mysql集群部署(8.0.33)

1
caching_sha2_password作为8.0默认的密码认证插件,其安全性强于mysql_native_password,性能优于sha256_password;但由于客户端和驱动的兼容性问题,建议还是采用mysql_native_password作为默认的密码认证插件

1 修改hosts

1
2
3
4
5
6
7
8
9
# 三台都操作

192.168.64.31 server-1
192.168.64.32 server-2
192.168.64.30 server-3

192.168.64.30 V002012011-mysql-01-30
192.168.64.30 V002012012-mysql-02-31
192.168.64.30 V002012013-mysql-03-32

2 安装MYSQL

1
2
3
4
5
6
7
8
9
# 三台都操作
# yum install -y perl-Module-Install.noarch net-tools perl-Module-Install.noarch

# rpm -ivh mysql-community-common-8.0.33-1.el8.x86_64.rpm
# rpm -ivh mysql-community-client-plugins-8.0.33-1.el8.x86_64.rpm
# rpm -ivh mysql-community-libs-8.0.33-1.el8.x86_64.rpm
# rpm -ivh mysql-community-client-8.0.33-1.el8.x86_64.rpm
# rpm -ivh mysql-community-devel-8.0.33-1.el8.x86_64.rpm
# rpm -ivh mysql-community-server-8.0.33-1.el8.x86_64.rpm  --force --nodeps

2.1 配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
# cat /etc/my.cnf
[mysql]
# CLIENT #
port=3306
socket=/var/lib/mysql/mysql.sock
prompt="\\u@god_DBA_Watching_You! \\d_\\R:\\m:\\s> "
default-character-set=utf8mb4

[mysqld]
# GENERAL #
user=mysql
character-set-server=utf8mb4
# innodb=ON
socket=/var/lib/mysql/mysql.sock
pid-file=/var/run/mysqld/mysql.pid
port=3306

# SAFETY #
max_allowed_packet=32M
max_connect_errors=1000000    
skip_name_resolve
# 解决group by语句的校验问题
sql_mode="STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION"
# 拼接长度
group_concat_max_len=1024000
sysdate_is_now=1
explicit_defaults_for_timestamp=1

# DATA STORAGE #
datadir=/var/lib/mysql/

# LOGGING #
log_error=/home/mysql/errlog_data/mysql-error.log
log_queries_not_using_indexes=0

sync_relay_log=1  
sync_relay_log_info=1 
sync_binlog=1
# binlog的失效日期单位秒,15天
binlog_expire_logs_seconds=1296000
#默认参数为0 不开启并行复制 开启会导致xtrabackup备份 无法使用slave-info参数
replica_parallel_workers=4

# CACHES AND LIMITS #
tmp_table_size=16M
max_heap_table_size=16M
#query_cache_type=0
#query_cache_size=0
max_connections=200
thread_cache_size=20
#open_files_limit=2560
#table_definition_cache=4096
#table_open_cache=10240
performance_schema_max_table_instances=200
table_definition_cache=400
table_open_cache=256
#交互连接活动等待时长和非交互连接等待时长
interactive_timeout=7200
wait_timeout=7200
# O_SYNC/O_DSYNC/O_DIRECT O_DIRECT表示数据文件直接从MySQL INNODB BUFFER写入到磁盘 不过OS BUFFER
innodb_flush_method=O_DIRECT
#redo log文件组中日志文件的数量 默认至少为2
#innodb_log_files_in_group=2
#innodb改变数据的时候 会把改动记录先写入到日志缓冲区 取值范围16MB-64MB
innodb_log_buffer_size=16M
#redo log日志的大小
innodb_redo_log_capacity=512M
innodb_flush_log_at_trx_commit=1
innodb_buffer_pool_size=16M
#innodb同时可以打开的.ibd文件个数
innodb_open_files=65535
# System TableSpace
innodb_data_file_path=ibdata1:1G:autoextend
# Independent TableSpace
innodb_file_per_table=ON
# Innodb内核最大并发线程数 0表示不受限制 建议为逻辑CPU核心数的2倍
innodb_thread_concurrency=0
#快速加载热点数据到内存中
innodb_buffer_pool_load_at_startup=ON
innodb_buffer_pool_dump_at_shutdown=ON
# 解决日志时间和系统时间不一致的问题
log_timestamps=SYSTEM
# log_error_verbosity Value
# Error messages 1
# Error and warning messages 2
# Error, warning, and note messages 3
log_error_verbosity            = 2          
# bind address 解决3306绑定tcp6的问题
bind-address=0.0.0.0
 #大小写敏感设置 0区分 1不区分
lower_case_table_names = 1

2.2 启动

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
mkdir -p /home/mysql/mysql_data 
mkdir -p /home/mysql/errlog_data
mkdir -p /home/mysql/slowlog_data
mkdir -p /home/mysql/binlog_data/mgr-bin
mkdir -p /home/mysql/relaylog_data/mgr-relay

chown -R mysql.mysql /home/mysql

# systemctl start mysqld
# systemctl status mysqld

# tail -f /var/log/mysqld.log

# 找到root初始密码
# grep 'temporary password' /var/log/mysqld.log

2.3 首次设置密码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
--- root用户
# mysql -uroot -p'):voUV2k9-r1'

# 修改root密码
ALTER USER USER() IDENTIFIED BY 'T@Testxxxxx!';
flush privileges;

# 创建账户密码授权:
# root
mysql> create user 'root'@'192.168.64.%' identified by 'T@Testxxxxx!';
mysql> grant all privileges on *.* to 'root'@'192.168.64.%';
mysql> flush privileges;

# root密码永不过期的
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'T@Testxxxxx!' PASSWORD EXPIRE NEVER;
mysql> ALTER USER 'root'@'192.168.64.%' IDENTIFIED BY 'T@Testxxxxx!' PASSWORD EXPIRE NEVER;

# 查看user表
mysql> select user,host from mysql.user;
+------------------+---------------+
| user             | host          |
+------------------+---------------+
| root             | 192.168.64.% |
| mysql.infoschema | localhost     |
| mysql.session    | localhost     |
| mysql.sys        | localhost     |
| root             | localhost     |
+------------------+---------------+

--- 其它用户
# god
mysql> create user 'god'@'192.168.64.%' identified by 'god@xxxx!';
mysql> grant all privileges on hseysh.* to 'god'@'192.168.64.%' with grant option;
mysql> ALTER USER 'god'@'192.168.64.%' IDENTIFIED WITH mysql_native_password BY 'god@xxxx!' ;
mysql> flush privileges;

# 修改授权
mysql> show grants for 'god'@'192.168.64.%'\G    # 查看权限
mysql> REVOKE ALL PRIVILEGES ON *.* FROM god@'192.168.64.%';  # 收回权限
mysql> revoke all on *.* from god@'192.168.64.%';
mysql> drop user 'god'@'192.168.64.8';  # 删除用户

# 创建库
mysql -ugod -pgod@2023!
mysql> create database god default character set utf8mb4 collate utf8mb4_general_ci;
mysql> create database god_test default character set utf8mb4 collate utf8mb4_0900_ai_ci;

# god密码永不过期的
mysql> ALTER USER 'god'@'localhost' IDENTIFIED BY 'god@xxxx!' PASSWORD EXPIRE NEVER;
mysql> ALTER USER 'god'@'192.168.64.%' IDENTIFIED BY 'god@xxxx!' PASSWORD EXPIRE NEVER;
# 密码有限期的
mysql> ALTER USER 'god'@'localhost' IDENTIFIED BY '新密码' PASSWORD EXPIRE;

select user,host from mysql.user;
+------------------+---------------+
| user             | host          |
+------------------+---------------+
| god              | 192.168.64.% |
| root             | 192.168.64.% |
| mysql.infoschema | localhost     |
| mysql.session    | localhost     |
| mysql.sys        | localhost     |
| root             | localhost     |
+------------------+---------------+

# 授权远程客户端:
# god
mysql> grant all privileges on *.* to 'root'@'192.168.1.11';
mysql> flush privileges;

mysql> create user 'god'@'192.168.1.%' identified by 'god@xxxx!';
mysql> grant all privileges on god_test.* to 'god'@'192.168.1.%' with grant option;
mysql> grant all privileges on god.* to 'god'@'192.168.1.%' with grant option;
mysql> flush privileges;

3 安装MGR插件

1
2
3
4
5
6
- 登录mysql
# mysql -uroot -p 
- 安装插件
mysql> install PLUGIN group_replication SONAME 'group_replication.so';
- 查看group replication插件
mysql> show plugins;

4 配置复制环境

4.1 配置server-1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
# cat /etc/my.cnf  # 加入以下配置
# Group Replication
server-id=30
slow_query_log=1
long_query_time=1
log_queries_not_using_indexes=1
#slow_query_log_file=/var/log/mysql/slow-query.log
slow_query_log_file=/home/mysql/slowlog_data/slow-query.log
# 如果SQL语句没有使用索引 该SQL会记录到慢查询日志
log_queries_not_using_indexes=on
#log-bin=/var/log/mysql/mgr-bin
log-bin=/home/mysql/binlog_data/mgr-bin
#relay-log=/var/log/mysql/mgr-relay
relay-log=/home/mysql/relaylog_data/mgr-relay
character_set_server=utf8mb4  
# MGR使用乐观锁,所以官网建议隔离级别是RC,减少锁粒度
transaction_isolation=READ-COMMITTED
gtid_mode=on
enforce_gtid_consistency=1    
# 强制GTID一致性
binlog_format=row    
# 因为集群会在故障恢复时互相检查binlog的数据,所以需要记录下集群内其他服务器发过来已经执行过的binlog,按GTID来区分是否执行过.
log-slave-updates=1   
# binlog校验规则,5.6之后的高版本是CRC32,低版本都是NONE,但是MGR要求使用NONE
binlog_checksum=NONE    
# 基于安全的考虑,MGR集群要求复制模式要改成slave记录记录到表中,不然就报错
master_info_repository=TABLE
relay_log_info_repository=TABLE
# 记录事务的算法,官网建议设置该参数使用 XXHASH64 算法
transaction_write_set_extraction = XXHASH64
# 加载group_replication插件
plugin_load_add='group_replication.so'
# 相当于此GROUP的名字,是UUID值,可以使用select uuid()生成
group_replication_group_name = 'c44b3d6a-14a4-11ee-b2b8-fa163ea16a76'
# 是否随服务器启动而自动启动组复制,不建议直接启动,怕故障恢复时有扰乱数据准确性的特殊情况
group_replication_start_on_boot = OFF
# 本地MGR的IP地址和端口,host:port,是MGR的端口,不是数据库的端口
group_replication_local_address = 'server-1:33061'
# 需要接受本MGR实例控制的服务器IP地址和端口,是MGR的端口,不是数据库的端口
group_replication_group_seeds = 'server-1:33061,server-2:33061,server-3:33061'
# 开启引导模式,添加组成员,用于第一次搭建MGR或重建MGR的时候使用,只需要在集群内的其中一台开启
group_replication_bootstrap_group = OFF
group_replication_ip_allowlist="192.168.64.0/24"

- 重启mysql
# systemctl restart mysqld

- 建立复制账号并启动group replication
# 登录mysql
mysql -uroot -p'T@Testxxxxx!'

# reset master;
# 关闭日志记录
set SQL_LOG_BIN=0;
# 创建用户(网段192.168.64的可以访问)
CREATE USER 'mgr_repl'@'192.168.64.%' IDENTIFIED WITH sha256_password BY 'Mgr_repl@123456';
# 授权
GRANT REPLICATION SLAVE ON *.* TO 'mgr_repl'@'192.168.64.%';
GRANT BACKUP_ADMIN ON *.* TO 'mgr_repl'@'192.168.64.%';
# 刷新权限
flush privileges;
# 开启日志
set SQL_LOG_BIN=1;
# 构建group replication集群
change master to master_user='mgr_repl',master_password='Mgr_repl@123456' for channel 'group_replication_recovery';
# 设置group_replication_bootstrap_group为ON是为了标示以后加入集群的服务器以这台服务器为基准,以后加入的就不需要设置
set global group_replication_bootstrap_group=ON;
# 作为首个节点启动MGR集群
start group_replication;
# 关闭group_replication_bootstrap_group
set global group_replication_bootstrap_group=OFF;
# 查看mgr的状态,查询表performance_schema.replication_group_members
select * from performance_schema.replication_group_members;


# group相关参数查看
show variables like 'group%';

8.4.2 配置server-2

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# 复制server-1的配置文件/etc/my.cnf,修改server_id,group_replication_local_address
# cat /etc/my.cnf  # 加入以下配置
# Group Replication
server-id=31
slow_query_log=1
long_query_time=1
log_queries_not_using_indexes=1
#slow_query_log_file=/var/log/mysql/slow-query.log
slow_query_log_file=/home/mysql/slowlog_data/slow-query.log
# 如果SQL语句没有使用索引 该SQL会记录到慢查询日志
log_queries_not_using_indexes=on
#log-bin=/var/log/mysql/mgr-bin
log-bin=/home/mysql/binlog_data/mgr-bin
#relay-log=/var/log/mysql/mgr-relay
relay-log=/home/mysql/relaylog_data/mgr-relay
character_set_server=utf8mb4  
# MGR使用乐观锁,所以官网建议隔离级别是RC,减少锁粒度
transaction_isolation=READ-COMMITTED
gtid_mode=on
enforce_gtid_consistency=1    
# 强制GTID一致性
binlog_format=row    
# 因为集群会在故障恢复时互相检查binlog的数据,所以需要记录下集群内其他服务器发过来已经执行过的binlog,按GTID来区分是否执行过.
log-slave-updates=1   
# binlog校验规则,5.6之后的高版本是CRC32,低版本都是NONE,但是MGR要求使用NONE
binlog_checksum=NONE    
# 基于安全的考虑,MGR集群要求复制模式要改成slave记录记录到表中,不然就报错
master_info_repository=TABLE
relay_log_info_repository=TABLE
# 记录事务的算法,官网建议设置该参数使用 XXHASH64 算法
transaction_write_set_extraction = XXHASH64
# 加载group_replication插件
plugin_load_add='group_replication.so'
# 相当于此GROUP的名字,是UUID值,可以使用select uuid();生成
group_replication_group_name = 'a172aae2-14a8-11ee-8c87-fa163e417d57'
# 是否随服务器启动而自动启动组复制,不建议直接启动,怕故障恢复时有扰乱数据准确性的特殊情况
group_replication_start_on_boot = OFF
# 本地MGR的IP地址和端口,host:port,是MGR的端口,不是数据库的端口
group_replication_local_address = 'server-2:33061'
# 需要接受本MGR实例控制的服务器IP地址和端口,是MGR的端口,不是数据库的端口
group_replication_group_seeds = 'server-1:33061,server-2:33061,server-3:33061'
# 开启引导模式,添加组成员,用于第一次搭建MGR或重建MGR的时候使用,只需要在集群内的其中一台开启
group_replication_bootstrap_group = OFF
group_replication_ip_allowlist="192.168.64.0/24"

- 重启mysql
# systemctl restart mysqld
set global super_read_only=OFF;
# 登录mysql
mysql -uroot -p
# 关闭日志记录
set SQL_LOG_BIN=0;
# 创建用户(网段192.168.64的可以访问)
CREATE USER 'mgr_repl'@'192.168.64.%' IDENTIFIED WITH sha256_password BY 'Mgr_repl@123456';
# alter USER 'mgr_repl'@'192.168.64.%' IDENTIFIED WITH sha256_password BY 'Mgr_repl@123456';  修改认证方式
# 授权
GRANT REPLICATION SLAVE ON *.* TO 'mgr_repl'@'192.168.64.%';
GRANT BACKUP_ADMIN ON *.* TO 'mgr_repl'@'192.168.64.%';
# 刷新权限
flush privileges;
# 开启日志
set SQL_LOG_BIN=1;
# 构建group replication集群
CHANGE REPLICATION SOURCE TO SOURCE_USER='mgr_repl', SOURCE_PASSWORD='Mgr_repl@123456' FOR CHANNEL 'group_replication_recovery';
# 加入MGR集群
start group_replication;
# 查看mgr的状态,查询表performance_schema.replication_group_members,发现已加入MGR群
select * from performance_schema.replication_group_members;

4.3 配置server-3

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# 复制server-1的配置文件/etc/my.cnf,修改server_id,group_replication_local_address
# cat /etc/my.cnf  # 加入以下配置
# Group Replication
server-id=32
slow_query_log=1
long_query_time=1
log_queries_not_using_indexes=1
#slow_query_log_file=/var/log/mysql/slow-query.log
slow_query_log_file=/home/mysql/slowlog_data/slow-query.log
# 如果SQL语句没有使用索引 该SQL会记录到慢查询日志
log_queries_not_using_indexes=on
#log-bin=/var/log/mysql/mgr-bin
log-bin=/home/mysql/binlog_data/mgr-bin
#relay-log=/var/log/mysql/mgr-relay
relay-log=/home/mysql/relaylog_data/mgr-relay
character_set_server=utf8mb4  
# MGR使用乐观锁,所以官网建议隔离级别是RC,减少锁粒度
transaction_isolation=READ-COMMITTED
gtid_mode=on
enforce_gtid_consistency=1    
# 强制GTID一致性
binlog_format=row    
# 因为集群会在故障恢复时互相检查binlog的数据,所以需要记录下集群内其他服务器发过来已经执行过的binlog,按GTID来区分是否执行过.
log-slave-updates=1   
# binlog校验规则,5.6之后的高版本是CRC32,低版本都是NONE,但是MGR要求使用NONE
binlog_checksum=NONE    
# 基于安全的考虑,MGR集群要求复制模式要改成slave记录记录到表中,不然就报错
master_info_repository=TABLE
relay_log_info_repository=TABLE
# 记录事务的算法,官网建议设置该参数使用 XXHASH64 算法
transaction_write_set_extraction = XXHASH64
# 加载group_replication插件
plugin_load_add='group_replication.so'
# 相当于此GROUP的名字,是UUID值,可以使用select uuid();生成
group_replication_group_name = 'c44b3d6a-14a4-11ee-b2b8-fa163ea16a76'
# 是否随服务器启动而自动启动组复制,不建议直接启动,怕故障恢复时有扰乱数据准确性的特殊情况
group_replication_start_on_boot = OFF
# 本地MGR的IP地址和端口,host:port,是MGR的端口,不是数据库的端口
group_replication_local_address = 'server-3:33061'
# 需要接受本MGR实例控制的服务器IP地址和端口,是MGR的端口,不是数据库的端口
group_replication_group_seeds = 'server-1:33061,server-2:33061,server-3:33061'
# 开启引导模式,添加组成员,用于第一次搭建MGR或重建MGR的时候使用,只需要在集群内的其中一台开启
group_replication_bootstrap_group = OFF
group_replication_ip_allowlist="192.168.64.0/24"

- 重启mysql
# systemctl restart mysqld

# 登录mysql
mysql -uroot -p
# 关闭日志记录
set SQL_LOG_BIN=0;
# 创建用户(网段192.168.64的可以访问)
CREATE USER 'mgr_repl'@'192.168.64.%' IDENTIFIED WITH sha256_password BY 'Mgr_repl@123456';
# 授权
GRANT REPLICATION SLAVE ON *.* TO 'mgr_repl'@'192.168.64.%';
GRANT BACKUP_ADMIN ON *.* TO 'mgr_repl'@'192.168.64.%';
# 刷新权限
flush privileges;
# 开启日志
set SQL_LOG_BIN=1;
# 构建group replication集群
change master to master_user='mgr_repl',master_password='Mgr_repl@123456' for channel 'group_replication_recovery';
# 加入MGR集群
start group_replication;
# 查看mgr的状态,查询表performance_schema.replication_group_members,发现已加入MGR群
mysql> select * from performance_schema.replication_group_members;
| group_replication_applier | 9bb8e998-14b7-11ee-xxxx | V002012011-mysql-01-32 |       3306 | ONLINE       | SECONDARY   | 
| group_replication_applier | d0751a15-14a7-11ee-xxxx | V002012011-mysql-01-31 |       3306 | ONLINE       | SECONDARY   | 
| group_replication_applier | f34eaaff-14a2-11ee-xxxx | V002012011-mysql-01-30 |       3306 | ONLINE       | PRIMARY     |