⑤、数据不一致如何修复
以主节点为准,停止从服务器,删除数据,备份主服务器数据重新复制;