docker-compose搭建percona-xtradb-cluster8.0
狄宪
交流QQ号:555913397
有什么问题可以加群大家一起交流
搭建percona-xtradb-cluster8.0
百度mysql-pxc集群,都是5.7版本,对于8.0版本一个都没搜到,照着5.7的教程搭建,完全搭建不了,于是跑到官网学习如何搭建,现将搭建成功案例分享给大家,不敢藏私.
1.创建ca证书
# 使用openssl创建CA证书
openssl genrsa 2048 > ca-key.pem
openssl req -new -x509 -nodes -days 3600 \
-key ca-key.pem -out ca.pem
#这里让填写一些基本资料
# Country Name (2 letter code) [AU]:CN
# State or Province Name (full name) [Some-State]:.
# Locality Name (eg, city) []:
# Organization Name (eg, company) [Internet Widgits Pty Ltd]:MySQL AB
# Organizational Unit Name (eg, section) []:
# Common Name (eg, YOUR name) []:MySQL admin
# Email Address []:
#创建服务器证书
# server-cert.pem = 公钥, server-key.pem = 私钥
openssl req -newkey rsa:2048 -days 3600 \
-nodes -keyout server-key.pem -out server-req.pem
#这里让填写一些基本资料
# Country Name (2 letter code) [AU]:CN
# State or Province Name (full name) [Some-State]:.
# Locality Name (eg, city) []:
# Organization Name (eg, company) [Internet Widgits Pty Ltd]:MySQL AB
# Organizational Unit Name (eg, section) []:
# Common Name (eg, YOUR name) []:MySQL server
# Email Address []:
#
# Please enter the following 'extra' attributes
# to be sent with your certificate request
# A challenge password []:
# An optional company name []:
openssl rsa -in server-key.pem -out server-key.pem
openssl x509 -req -in server-req.pem -days 3600 \
-CA ca.pem -CAkey ca-key.pem -set_serial 01 -out server-cert.pem
# 创建客户端证书
# client-cert.pem = 公钥, client-key.pem = 私钥
openssl req -newkey rsa:2048 -days 3600 \
-nodes -keyout client-key.pem -out client-req.pem
#这里让填写一些基本资料
# Country Name (2 letter code) [AU]:CN
# State or Province Name (full name) [Some-State]:.
# Locality Name (eg, city) []:
# Organization Name (eg, company) [Internet Widgits Pty Ltd]:MySQL AB
# Organizational Unit Name (eg, section) []:
# Common Name (eg, YOUR name) []:MySQL server
# Email Address []:
#
# Please enter the following 'extra' attributes
# to be sent with your certificate request
# A challenge password []:
# An optional company name []:
openssl rsa -in client-key.pem -out client-key.pem
openssl x509 -req -in client-req.pem -days 3600 \
-CA ca.pem -CAkey ca-key.pem -set_serial 01 -out client-cert.pem
2.创建完证书后可使用一下命令验证
openssl verify -CAfile ca.pem server-cert.pem client-cert.pem
#如果显示以下内容表示一切么问题
server-cert.pem: OK
client-cert.pem: OK
3.创建cert.cnf文件
ssl-ca = /cert/ca.pem
ssl-cert = /cert/server-cert.pem
ssl-key = /cert/server-key.pem
[client]
ssl-ca = /cert/ca.pem
ssl-cert = /cert/client-cert.pem
ssl-key = /cert/client-key.pem
[sst]
encrypt = 4
ssl-ca = /cert/ca.pem
ssl-cert = /cert/server-cert.pem
ssl-key = /cert/server-key.pem
4.一切准备就绪,下面开始写docker-compose文件
/home/StaticFile/mysql/cert 存放生成的证书文件
/home/StaticFile/mysql/config 存放创建的cert.cnf文件
/home/StaticFile/mysql/data mysql的数据文件,此文件需要chmod 777权限否则无法运行容器
master节点
#这是master节点
version: '3.6'
services:
mysql-pxc1:
restart: always
image: percona/percona-xtradb-cluster:8.0
network_mode: host
container_name: mysql-pxc1
environment: # 环境变量
- TZ=Asia/Shanghai
- MYSQL_ROOT_PASSWORD=123456
- CLUSTER_NAME=pxc
ports:
- "3306:3306"
- "4444:4444"
- "4567:4567"
- "4568:4568"
volumes:
- /home/StaticFile/mysql/data:/var/lib/mysql/
- /home/StaticFile/mysql/cert:/cert/
- /home/StaticFile/mysql/config:/etc/percona-xtradb-cluster.conf.d
tty: true
privileged: true # 拥有容器内命令执行的权限
slave1节点
version: '3.6'
services:
mysql-pxc2:
restart: always
image: percona/percona-xtradb-cluster:8.0
network_mode: host
container_name: mysql-pxc2
environment: # 环境变量
- TZ=Asia/Shanghai
- MYSQL_ROOT_PASSWORD=123456
- CLUSTER_NAME=pxc
- CLUSTER_JOIN=mysql-pxc1
ports:
- "3306:3306"
- "4444:4444"
- "4567:4567"
- "4568:4568"
volumes:
- /home/StaticFile/mysql/data:/var/lib/mysql
- /home/StaticFile/mysql/cert:/cert
- /home/StaticFile/mysql/config:/etc/percona-xtradb-cluster.conf.d
tty: true
privileged: true # 拥有容器内命令执行的权限
slave2节点
version: '3.6'
services:
mysql-pxc3:
restart: always
image: percona/percona-xtradb-cluster:8.0
network_mode: host
container_name: mysql-pxc3
environment: # 环境变量
- TZ=Asia/Shanghai
- MYSQL_ROOT_PASSWORD=123456
- CLUSTER_NAME=pxc
- CLUSTER_JOIN=mysql-pxc1
ports:
- "3306:3306"
- "4444:4444"
- "4567:4567"
- "4568:4568"
volumes:
- /home/StaticFile/mysql/data:/var/lib/mysql
- /home/StaticFile/mysql/cert:/cert
- /home/StaticFile/mysql/config:/etc/percona-xtradb-cluster.conf.d
tty: true
privileged: true # 拥有容器内命令执行的权限
类似资料: