|
主库:
1.生成证书(根据实际的mysql安装路径)
/data/db/mysql-5.7.26/bin/mysql_ssl_rsa_setup -d /data/conf/mysqldb/
2.修改权限
cd /data/conf/mysqldb && chown mysql.mysql ./*
3.修改配置文件/data/conf/mysqldb/my.cnf ,添加证书
ssl-ca=/data/conf/mysqldb/ca.pem
ssl-cert=/data/conf/mysqldb/server-cert.pem
ssl-key=/data/conf/mysqldb/server-key.pem
重启数据库,连接
添加主从同步用户
grant replication slave on . to ‘repl’@‘从库’ identified by ‘密码’ require ssl;
修改my.cnf
添加以下参数或者去掉注释
rpl_semi_sync_master_enabled=1
rpl_semi_sync_master_timeout=1000
rpl_semi_sync_slave_enabled=1
安装以下插件后重启数据库:
install plugin rpl_semi_sync_master soname ‘semisync_master.so’;
install plugin rpl_semi_sync_slave soname ‘semisync_slave.so’;
拷贝证书文件到从库
cd /data/conf/mysqldb/
scp ca.pem 从库:/data/conf/mysqldb
scp client-* 从库:/data/conf/mysqldb
从库
修改 my.cnf
添加以下参数或者去掉注释
rpl_semi_sync_master_enabled=1
rpl_semi_sync_master_timeout=1000
rpl_semi_sync_slave_enabled=1
ssl-ca=/data/conf/mysqldb/ca.pem
ssl-cert=/data/conf/mysqldb/client-cert.pem
ssl-key=/data/conf/mysqldb/client-key.pem
安装以下插件后重启数据库:
install plugin rpl_semi_sync_master soname ‘semisync_master.so’;
install plugin rpl_semi_sync_slave soname ‘semisync_slave.so’;
配置同步
change master to master_host=‘主库’,master_port=3306,master_user=‘repl’,master_password=‘密码’,master_auto_position=1,master_ssl=1,master_ssl_ca=’/data/conf/mysqldb/ca.pem’,master_ssl_cert=’/data/conf/mysqldb/client-cert.pem’,master_ssl_key=’/data/conf/mysqldb/client-key.pem’;
开启同步
start slave;
查看状态
show slave status\G
|