Galera Clustering adds high availability to your database by updating the changes to different MariaDB servers. In the event that one of the instances fails, the other quickly take over and available to continue serving.
There are two cluster configurations, active-passive and active-active. in active-passive clusters, all writes are done on a single server and then copied to one or more passive servers that are poised to take over only in the event of an active server failure. Some active-passive clusters also allow SELECT operations on passive nodes. In an active-active cluster, every node is read-write and a change made to one is replicated to all.
In this guide, we will configure an active-active Cloud MariaDB Galera cluster. For demonstration purposes, we will configure and test three Amazon AWS or Microsoft Azure servers in different regions. Later we create NGINX web servers that rely on our cluster servers. In this case, we have a super fast web server in all regions and a high availability databases.
To continue with our guide you need:
- Minimal Three Cloud Ubuntu 16.04 servers in a different zone or even more Cloud servers if you want more zones. If possible for the best performance select the same type of Cloud server for each zone.
Once you are ready for the basic setup and al the cloud servers are up and running, we are ready to install MariaDB
Step 1 — Adding the MariaDB 10.1 Repositories to All Servers,
By default the MariaDB 10.1 isn´t included in the default Ubuntu Repositories, so we start by adding this external Ubuntu repository maintained by the MariaDB project for all of our Cloud Servers.
Note: MariaDB is a well-respected provider, but not all external repositories are reliable. Be sure to install only from trusted sources.
First, we”ll add the MariaDB repository key with the command
apt-key, which apt will use to verify that the package is authentic.
sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
apt-get updateafterward to include package manifests from the new repository:
sudo add-apt-repository "deb [arch=amd64,i386,ppc64el] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.1/ubuntu xenial main" sudo apt-get update
Note: You must run
updateafter adding the repository. Otherwise, you’ll install version 10.2.8 (date 22/12/2017) from the Ubuntu packages, which does not contain the Galera package.
Once the repositories are updated on all the servers(minimal 3), we”re ready to install MariaDB. One thing to note about MariaDB is that it originated as a drop-in replacement for MySQL, so in many configuration files and startup scripts, you”ll see rather
mariadb For consistency’s sake, we use this
mysql guide where either could work.
Step 2 — Installing MariaDB on All Servers
Beginning with version 10.1, the MariaDB Server and MariaDB Galera Server packages are combined, so installing
mariadb-serverwill automatically install Galera and several dependencies:
sudo apt-get install mariadb-server
During the installation, you will be asked to set a password for the MariaDB administrative user. No matter what you choose, this root password will be overwritten with the password from the first node once replication begins.
We should have all the pieces necessary to begin configuring the cluster, but since we’ll be relying on
rsync in later steps, let’s make sure it’s installed.
sudo apt-get install rsync
This will confirm that the newest version of
rsync is already available or prompt you to upgrade or install it.
Once we have installed MariaDB on each of the servers, we can begin configuration.
Step 3 — Configuring the First Node
Each node in the cluster needs to have a nearly identical configuration. Because of this, we will do all the configuration on our first machine, and then copy it to the other nodes.
By default, MariaDB is configured to check the
/etc/mysql/conf.d directory to get additional configuration settings for from ending in
.cnf. We will create a file in this directory with all of our cluster-specific directives:
galera-node01$ sudo nano /etc/mysql/conf.d/galera.cnf
Copy and paste the following configuration into the file. You will need to change the settings highlighted in red. We’ll explain what each section means below.
[mysqld] binlog_format=ROW default-storage-engine=innodb innodb_autoinc_lock_mode=2 bind-address=0.0.0.0 # Galera Provider Configuration wsrep_on=ON wsrep_provider=/usr/lib/galera/libgalera_smm.so # Galera Cluster Configuration wsrep_cluster_name="test_cluster" wsrep_cluster_address="gcomm://<span style="color: #ff0000;">first_ip,second_ip,third_ip,ect..</span>" # Galera Synchronization Configuration wsrep_sst_method=rsync # Galera Node Configuration wsrep_node_address="<span style="color: #ff0000;">this_node_ip</span>" wsrep_node_name="<span style="color: #ff0000;">this_node_name</span>"
- The first section modifies or re-asserts MariaDB/MySQL settings that will allow the cluster to function correctly. For example, Galera Cluster won’t work with MyISAM or similar non-transactional storage engines, and
mysqldmust not be bound to the IP address for localhost. You can learn about the settings in more detail on the Galera Cluster system configuration page.
- The “Galera Provider Configuration” section configures the MariaDB components that provide a WriteSet replication API. This means Galera in our case since Galera is a wsrep (WriteSet Replication) provider. We specify the general parameters to configure the initial replication environment. This doesn’t require any customization, but you can learn more about Galera configuration options.
- The “Galera Cluster Configuration” section defines the cluster, identifying the cluster members by IP address or resolvable domain name and creating a name for the cluster to ensure that members join the correct group. You can change the
wsrep_cluster_nameto something more meaningful than
test_clusteror leave it as-is, but you must update
wsrep_cluster_addresswith the addresses of your servers. If your servers have private IP addresses, use them here.
- The “Galera Synchronization Configuration” section defines how the cluster will communicate and synchronize data between members. This is used only for the state transfer that happens when a node comes online. For our initial setup, we are using
rsyncbecause it’s commonly available and does what we need for now.
- The “Galera Node Configuration” section clarifies the IP address and the name of the current server. This is helpful when trying to diagnose problems in logs and for referencing each server in multiple ways. The
wsrep_node_addressmust match the address of the machine you”re on, but you can choose any name you want to help you identify the node in log files.
When you are satisfied with your cluster configuration file, copy the contents to your clipboard, save and close the file.
Step 4 — Configuring the Remaining Nodes
On each of the remaining nodes, open the configuration file:
sudo nano /etc/mysql/conf.d/galera.cnf
Paste in the configuration you copied from the first node, then update the “Galera Node Configuration” to use the IP address or resolvable domain name for the specific node you are setting up. Finally, update its name, which you can set to whatever helps you identify the node in your log files:
. . . # Galera Node Configuration wsrep_node_address="<span style="color: #ff0000;">this_node_ip</span>" wsrep_node_name="<span style="color: #ff0000;">this_node_name</span>" . . .
Save and exit the file on each server. We”re almost ready to bring up the cluster, but before we do, we”ll want to make sure that the appropriate ports are open.
Step 5 — Opening the Firewall on Every Server
On every server, let’s check the status of the firewall:
sudo ufw status
In this case, only SSH is allowed through:
Output Status: active To Action From -- ------ ---- OpenSSH ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6)
Since only ssh traffic is permitted in this case, we’ll need to add rules for MySQL and Galera traffic. If we tried to start the cluster, we would fail because of firewall rules.
Galera can make use of four ports:
- 3306 For MySQL client connections and State Snapshot Transfer that use the mysqldump method.
- 4567 For Galera Cluster replication traffic, multi cast replication uses both UDP transport and TCP on this port.
- 4568 For Incremental State Transfer.
- 4444 For all other State Snapshot Transfer.In our example, we’ll open all four ports while we do our setup. Once we”ve confirmed that replication is working, we”d want to close any ports we’re not actually using and restrict traffic to just servers in the cluster.Open the ports with the following command:
sudo ufw allow 3306,4567,4568,4444/tcp sudo ufw allow 4567/udp
Step 6 — Starting the Cluster
To begin, we need to stop the running MariaDB service so that our cluster can be brought online.
sudo systemctl stop mysql
systemctl doesn’t display the outcome of all service management commands, so to be sure we succeeded, we’ll use the following command:
sudo systemctl status mysql
If the last line looks something like the following, the command was successful.
Output . . . Dec 22 02:55:15 galera-01 systemd: Stopped MariaDB database server.
Once we’ve shut down
mysql on all of the servers, we’re ready to proceed.
Bring up the First Node:
To bring up the first node, we”ll need to use a special startup script. The way we”ve configured our cluster, each node that comes online tries to connect to at least one other node specified in its
galera.cnf file to get its initial state. Without using the
galera_new_cluster script that allows systemd to pass the the
--wsrep-new-cluster parameter, a normal
systemctl start mysql would fail because there are no nodes running for the first node to connect with.
galera-node-01$ sudo galera_new_cluster
When this script succeeds, the node is registered as part of the cluster, and we can see it with the following command:
galera-node-01$ mysql -u root -p -e "SHOW STATUS LIKE "wsrep_cluster_size"" Output +--------------------+-------+ | Variable_name | Value | +--------------------+-------+ | wsrep_cluster_size | 1 | +--------------------+-------+
On the remaining nodes, we can start
mysql normally. They will search for any member of the cluster list that is online, so when they find one, they will join the cluster.
Bring up the Second Node:
galera-node-02$ sudo systemctl start mysql
We should see our cluster size increase as each node comes online:
galera-node-02$ mysql -u root -p -e "SHOW STATUS LIKE "wsrep_cluster_size"" Output +--------------------+-------+ | Variable_name | Value | +--------------------+-------+ | wsrep_cluster_size | 2 | +--------------------+-------+
Update the Third Node:
galera-node-03$ sudo systemctl start mysql
If everything is working well, the cluster size should be set to three:
Output +--------------------+-------+ | Variable_name | Value | +--------------------+-------+ | wsrep_cluster_size | 3 | +--------------------+-------+
If you have more clusters in other regions continue the same way until you reach the latest server.
At this point, the entire cluster should be online and communicate. Before we test replication, however, there”s one more configuration detail to attend to.
Step 7 — Configuring the Debian Maintenance User
Currently, Ubuntu and Debian’s MariaDB servers do routine maintenance such as log rotation as a special maintenance user. When we installed MariaDB, the credentials for that user were randomly generated, stored in
/etc/mysql/debian.cnf, and inserted into the MariaDB”s
As soon as we brought up our cluster, the password from the first node was replicated to the other nodes, so the value in
debian.cnf no longer matches the password in the database. This means anything that uses the maintenance account will try to connect to the database with the password in the configuration file and will fail on all but the first node.
To correct this, we’ll copy our first node”s
debian.cnf to the remaining nodes.
Copy from the First Node:
debian.cnf file with your text editor:
galera-node-01$ sudo nano /etc/mysql/debian.cnf
The file should look something like:
[client] host = localhost user = debian-sys-maint password = 4DsjdLUsahlcdCLk socket = /var/run/mysqld/mysqld.sock [mysql_upgrade] host = localhost user = debian-sys-maint password = 4DsjdLUsahlcdCLk socket = /var/run/mysqld/mysqld.sock basedir = /usr
Copy the information into your clipboard.
Update the Second Node:
On your second node, open the same file:
galera-node-02$ sudo nano /etc/mysql/debian.cnf
Despite the warning at the top of the file that says “DO NOT TOUCH!” we need to make the change for the cluster to work. You can confidently delete the current information (CTRL-K) and paste the contents from the first node’s configuration. They should be the same now. Save and close the file.
Update the Third Node:
On your third node, open the same file:
galera-node-03$ sudo nano /etc/mysql/debian.cnf
Delete the current information and paste the contents from the first node’s configuration. Save and close the file.
Continue the same to the other servers if you have more than three servers.
Note: After you’re done, you can test that the maintenance account can connect by supplying the password from the local
debian.conf as follows:
sudo cat /etc/mysql/debian.cnf
Copy the password from the output. Then connect to
mysql -u debian-sys-maint -p
At the prompt, supply the password that you copied. If you can connect, all is well.
If not, verify the password in the file is the same as the first node, then substitute below:
galera-node-03$ update mysql.user set password=PASSWORD("<span style="color: #ff0000;">password_from_debian.cnf</span>") where User="debian-sys-maint";
Repeat to test remaining nodes.
Step 8 — Testing Replication
We’ve gone through the steps up to this point so that our cluster can perform replication from any node to any other node, known as active-active or master-master replication. Let’s test to see if the replication is working as expected.
Write to the First Node:
We’ll start by making database changes on our first node. The following commands will create a database called
playground and a table inside of this called
galera-node-01$ mysql -u root -p -e "CREATE DATABASE playground; galera-node-01$ CREATE TABLE playground.equipment ( id INT NOT NULL AUTO_INCREMENT, type VARCHAR(50), quant INT, color VARCHAR(25), PRIMARY KEY(id)); galera-node-01$ INSERT INTO playground.equipment (type, quant, color) VALUES ("slide", 2, "blue");"
We now have one value in our table.
Read and Write on the Second Node:
Next, we”ll look at the second node to verify that replication is working:
galera-node-02$ mysql -u root -p -e "SELECT * FROM playground.equipment;"
If replication is working, the data we entered on the first node will be visible here on the second:
At this point, you should have a working Galera test cluster configured. If you plan on using a Galera cluster in a production situation, it’s recommended that you begin with no fewer than five nodes.
Before production use, you may want to take a look at some other state snapshot transfer (sst) agents like “xtrabackup” which allows you to set up new nodes rapidly and without large interruptions to your active nodes. This does not affect the actual replication but is a concern when nodes are being initialized.
Finally, if your cluster members are not on a private network,(just as in our case) you will also need to set up SSL to protect your data as it moves between servers to the different zones.