通过代理的 Mariadb 连接不起作用
Mariadb connection through proxy is not working
我是新手,请多关照...
我正在使用 HAProxy 作为多个事物的代理,但不断出现的问题是我想使用代理连接到 Mariadb Galera 集群。我正在使用 keepalived 分配一个虚拟 IP,然后代理应该在该虚拟 IP 上监听并平衡与数据库的连接。当前状态是:
3 台机器,每台 运行 一组(稍作修改,只有必要的东西)keepalived、HAProxy 和 MariaDB(启用 Galera)。
他们的IP分别是10.0.0.1、10.0.0.2和10.0.0.3,keepalived分配的虚拟IP是10.0.0.9。
HAProxy 侦听 3310,然后平衡到 3306 到其他机器(因为机器 运行ning HAProxy 也 运行 数据库,这就是我使用非默认端口的原因)。
问题:我正在使用没有权限的无密码测试用户“lol”,从 10.0.0.1(也分配了 10.0.0.9 atm)连接。我会post下面剩下的。
mysql -u lol #connects
mysql -P 3310 -u lol #connects
mysql -h 10.0.0.9 -u lol #connects
mysql -h 10.0.0.9 -u lol #from 10.0.0.2, connects
mysql -h 10.0.0.9 -P 3310 -u lol #hangs a while, then spits out this message:
ERROR 2013 (HY000): Lost connection to MySQL server at 'handshake: reading initial communication packet', system error: 11
为什么会这样?我的防火墙(目前)是完全打开的,所以这不应该是问题所在。我在下面包含了 MariaDB、keepalived 和 HAProxy 的配置文件。 (我故意从配置文件中删除了不必要的注释)
/etc/mysql/mariadb.conf.d/50-server.cnf(由于我的安装方式,没有其他对MariaDB有意义的配置文件,有空请教)
[server]
[mysqld]
#
# * Basic Settings
#
user = mysql
pid-file = /run/mysqld/mysqld.pid
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
lc-messages = en_US
skip-external-locking
#skip-name-resolve
bind-address = 0.0.0.0
#
# * Fine Tuning
#
#key_buffer_size = 128M
#max_allowed_packet = 1G
#thread_stack = 192K
#thread_cache_size = 8
#myisam_recover_options = BACKUP
#max_connections = 100
#table_cache = 64
#
# * Logging and Replication
#
#general_log_file = /var/log/mysql/mysql.log
#general_log = 1
log_error = /var/log/mysql/error.log
# Enable the slow query log to see queries with especially long duration
#slow_query_log_file = /var/log/mysql/mariadb-slow.log
#long_query_time = 10
#log_slow_verbosity = query_plan,explain
#log-queries-not-using-indexes
#min_examined_row_limit = 1000
#server-id = 1
#log_bin = /var/log/mysql/mysql-bin.log
expire_logs_days = 10
#max_binlog_size = 100M
#
# * SSL/TLS
#
#ssl-ca = /etc/mysql/cacert.pem
#ssl-cert = /etc/mysql/server-cert.pem
#ssl-key = /etc/mysql/server-key.pem
#require-secure-transport = on
character-set-server = utf8mb4
collation-server = utf8mb4_general_ci
#
# * InnoDB
#
#innodb_buffer_pool_size = 8G
[embedded]
[mariadb]
[mariadb-10.5]
[galera]
wsrep_on=ON
wsrep_provider=/usr/lib/galera/libgalera_smm.so
wsrep_cluster_address="gcomm://10.0.0.1,10.0.0.2,10.0.0.3"
binlog_format=row
default_storage_engine=InnoDB
innodb_autoinc_lock_mode=2
bind-address=0.0.0.0
# any cluster name
wsrep_cluster_name="MariaDB_Cluster"
# own IP address
wsrep_node_address="10.0.0.1"
/etc/keepalived/keepalived.conf(我只包含了有意义的部分,还有其他的VRRP设置,还有其他机器配置为低优先级的slave,keepalived应该不是这里的问题,只是添加它澄清)
...
vrrp_instance VRRP2 {
state MASTER
interface ens19
virtual_router_id 111
priority 200
advert_int 1
authentication {
auth_type PASS
auth_pass 1011
}
virtual_ipaddress {
10.0.0.9/24
}
}
...
/etc/haproxy/haproxy.cfg(其他的也在这里设置,不包括那些)
global
log /dev/log local0
log /dev/log local1 notice
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend galera
bind :3310
default_backend mariadb
backend mariadb
balance leastconn
option mysql-check user lol
server srv1 10.0.0.1:3306 check
server srv2 10.0.0.2:3306 check
server srv3 10.0.0.3:3306 check
我有答案。问题是,我需要将 mode tcp 添加到数据库的前端和后端。现在它按预期工作,如果还有任何其他问题,我将对此答案发表评论。依赖这个的东西比较多
我是新手,请多关照...
我正在使用 HAProxy 作为多个事物的代理,但不断出现的问题是我想使用代理连接到 Mariadb Galera 集群。我正在使用 keepalived 分配一个虚拟 IP,然后代理应该在该虚拟 IP 上监听并平衡与数据库的连接。当前状态是:
3 台机器,每台 运行 一组(稍作修改,只有必要的东西)keepalived、HAProxy 和 MariaDB(启用 Galera)。
他们的IP分别是10.0.0.1、10.0.0.2和10.0.0.3,keepalived分配的虚拟IP是10.0.0.9。
HAProxy 侦听 3310,然后平衡到 3306 到其他机器(因为机器 运行ning HAProxy 也 运行 数据库,这就是我使用非默认端口的原因)。
问题:我正在使用没有权限的无密码测试用户“lol”,从 10.0.0.1(也分配了 10.0.0.9 atm)连接。我会post下面剩下的。
mysql -u lol #connects
mysql -P 3310 -u lol #connects
mysql -h 10.0.0.9 -u lol #connects
mysql -h 10.0.0.9 -u lol #from 10.0.0.2, connects
mysql -h 10.0.0.9 -P 3310 -u lol #hangs a while, then spits out this message:
ERROR 2013 (HY000): Lost connection to MySQL server at 'handshake: reading initial communication packet', system error: 11
为什么会这样?我的防火墙(目前)是完全打开的,所以这不应该是问题所在。我在下面包含了 MariaDB、keepalived 和 HAProxy 的配置文件。 (我故意从配置文件中删除了不必要的注释)
/etc/mysql/mariadb.conf.d/50-server.cnf(由于我的安装方式,没有其他对MariaDB有意义的配置文件,有空请教)
[server]
[mysqld]
#
# * Basic Settings
#
user = mysql
pid-file = /run/mysqld/mysqld.pid
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
lc-messages = en_US
skip-external-locking
#skip-name-resolve
bind-address = 0.0.0.0
#
# * Fine Tuning
#
#key_buffer_size = 128M
#max_allowed_packet = 1G
#thread_stack = 192K
#thread_cache_size = 8
#myisam_recover_options = BACKUP
#max_connections = 100
#table_cache = 64
#
# * Logging and Replication
#
#general_log_file = /var/log/mysql/mysql.log
#general_log = 1
log_error = /var/log/mysql/error.log
# Enable the slow query log to see queries with especially long duration
#slow_query_log_file = /var/log/mysql/mariadb-slow.log
#long_query_time = 10
#log_slow_verbosity = query_plan,explain
#log-queries-not-using-indexes
#min_examined_row_limit = 1000
#server-id = 1
#log_bin = /var/log/mysql/mysql-bin.log
expire_logs_days = 10
#max_binlog_size = 100M
#
# * SSL/TLS
#
#ssl-ca = /etc/mysql/cacert.pem
#ssl-cert = /etc/mysql/server-cert.pem
#ssl-key = /etc/mysql/server-key.pem
#require-secure-transport = on
character-set-server = utf8mb4
collation-server = utf8mb4_general_ci
#
# * InnoDB
#
#innodb_buffer_pool_size = 8G
[embedded]
[mariadb]
[mariadb-10.5]
[galera]
wsrep_on=ON
wsrep_provider=/usr/lib/galera/libgalera_smm.so
wsrep_cluster_address="gcomm://10.0.0.1,10.0.0.2,10.0.0.3"
binlog_format=row
default_storage_engine=InnoDB
innodb_autoinc_lock_mode=2
bind-address=0.0.0.0
# any cluster name
wsrep_cluster_name="MariaDB_Cluster"
# own IP address
wsrep_node_address="10.0.0.1"
/etc/keepalived/keepalived.conf(我只包含了有意义的部分,还有其他的VRRP设置,还有其他机器配置为低优先级的slave,keepalived应该不是这里的问题,只是添加它澄清)
...
vrrp_instance VRRP2 {
state MASTER
interface ens19
virtual_router_id 111
priority 200
advert_int 1
authentication {
auth_type PASS
auth_pass 1011
}
virtual_ipaddress {
10.0.0.9/24
}
}
...
/etc/haproxy/haproxy.cfg(其他的也在这里设置,不包括那些)
global
log /dev/log local0
log /dev/log local1 notice
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend galera
bind :3310
default_backend mariadb
backend mariadb
balance leastconn
option mysql-check user lol
server srv1 10.0.0.1:3306 check
server srv2 10.0.0.2:3306 check
server srv3 10.0.0.3:3306 check
我有答案。问题是,我需要将 mode tcp 添加到数据库的前端和后端。现在它按预期工作,如果还有任何其他问题,我将对此答案发表评论。依赖这个的东西比较多