MariaDB Galera Cluster is a synchronous multi-master cluster for MariaDB. It is a fork of Galera Cluster, the world's most advanced, free and open source cluster engine. Currently, it only supports InnoDB storage engines.
MariaDB Galera Cluster is a true Multi-Master and Active-Active cluster. Due to it's synchronous behaviour, there will be no data lost in case of a node crash because all nodes always hold the same state.
MariaDB Galera Cluster also provides Automatic node provisioning. It means we do not have to manually backup the database and restore it on new node before adding it to Galera cluster. This features gives the additional benefit of Cloud support due to simple scale-in and scale-out operations.
In this article, we will create a two-node MariaDB Galera Cluster of MariaDB 10.3 Database on CentOS 7. However, the same steps can be used to configure a MariaDB Galera Cluster of larger size.
This article focuses on the installation of MariaDB Galera Cluster on CentOS 7 without diving into theory and definitions pertains to MariaDB. Therefore, it is recommended that you should read Getting Started with MariaDB - Second Edition by Packt Publishing to have basic understanding of MariaDB database.
Table of Contents:
- System Specification
- Installing MariaDB 10.3 Database Server on CentOS 7
- Configuring MariaDB Galera Cluster on CentOS 7
- Create SELinux Policy for MariaDB Galera cluster
System Specification:
For this article, we are using two CentOS 7 virtual machines as the Galera Cluster nodes.
| Hostname: | mariadb-01.example.com | mariadb-02.example.com |
| IP Address: | 192.168.116.81 /24 | 192.168.116.82/24 |
| CPU: | 2.4 Ghz (2 cores) | 2.4 Ghz (2 cores) |
| Memory: | 2 GB | 2 GB |
| Operating System: | CentOS 7.6 | CentOS 7.6 |
| MariaDB Version: | 10.3.12 | 10.3.12 |
Installing MariaDB 10.3 Database Server on CentOS 7:
Connect to mariadb-01.example.com using ssh as root user.
Install MariaDB and MaxScale yum repositories.
# curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | bash
[info] Repository file successfully written to /etc/yum.repos.d/mariadb.repo.
[info] Adding trusted package signing keys...
[info] Succeessfully added trusted package signing keys.
Build yum cache for all repositories.
# yum makecache fast
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: repo.inara.pk
* extras: repo.inara.pk
* updates: repo.inara.pk
base | 3.6 kB 00:00
extras | 3.4 kB 00:00
mariadb-main | 2.9 kB 00:00
mariadb-maxscale | 2.4 kB 00:00
mariadb-tools | 2.9 kB 00:00
updates | 3.4 kB 00:00
(1/5): mariadb-maxscale/7/x86_64/primary_db | 6.7 kB 00:02
(2/5): mariadb-tools/7/x86_64/primary_db | 11 kB 00:02
(3/5): mariadb-main/7/x86_64/primary_db | 50 kB 00:03
(4/5): extras/7/x86_64/primary_db | 156 kB 00:04
(5/5): updates/7/x86_64/primary_db | 1.4 MB 00:09
Metadata Cache Created
Install MariaDB 10.3 Server and Galera using yum command.
# yum install -y mariadb-server galera
Repeat above steps on all other nodes.
Configuring MariaDB Galera Cluster on CentOS 7:
Allow MariaDB and Galera service ports in Linux firewall.
# firewall-cmd --permanent --add-service=mysql success # firewall-cmd --permanent --add-port={4567,4568,4444}/tcp success # firewall-cmd --reload success
Set SELinux to permissive mode for now, and we will enable the enforcing mode later, after creating an SELinux policy for MariaDB Galera cluster.
# setenforce 0
Now edit MariaDB configuration file.
# vi /etc/my.cnf.d/server.cnf
and configure galera section as follows:
[galera]
# Mandatory settings
wsrep_on=ON
wsrep_provider=/usr/lib64/galera/libgalera_smm.so
wsrep_cluster_address=gcomm://192.168.116.81,192.168.116.82
binlog_format=row
default_storage_engine=InnoDB
innodb_autoinc_lock_mode=2
Perform above steps on each node.
Start Galera cluster on mariadb-01.example.com.
# galera_new_cluster
Start MariaDB service on all other nodes.
# systemctl start mariadb.service
If the service started successfully then, it shows that we have successfully configured our Galera cluster.
Configure MariaDB database instance on each node.
# mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation. Set root password? [Y/n] Y New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] Y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] Y ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] Y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] Y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
Connect with MariaDB instance on any node and check wsrep_cluster_size.
# mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 10 Server version: 10.3.12-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> show global status like 'wsrep_cluster_size'; +--------------------+-------+ | Variable_name | Value | +--------------------+-------+ | wsrep_cluster_size | 2 | +--------------------+-------+ 1 row in set (0.083 sec)
wsrep_cluster_size confirms that all of our nodes are now connected in Galera cluster.
Create SELinux Policy for MariaDB Galera cluster:
Since, we have configured SELinux in permissive mode. Therefore, all the violations by MariaDB and Galera has been recorded in /var/log/audit/audit.log. We can use it to create a concrete SELinux policy.
Use fgrep and audit2allow commands to extract policy violations log into a text file.
# fgrep "mysqld" /var/log/audit/audit.log | audit2allow -m MySQL_galera -o MySQL_galera.te
Compile these logs to a SELinux policy module.
# checkmodule -M -m MySQL_galera.te -o MySQL_galera.mod
checkmodule: loading policy configuration from galera.te
checkmodule: policy configuration loaded
checkmodule: writing binary representation (version 19) to MySQL_galera.mod
Create a package of compiled policy module.
# semodule_package -m MySQL_galera.mod -o MySQL_galera.pp
Import this policy into SELinux.
# semodule -i MySQL_galera.pp
Set SELinux to run in enforcing mode.
# setenforce 1
Test SELinux is working fine by restart MariaDB service on each node.
Finally, enable the MariaDB service on all nodes.
# systemctl enable mariadb.service
We have successfully configured a MariaDB Galera Cluster on CentOS 7. Although we have configured a two node cluster, but the same steps are good enough for configuring a MariaDB Galera cluster of larger size.
After configuring a MariaDB Galera Cluster, you should be looking next for a database proxy to perform load balancing and routing for our cluster. Therefore, it is highly recommended that you should read our next post Install MariaDB MaxScale Database Proxy on CentOS 7.
