无法通过 MaxScale 连接应用程序

Question

我有 3 个节点 Galera Cluseter 和一个用于 maxscale 的节点。问题是只有我在 maxscale.cnf 中定义的 maxscale 用户可以通过侦听器服务连接到集群。所有节点都在本地网络中并且可以相互看到。

maxscale.cnf

[maxscale]
threads=1

[Galera-Monitor]
type=monitor
module=galeramon
servers=server1,server2,server3
user=maxscale
password=qwe123
monitor_interval=1000

[Read-Write-Service]
type=service
router=readwritesplit
servers=server1, server2, server3
user=maxscale
password=qwe123

[Read-Only-Service]
type=service
router=readconnroute
servers=server1, server2, server3
user=maxscale
password=qwe123
router_options=slave

[Read-Write-Listener]
type=listener
service=Read-Write-Service
protocol=MariaDBClient
port=4006

[Read-Only-Listener]
type=listener
service=Read-Only-Service
protocol=MariaDBClient
port=4008

[server1]
type=server
address=192.168.122.93
port=3306
protocol=MariaDBBackend

[server2]
type=server
address=192.168.122.17
port=3306
protocol=MariaDBBackend

[server3]
type=server
address=192.168.122.13
port=3306
protocol=MariaDBBackend

root@maxscale:~# mysql -umaxscale -pqwe123 -h192.168.122.222 -P4006                                                                                   
Welcome to the MariaDB monitor.  Commands end with ; or \g.

root@maxscale:~# mysql -umyuser -pmyuser -h192.168.122.222 -P4006
ERROR 1045 (28000): Access denied for user 'myuser'@'::ffff:192.168.122.222' (using password: YES)

root@sky:~# mysql -umyuser -pmyuser -h192.168.122.17
Welcome to the MariaDB monitor.  Commands end with ; or \g.


MariaDB [(none)]> show grants for myuser;
+-------------------------------------------------------------------------------------------------------+
| Grants for myuser@%                                                                                   |
+-------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'myuser'@'%' IDENTIFIED BY PASSWORD '*CBA73BBE5D9AF59311C3F4D7E8C20AA847F7B188' |
| GRANT ALL PRIVILEGES ON `mydatabase`.`pet` TO 'myuser'@'%'                                            |
+-------------------------------------------------------------------------------------------------------+

如您所见，myuser 在通过 maxscale 节点进行连接时出现问题。我如何解决这个问题并使任何应用程序都可以通过自己的用户连接到 maxscale。

编辑：

这是我的 maxscale 用户权限：

MariaDB [(none)]> show grants;
+--------------------------------------------------------------------------------------------------------------------------------+
| Grants for maxscale@192.168.122.222                                                                                            |
+--------------------------------------------------------------------------------------------------------------------------------+
| GRANT SHOW DATABASES ON *.* TO 'maxscale'@'192.168.122.222' IDENTIFIED BY PASSWORD '*8DCDD69CE7D121DE8013062AEAEB2A148910D50E' |
| GRANT SELECT ON `mysql`.`db` TO 'maxscale'@'192.168.122.222'                                                                   |
| GRANT SELECT ON `mysql`.`user` TO 'maxscale'@'192.168.122.222'                                                                 |
+--------------------------------------------------------------------------------------------------------------------------------+

Answer 1

基于这个有用的link：https://mariadb.com/kb/en/maxscale-troubleshooting/

检查节点配置的以下权限：

GRANT SELECT ON mysql.user TO 'maxscale'@'maxscalehost';
GRANT SELECT ON mysql.db TO 'maxscale'@'maxscalehost';
GRANT SELECT ON mysql.tables_priv TO 'maxscale'@'maxscalehost';
GRANT SELECT ON mysql.roles_mapping TO 'maxscale'@'maxscalehost';
GRANT SHOW DATABASES ON *.* TO 'maxscale'@'maxscalehost';

无法通过 MaxScale 连接应用程序

Failing to connect applications via MaxScale

mariadb

galera

maxscale