最近在学习MySQL MGR,折腾了一套环境,在切换的时候发现了一个问题,
(root@localhost) [performance_schema]> SELECT * FROM performance_schema.replication_group_members;
+---------------------------+--------------------------------------+-------------+-------------+--------------+-------------+----------------+
| CHANNEL_NAME | MEMBER_ID | MEMBER_HOST | MEMBER_PORT | MEMBER_STATE | MEMBER_ROLE | MEMBER_VERSION |
+---------------------------+--------------------------------------+-------------+-------------+--------------+-------------+----------------+
| group_replication_applier | 815e5732-f199-11ea-93c4-000c29244a19 | s2 | 3306 | RECOVERING | SECONDARY | 8.0.20 |
| group_replication_applier | 9fad5b49-f199-11ea-b424-000c2929ae10 | s3 | 3306 | RECOVERING | SECONDARY | 8.0.20 |
| group_replication_applier | d8582b22-f1ba-11ea-8618-000c2971a5e8 | s1 | 3306 | ONLINE | PRIMARY | 8.0.20 |
+---------------------------+--------------------------------------+-------------+-------------+--------------+-------------+----------------+
发现主机s2 s3的两个状态都是RECOVERING。
查看日志发现如下所示:
2020-09-09T08:27:42.705458Z 231 [Warning] [MY-010897] [Repl] Storing MySQL user name or password information in the master info repository is not secure and is therefore not recommended. Please consider using the USER and PASSWORD connection options for START SLAVE; see the 'START SLAVE Syntax' in the MySQL Manual for more information.
2020-09-09T08:27:43.172979Z 231 [ERROR] [MY-010584] [Repl] Slave I/O for channel 'group_replication_recovery': error connecting to master 'rpl@s3:3306' - retry-time: 60 retries: 1 message: Authentication plugin 'caching_sha2_password' reported error: Authentication requires secure connection. Error_code: MY-002061
2020-09-09T08:27:43.258495Z 230 [ERROR] [MY-011582] [Repl] Plugin group_replication reported: 'There was an error when connecting to the donor server. Please check that group_replication_recovery channel credentials and all MEMBER_HOST column values of performance_schema.replication_group_members table are correct and DNS resolvable.'
2020-09-09T08:27:43.258550Z 230 [ERROR] [MY-011583] [Repl] Plugin group_replication reported: 'For details please check performance_schema.replication_connection_status table and error log messages of Slave I/O for channel group_replication_recovery.'
分别查看了三个库的rpl用户信息,如下所示:
发现和admin的authentication_string字段不同,
admin用户是之前用navicat链接时出现的问题,是因为密码加密规则的变化。
难道rpl复制用户也是因为这个问题???
于是停掉组复制,做以下测试:
SET SQL_LOG_BIN=0;
set global super_read_only=off ; ##关闭group_replicationz后,该值会设置为on
drop user 'rpl'@'%' ; ##删除原rpl用户
CREATE USER rpl@'%' IDENTIFIED WITH 'mysql_native_password' BY 'MyNewPass4!'; ##创建用户,使用mysql_native_password
GRANT REPLICATION SLAVE ON *.* TO rpl@'%'; ##赋予权限
GRANT BACKUP_ADMIN ON *.* TO rpl@'%';
set global super_read_only=on ; ##恢复ON值
SET SQL_LOG_BIN=1;
以上,设置完之后,重新启动(start group_replication),检查组成员状态,发现已经完全正常。
为了验证这个问题,我又把当前的rpl账号删除掉,以官方文档上给出的创建用户语句又建了一遍,再次启动组复制,发现还是同样的问题。
因此可以在搭建的过程中,还是需要注意使用mysql_native_password。
但是有一个疑问:
这个问题是今天才发现,前两天也切换过,没有发现该问题,不知道是哪里的原因,回想了一下,关于密码设置这块好像也没有做过改动。
以此记录一下。
======================================
20200917更新
这几天又发现上次写的好像不对,因为后面又出现了类似的问题,启动group_replication之后连接不到主节点,原因还是在复制用户rpl的认证插件。
解决方法:
mysql> stop group replication;
mysql> set global group_replication_recovery_get_public_key=on;
mysql> start group replication;
下一篇文章了解下mysql用户认证插件相关问题。
京公网安备 11010802041100号