Mysql-5.5.33主从复制,半同步复制,以及基于SSL的复制

一,Mysql复制概述


Mysql内建的复制功能是构建大型,高性能应用程序的基础。将Mysql的数据分布到多个系统上去,这种分布的机制,是通过将Mysql的某一台主机的数据复制到其它主机(slaves)上,并重新执行一遍来实现的。复制过程中一个服务器充当主服务器,而一个或多个其它服务器充当从服务器。主服务器将更新写入二进制日志文件,并维护文件的一个索引以跟踪日志循环。这些日志可以记录发送到从服务器的更新。当一个从服务器连接主服务器时,它通知主服务器从服务器在日志中读取的最后一次成功更新的位置。从服务器接收从那时起发生的任何更新,然后封锁并等待主服务器通知新的更新。


1.复制能解决的问题


数据分布(多个地区的数据分发)

负载均衡(读写分离)

备份

高可用和故障切换的核心功能

测试mysql升级


2.复制的原理


mysql复制的原理现阶段都是一样的,master将操作记录到bin-log中,slave的一个线程去master读取bin-log,并将他们保存到relay-log中,slave的另外一个线程去重放relay-log中的操作来实现和master数据同步。


3.复制的历史


mysql-3.2 开始支持基于命令的复制,也就是statement-based replication。mysql-5.1 开始支持基于行的复制和混合复制,也就是row-based replication和mixed-based relication,mysql-5.5 开始支持semi-synchronous的复制,也叫半同步复制,目的在于事务环境下保持主从一致,mysql-5.6 开始支持延时复制。


下面是复制的基本原理:


二,配置主从复制

为了演示方便,实验使用通用的二进制包来安装mysql:

mysql版本:mysql-5.5.33-linux2.6-x86_64

OS版本:Centos 6.4 x86:64

首先来安装master服务器

[root@localhost ~]# useradd -r -u 120 mysql
[root@localhost ~]# tar zxvf mysql-5.5.33-linux2.6-x86_64.tar.gz -C /usr/local/
[root@localhost local]# ln -s mysql-5.5.33-linux2.6-x86_64 mysql
[root@localhost local]# cd mysql
[root@localhost mysql]# mkdir /mydata/data -p
[root@localhost mysql]# chown -R root.mysql ./*
[root@localhost mysql]# ./scripts/mysql_install_db --user=mysql --datadir=/mydata/data
[root@localhost mysql]# cp support-files/my-large.cnf /etc/my.cnf
[root@localhost mysql]# cp support-files/mysql.server /etc/rc.d/init.d/mysqld
[root@localhost mysql]# chmod +x /etc/init.d/mysqld
[root@localhost mysql]# chkconfig --add mysqld
[root@localhost mysql]# chkconfig mysqld on
[root@localhost mysql]# vi /etc/my.cnf
# 在mysqld中添加如下俩行
datadir=/mydata/data
innodb_file_per_table=1
[root@localhost mysql]# service  mysqld start
Starting MySQL...... SUCCESS!


在从服务器上执行上面相同的操作


在master服务器上启用二进制日志,设置server-id(必须保证和从服务器不同)

[root@localhost mysql]# vi /etc/my.cnf
log-bin = /mydata/data/master-bin
log-bin-index = /mydata/data/master-bin.index
server-id = 1

创建具体复制权限的用户

[root@localhost ~]# mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.5.33-log MySQL Community Server (GPL)
Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.
mysql> grant replication slave,replication client on *.* to ‘repl‘@‘192.168.30.%‘ identified by ‘123456‘;
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
[root@localhost ~]# service  mysqld restart
Shutting down MySQL.. SUCCESS!
Starting MySQL... SUCCESS!


登录从服务器

[root@localhost mysql]# vi /etc/my.cnf
# 开启中继日志
relay-log=/mydata/data/relay-log
relay-log-index=/mydata/data/relay-log.index
server-id=2
# 关闭二进制日志
#log-bin=mysql-bin
[root@localhost ~]# service  mysqld restart
Shutting down MySQL. SUCCESS!
Starting MySQL... SUCCESS!


连接至主服务器,并开始复制

# 查看主服务器正在使用的binlog和当前的position
mysql> show master status;
+------------------+----------+--------------+------------------+
| File             | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+------------------+----------+--------------+------------------+
| mysql-bin.000002 |      107 |              |                  |
+------------------+----------+--------------+------------------+
1 row in set (0.00 sec)
# 在从服务器连接主服务器
mysql> change master to master_host=‘192.168.30.115‘
    -> master_port=3306
    -> master_log_file=‘mysql-bin.000002‘
    -> master_user=‘repl‘
    -> master_password=‘123456‘
    -> master_log_pos=107;
Query OK, 0 rows affected (0.49 sec)
mysql> start slave;
Query OK, 0 rows affected (0.00 sec)
mysql> show slave status\G;
*************************** 1. row ***************************
               Slave_IO_State: Waiting for master to send event
                  Master_Host: 192.168.30.115
                  Master_User: repl
                  Master_Port: 3306
                Connect_Retry: 60
              Master_Log_File: mysql-bin.000002
          Read_Master_Log_Pos: 107
               Relay_Log_File: relay-log.000002
                Relay_Log_Pos: 253
        Relay_Master_Log_File: mysql-bin.000002
             Slave_IO_Running: Yes
            Slave_SQL_Running: Yes
              Replicate_Do_DB:
          Replicate_Ignore_DB:
           Replicate_Do_Table:
       Replicate_Ignore_Table:
      Replicate_Wild_Do_Table:
  Replicate_Wild_Ignore_Table:
                   Last_Errno: 0
                   Last_Error:
                 Skip_Counter: 0
          Exec_Master_Log_Pos: 107
              Relay_Log_Space: 403
              Until_Condition: None
               Until_Log_File:
                Until_Log_Pos: 0
           Master_SSL_Allowed: No
           Master_SSL_CA_File:
           Master_SSL_CA_Path:
              Master_SSL_Cert:
            Master_SSL_Cipher:
               Master_SSL_Key:
        Seconds_Behind_Master: 0
Master_SSL_Verify_Server_Cert: No
                Last_IO_Errno: 0
                Last_IO_Error:
               Last_SQL_Errno: 0
               Last_SQL_Error:
  Replicate_Ignore_Server_Ids:
             Master_Server_Id: 1
1 row in set (0.00 sec)

以上信息发现

Slave_IO_Running: Yes

Slave_SQL_Running: Yes

说明主从服务器配置成功了。


三,配置半同步复

   登录主服务器

# 加载半同步复制模块
mysql> install plugin rpl_semi_sync_master soname ‘semisync_master.so‘;
Query OK, 0 rows affected (0.00 sec)
# 开启半同步复制功能
mysql> set global rpl_semi_sync_master_enabled=1;
Query OK, 0 rows affected (0.00 sec)
# 设置主服务器等待从服务器多长时间,开始转为异步复制
mysql> set global rpl_semi_sync_master_timeout=1000;
Query OK, 0 rows affected (0.00 sec)

  登录从服务器

mysql> install plugin rpl_semi_sync_slave soname‘semisync_slave.so‘;
Query OK, 0 rows affected (0.00 sec)
mysql> set global rpl_semi_sync_slave_enabled=1;
Query OK, 0 rows affected (0.00 sec)
mysql> stop slave IO_THREAD;
Query OK, 0 rows affected (0.07 sec)
mysql> start slave IO_THREAD;
Query OK, 0 rows affected (0.00 sec)


在Master和Slave的my.cnf中编辑

# On Master
[mysqld]
rpl_semi_sync_master_enabled=1
rpl_semi_sync_master_timeout=1000 # 1 second
# On Slave
[mysqld]
rpl_semi_sync_slave_enabled=1
# 也可通过设置全局变量的方式来设置,如下:
set global rpl_semi_sync_master_enabled=1
# 取消加载插件
mysql> UNINSTALL PLUGIN rpl_semi_sync_master;


查看从服务器上的semi_sync是否开启:

mysql> show global status like ‘rpl_semi%‘;
+--------------------------------------------+-------+
| Variable_name                              | Value |
+--------------------------------------------+-------+
| Rpl_semi_sync_master_clients               | 1     |
| Rpl_semi_sync_master_net_avg_wait_time     | 0     |
| Rpl_semi_sync_master_net_wait_time         | 0     |
| Rpl_semi_sync_master_net_waits             | 0     |
| Rpl_semi_sync_master_no_times              | 0     |
| Rpl_semi_sync_master_no_tx                 | 0     |
| Rpl_semi_sync_master_status                | ON    |
| Rpl_semi_sync_master_timefunc_failures     | 0     |
| Rpl_semi_sync_master_tx_avg_wait_time      | 0     |
| Rpl_semi_sync_master_tx_wait_time          | 0     |
| Rpl_semi_sync_master_tx_waits              | 0     |
| Rpl_semi_sync_master_wait_pos_backtraverse | 0     |
| Rpl_semi_sync_master_wait_sessions         | 0     |
| Rpl_semi_sync_master_yes_tx                | 0     |
+--------------------------------------------+-------+
14 rows in set (0.00 sec)
# 注意clients 变为1 ,证明主从半同步复制连接成功


在主-从架构上,建议使用的配置:

主服务器:

sync_binlog=1  # 主服务器崩溃,任何一个事务提交之后就立即写入到磁盘中的二进制文件

innodb_flush_logs_at_trx_commit=1 #任何一个事物提交之后就立即写入到磁盘中的日志文件


从服务器:

skip_slave_start=1  #重启从服务器时不自动开启slave进程

read_only=1         #设置从服务器为只读模式


四,配置基于SSL主从复制

   配置Master为CA服务器

[root@localhost ~]# cd /etc/pki/CA
[root@localhost CA]# (umask 077;openssl genrsa 2048 > private/cakey.pem)
[root@localhost CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 3650
[root@localhost CA]# mkdir certs crl newcerts
[root@localhost CA]# touch index.txt
[root@localhost CA]# echo 01 > serial

在主服务器上为mysql准备私钥和证书

[root@localhost ~]# mkdir /usr/local/mysql/ssl
[root@localhost ~]# cd /usr/local/mysql/ssl/
[root@localhost ssl]# (umask 077;openssl genrsa 1024 > mysql.key)
# 这里生成的证书请求要去CA的一致
[root@localhost ssl]# openssl req -new -key mysql.key -out mysql.csr
[root@localhost ssl]# openssl ca -in mysql.csr -out mysql.crt
[root@localhost ssl]# cp /etc/pki/CA/cacert.pem /usr/local/mysql/ssl/
[root@localhost ssl]# chown -R mysql.mysql /usr/local/mysql/ssl/


在从服务器上:

[root@localhost ~]# mkdir /usr/local/mysql/ssl
[root@localhost ~]# chown -R mysql.mysql /usr/loca/mysql/ssl
[root@localhost ~]# cd /usr/local/mysql/ssl/
[root@localhost ssl]# (umask 077;openssl genrsa 1024 > mysql.key)
# 这里填写也要与CA一致
root@localhost ssl]# openssl req -new -key mysql.key -out mysql.csr
# 把证书申请传到CA服务器上
[root@localhost ssl]# scp mysql.csr [email protected]:/root/


在master为slave签署证书

[root@localhost ~]# openssl ca -in mysql.csr -out mysql.crt
[root@localhost ~]# scp ./mysql.crt [email protected]:/usr/local/mysql/ssl
[root@localhost ~]# scp /etc/pki/CA/cacert.pem [email protected]:/usr/local/mysql/ssl/
#在从服务器,设置ssl属主属组为mysql
[root@localhost ~]# chown -R mysql.mysql /usr/local/mysql/ssl/


  在主从服务器上都开启ssl功能:

[root@localhost ~]# vi /etc/my.cnf
# 添加如下几行
ssl
ssl-ca=/usr/local/mysql/ssl/cacert.pem
ssl-cert=/usr/local/mysql/ssl/mysql.crt
ssl-key=/usr/local/mysql/ssl/mysql.key
[root@localhost ~]# service  mysqld restart
Shutting down MySQL. SUCCESS!
Starting MySQL... SUCCESS!
[root@localhost ssl]# mysql
mysql> show variables like ‘%ssl%‘;
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
Connection id:    3
Current database: *** NONE ***
+---------------+---------------------------------+
| Variable_name | Value                           |
+---------------+---------------------------------+
| have_openssl  | YES                             |
| have_ssl      | YES                             |
| ssl_ca        | /usr/local/mysql/ssl/cacert.pem |
| ssl_capath    |                                 |
| ssl_cert      | /usr/local/mysql/ssl/mysql.crt  |
| ssl_cipher    |                                 |
| ssl_key       | /usr/local/mysql/ssl/mysql.key  |
+---------------+---------------------------------+
7 rows in set (0.00 sec)

以上信息显示master服务器ssl功能已经开启


在slave服务器执行上面同样的操作,开启ssl功能

在master服务器删除原来的复制账号,添加新的复制账号

mysql> delete from user where User=‘repl‘;
mysql> grant replication client,replication slave on *.* to ‘sslrepl‘@‘192.168.30.%‘ identified by ‘123456‘ require ssl;
mysql> flush privileges;


在slave服务器连接master

mysql> stop slave;
mysql> change master to master_host=‘192.168.30.115‘
    -> master_port=3306
    -> master_log_file=‘mysql-bin.000005‘
    -> master_user=‘sslrepl‘
    -> master_password=‘123456‘
    -> master_log_pos=107
    -> master_ssl=1
    -> master_ssl_ca=‘/usr/local/mysql/ssl/cacert.pem‘
    -> master_ssl_cert=‘/usr/local/mysql/ssl/mysql.crt‘
    -> master_ssl_key=‘/usr/local/mysql/ssl/mysql.key‘;
mysql> start slave;
mysql> show slave status\G;
*************************** 1. row ***************************
               Slave_IO_State: Waiting for master to send event
                  Master_Host: 192.168.30.115
                  Master_User: sslrepl
                  Master_Port: 3306
                Connect_Retry: 60
              Master_Log_File: mysql-bin.000005
          Read_Master_Log_Pos: 107
               Relay_Log_File: relay-log.000002
                Relay_Log_Pos: 253
        Relay_Master_Log_File: mysql-bin.000005
             Slave_IO_Running: Yes
            Slave_SQL_Running: Yes
              Replicate_Do_DB:
          Replicate_Ignore_DB:
           Replicate_Do_Table:
       Replicate_Ignore_Table:
      Replicate_Wild_Do_Table:
  Replicate_Wild_Ignore_Table:
                   Last_Errno: 0
                   Last_Error:
                 Skip_Counter: 0
          Exec_Master_Log_Pos: 107
              Relay_Log_Space: 403
              Until_Condition: None
               Until_Log_File:
                Until_Log_Pos: 0
           Master_SSL_Allowed: Yes
           Master_SSL_CA_File: /usr/local/mysql/ssl/cacert.pem
           Master_SSL_CA_Path: /usr/local/mysql/ssl
              Master_SSL_Cert: /usr/local/mysql/ssl/mysql.crt
            Master_SSL_Cipher:
               Master_SSL_Key: /usr/local/mysql/ssl/mysql.key
        Seconds_Behind_Master: 0
Master_SSL_Verify_Server_Cert: No
                Last_IO_Errno: 0
                Last_IO_Error:
               Last_SQL_Errno: 0
               Last_SQL_Error:
  Replicate_Ignore_Server_Ids:
             Master_Server_Id: 1
1 row in set (0.00 sec)
Slave_IO_Running: Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
Slave_SQL_Running: Yes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
Master_SSL_Allowed: Yes  三个都输出为yes 才表明配置成功

五,在slave主机测试

[root@localhost ~]# mysql -u sslrepl -h 192.168.30.115 -p123456 --ssl-ca=/usr/local/mysql/ssl/cacert.pem --ssl-cert=/usr/local/mysql/ssl/mysql.crt --ssl-key=/usr/local/mysql/ssl/mysql.key
mysql> \s
--------------
mysql  Ver 14.14 Distrib 5.1.66, for redhat-linux-gnu (x86_64) using readline 5.1
Connection id:      6
Current database:
Current user:       [email protected]
SSL:            Cipher in use is DHE-RSA-AES256-SHA
Current pager:      stdout
Using outfile:      ‘‘
Using delimiter:    ;
Server version:     5.5.33-log MySQL Community Server (GPL)
Protocol version:   10
Connection:     192.168.30.115 via TCP/IP
Server characterset:    latin1
Db     characterset:    latin1
Client characterset:    latin1
Conn.  characterset:    latin1
TCP port:       3306
Uptime:         24 min 25 sec
Threads: 2  Questions: 23  Slow queries: 0  Opens: 33  Flush tables: 1  Open tables: 26  Queries per second avg: 0.015


信息:SSL:            Cipher in use is DHE-RSA-AES256-SHA  表明连接是加密的

 Mysql-5.5.33主从复制,半同步复制,以及基于ssl的复制已经配置完成



本文出自 “龍行天下” 博客,请务必保留此出处http://luojianlong.blog.51cto.com/4412415/1387371

Mysql-5.5.33主从复制,半同步复制,以及基于SSL的复制,古老的榕树,5-wow.com

郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。