Galera cluster SSL error with mariabackup
1,875 views
Skip to first unread message
netmaster
Apr 17, 2018, 4:26:43 PM4/17/18
to codership
I am able to successfully use galera with mariabackup with no encryption of SST logs (default encrypt=0).
however, the galera SST log file is unencrypted when using mariabackup with galera.
============
when using with encrypt=2, a different error results-
2018-04-17 18:53:43 139677235410688 [Note] WSREP: Running: 'wsrep_sst_mariabackup --role 'joiner' --address '10.180.48.128' --datadir '/var/lib/mysql/' --parent '1' --binlog '/var/log/mysql/mariadb-bin' '
WSREP_SST: [INFO] Logging all stderr of SST/Innobackupex to syslog (20180417 18:53:43.358)
2018-04-17 18:53:43 139677235410688 [ERROR] WSREP: Failed to read 'ready <addr>' from: wsrep_sst_mariabackup --role 'joiner' --address '10.180.48.128' --datadir '/var/lib/mysql/' --parent '1' --binlog '/var/log/mysql/mariadb-bin'
Read: '(null)'
2018-04-17 18:53:43 139677235410688 [ERROR] WSREP: Process completed with error: wsrep_sst_mariabackup --role 'joiner' --address '10.180.48.128' --datadir '/var/lib/mysql/' --parent '1' --binlog '/var/log/mysql/mariadb-bin' : 22 (Invalid argument)
2018-04-17 18:53:43 139677441746688 [ERROR] WSREP: Failed to prepare for 'mariabackup' SST. Unrecoverable.
2018-04-17 18:53:43 139677441746688 [ERROR] Aborting
======
NOTE: feedback from Maria board is that it is likely a galera error (https://jira.mariadb.org/browse/MDEV-15910?focusedCommentId=109831&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-109831)
however, the galera SST log file is unencrypted when using mariabackup with galera.
============
when using with encrypt=2, a different error results-
2018-04-17 18:53:43 139677235410688 [Note] WSREP: Running: 'wsrep_sst_mariabackup --role 'joiner' --address '10.180.48.128' --datadir '/var/lib/mysql/' --parent '1' --binlog '/var/log/mysql/mariadb-bin' '
WSREP_SST: [INFO] Logging all stderr of SST/Innobackupex to syslog (20180417 18:53:43.358)
2018-04-17 18:53:43 139677235410688 [ERROR] WSREP: Failed to read 'ready <addr>' from: wsrep_sst_mariabackup --role 'joiner' --address '10.180.48.128' --datadir '/var/lib/mysql/' --parent '1' --binlog '/var/log/mysql/mariadb-bin'
Read: '(null)'
2018-04-17 18:53:43 139677235410688 [ERROR] WSREP: Process completed with error: wsrep_sst_mariabackup --role 'joiner' --address '10.180.48.128' --datadir '/var/lib/mysql/' --parent '1' --binlog '/var/log/mysql/mariadb-bin' : 22 (Invalid argument)
2018-04-17 18:53:43 139677441746688 [ERROR] WSREP: Failed to prepare for 'mariabackup' SST. Unrecoverable.
2018-04-17 18:53:43 139677441746688 [ERROR] Aborting
======
NOTE: feedback from Maria board is that it is likely a galera error (https://jira.mariadb.org/browse/MDEV-15910?focusedCommentId=109831&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-109831)
alexey.y...@galeracluster.com
Apr 18, 2018, 1:15:08 AM4/18/18
to netmaster, codership
The log you posted is a generic error condition that mysqld process got
from wsrep_sst_mariabackup script. If mariabackup is anything like
xtrabackup, it writes its own detailed logs - and those contain the real
information why running mariabackup failed. Have a look at those. My
guess is that to use encryption it may require additional configuration.
from wsrep_sst_mariabackup script. If mariabackup is anything like
xtrabackup, it writes its own detailed logs - and those contain the real
information why running mariabackup failed. Have a look at those. My
guess is that to use encryption it may require additional configuration.
netmaster
Apr 18, 2018, 12:47:06 PM4/18/18
to codership
Here is my setting in my.cnf
[sst]
streamfmt=xbstream
encrypt = 3
tca = /var/lib/mysql/ca-cert.pem
tkey = /var/lib/mysql/server1-key.pem
tcert = /var/lib/mysql/server1-cert.pem
This works correctly when using xtrabackup-v2
But when using mariabackup, I get the stack trace below on the joiner node:
2018-04-18 16:09:40 140673811871488 [Note] WSREP: Service thread queue flushed.
2018-04-18 16:09:40 140673803175680 [Warning] WSREP: Failed to prepare for incremental state transfer: Local state UUID (00000000-0000-0000-0000-000000000000) does not match group state UUID (c088b3c0-4322-11e8-8adf-6e9903c6f8b1): 1 (Operation not permitted)
at galera/src/replicator_str.cpp:prepare_for_IST():482. IST will be unavailable.
2018-04-18 16:09:40 140673560635136 [Note] WSREP: Member 2.0 (b36490ef44c1) requested state transfer from 'any'. Selected 0.0 (54d23c7d7634)(SYNCED) as donor.
2018-04-18 16:09:40 140673560635136 [Note] WSREP: Shifting PRIMARY -> JOINER (TO: 0)
2018-04-18 16:09:40 140673803175680 [Note] WSREP: Requesting state transfer: success, donor: 0
2018-04-18 16:09:40 140673803175680 [Note] WSREP: GCache history reset: 00000000-0000-0000-0000-000000000000:0 -> c088b3c0-4322-11e8-8adf-6e9903c6f8b1:0
2018-04-18 16:09:41 140673552242432 [ERROR] WSREP: Process completed with error: wsrep_sst_mariabackup --role 'joiner' --address '10.180.48.128' --datadir '/var/lib/mysql/' --parent '1' --binlog '/var/log/mysql/mariadb-bin' : 32 (Broken pipe)
2018-04-18 16:09:41 140673552242432 [ERROR] WSREP: Failed to read uuid:seqno and wsrep_gtid_domain_id from joiner script.
2018-04-18 16:09:41 140673960392896 [ERROR] WSREP: SST failed: 32 (Broken pipe)
2018-04-18 16:09:41 140673960392896 [ERROR] Aborting 2018-04-18 16:09:41 140673560635136 [Warning] WSREP: 0.0 (54d23c7d7634): State transfer to 2.0 (b36490ef44c1) failed: -32 (Broken pipe)
2018-04-18 16:09:41 140673560635136 [ERROR] WSREP: gcs/src/gcs_group.cpp:gcs_group_handle_join_msg():737: Will never receive state. Need to abort.
180418 16:09:41 [ERROR] mysqld got signal 11 ;
[sst]
streamfmt=xbstream
encrypt = 3
tca = /var/lib/mysql/ca-cert.pem
tkey = /var/lib/mysql/server1-key.pem
tcert = /var/lib/mysql/server1-cert.pem
This works correctly when using xtrabackup-v2
But when using mariabackup, I get the stack trace below on the joiner node:
2018-04-18 16:09:40 140673811871488 [Note] WSREP: Service thread queue flushed.
2018-04-18 16:09:40 140673803175680 [Warning] WSREP: Failed to prepare for incremental state transfer: Local state UUID (00000000-0000-0000-0000-000000000000) does not match group state UUID (c088b3c0-4322-11e8-8adf-6e9903c6f8b1): 1 (Operation not permitted)
at galera/src/replicator_str.cpp:prepare_for_IST():482. IST will be unavailable.
2018-04-18 16:09:40 140673560635136 [Note] WSREP: Member 2.0 (b36490ef44c1) requested state transfer from 'any'. Selected 0.0 (54d23c7d7634)(SYNCED) as donor.
2018-04-18 16:09:40 140673560635136 [Note] WSREP: Shifting PRIMARY -> JOINER (TO: 0)
2018-04-18 16:09:40 140673803175680 [Note] WSREP: Requesting state transfer: success, donor: 0
2018-04-18 16:09:40 140673803175680 [Note] WSREP: GCache history reset: 00000000-0000-0000-0000-000000000000:0 -> c088b3c0-4322-11e8-8adf-6e9903c6f8b1:0
2018-04-18 16:09:41 140673552242432 [ERROR] WSREP: Process completed with error: wsrep_sst_mariabackup --role 'joiner' --address '10.180.48.128' --datadir '/var/lib/mysql/' --parent '1' --binlog '/var/log/mysql/mariadb-bin' : 32 (Broken pipe)
2018-04-18 16:09:41 140673552242432 [ERROR] WSREP: Failed to read uuid:seqno and wsrep_gtid_domain_id from joiner script.
2018-04-18 16:09:41 140673960392896 [ERROR] WSREP: SST failed: 32 (Broken pipe)
2018-04-18 16:09:41 140673960392896 [ERROR] Aborting 2018-04-18 16:09:41 140673560635136 [Warning] WSREP: 0.0 (54d23c7d7634): State transfer to 2.0 (b36490ef44c1) failed: -32 (Broken pipe)
2018-04-18 16:09:41 140673560635136 [ERROR] WSREP: gcs/src/gcs_group.cpp:gcs_group_handle_join_msg():737: Will never receive state. Need to abort.
180418 16:09:41 [ERROR] mysqld got signal 11 ;
fra...@besistemas.com.br
Feb 12, 2019, 2:29:18 AM2/12/19
to codership
Hello you should change the encrpyt to 4.
[sst]
encrypt=4
LinuxBabe
Mar 19, 2019, 12:58:36 AM3/19/19
to codership
Yes, you need to set encrypt = 4.
1, 2, 3 don't work any more.
Reply all
Reply to author
Forward
0 new messages