mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-16 03:52:35 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/scripts/wsrep_sst_rsync.sh

926 lines
30 KiB
Bash
Raw Normal View History

MDEV-27737 Wsrep SST scripts not working on FreeBSD - Changed SST scripts to use /usr/bin/env bash instead of /bin/bash for better portability. - Fixed use of mktemp on non-Linux platforms to produce temporary file instead of directory. Reviewed-by: Jan Lindström <jan.lindstrom@mariadb.com>
2022-02-03 13:06:25 +01:00
#!/usr/bin/env bash
set -ue
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
galera SST scripts: comments update
2024-09-15 04:27:23 +02:00
# Copyright (C) 2017-2024 MariaDB
MDEV-25975 innodb_disallow_writes causes shutdown to hang We will remove the parameter innodb_disallow_writes because it is badly designed and implemented. The parameter was never allowed at startup. It was only internally used by Galera snapshot transfer. If a user executed SET GLOBAL innodb_disallow_writes=ON; the server could hang even on subsequent read operations. During Galera snapshot transfer, we will block writes to implement an rsync friendly snapshot, as follows: sst_flush_tables() will acquire a global lock by executing FLUSH TABLES WITH READ LOCK, which will block any writes at the high level. sst_disable_innodb_writes(), invoked via ha_disable_internal_writes(true), will suspend or disable InnoDB background tasks or threads that could initiate writes. As part of this, log_make_checkpoint() will be invoked to ensure that anything in the InnoDB buf_pool.flush_list will be written to the data files. This has the nice side effect that the Galera joiner will avoid crash recovery. The changes to sql/wsrep.cc and to the tests are based on a prototype that was developed by Jan Lindström. Reviewed by: Jan Lindström
2022-04-06 07:06:49 +02:00
# Copyright (C) 2010-2022 Codership Oy
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; see the file COPYING. If not, write to the
# Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston
Merge branch '5.5' into 10.1
2019-05-11 21:19:05 +02:00
# MA 02110-1335 USA.
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
galera SST scripts: comments update
2024-09-15 04:27:23 +02:00
# This is a reference script for rsync-based state snapshot transfer.
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
. $(dirname "$0")/wsrep_sst_common
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
wsrep_check_programs rsync
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
RSYNC_REAL_PID=0 # rsync process id
STUNNEL_REAL_PID=0 # stunnel process id
MTR: rsync process is left running if pid file is removed MTR drops the datadir in the event of a test failure. In case mysqld is running as a Galera node and a failure occurs while the SST is in progress, the rsync pid file gets removed as part of the cleanup and wsrep_sst_rsync, which relies on this file, fails to kill the rsync. Fixed by using the cached $RSYNC_REAL_PID to kill rsync daemon.
2015-11-16 18:35:06 +01:00
galera SST scripts: unification of the previous SST completion check
2024-09-15 04:12:27 +02:00
MODULE="${WSREP_SST_OPT_MODULE:-rsync_sst}"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
galera SST scripts: unification of the previous SST completion check
2024-09-15 04:12:27 +02:00
RSYNC_PID="$DATA/$MODULE.pid"
RSYNC_CONF="$DATA/$MODULE.conf"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
galera SST scripts: unification of the previous SST completion check
2024-09-15 04:12:27 +02:00
STUNNEL_CONF="$DATA/stunnel.conf"
STUNNEL_PID="$DATA/stunnel.pid"
MAGIC_FILE="$DATA/rsync_sst_complete"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
cleanup_joiner()
{
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
# Since this is invoked just after exit NNN
local estatus=$?
if [ $estatus -ne 0 ]; then
wsrep_log_error "Cleanup after exit with status: $estatus"
MDEV-28758: Mariabackup copies binary logs to backup directory This commit restores defaults and functionality regarding binlogs to the way it was prior to MDEV-27524. The mariabackup utility no longer saves binlogs files as part of a backup without the --galera-info option. However, since we use --galera-info during SST, the behavior of mariabackup changes and, in combination with GTIDs support enabled, mariabackup transfers one (most recent) binlog file obtained after FLUSH BINARY LOGS. In other cases, binlogs are not transferred during SST in mariabackup mode. As for SST in the rsync mode, it works the same way as before MDEV-27524 - by default it transfers one last binlog file. The --sst-max-binlogs option for mariabackup and the sst_max_binlogs parameter in the [sst] / server sections are no longer supported for SST via mariabackup.
2022-07-19 13:26:19 +02:00
elif [ -z "${coords:-}" ]; then
estatus=32
wsrep_log_error "Failed to get current position"
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
fi
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
local failure=0
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
[ "$(pwd)" != "$OLD_PWD" ] && cd "$OLD_PWD"
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
wsrep_log_info "Joiner cleanup: rsync PID=$RSYNC_REAL_PID," \
"stunnel PID=$STUNNEL_REAL_PID"
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
if [ -n "$STUNNEL" ]; then
if cleanup_pid $STUNNEL_REAL_PID "$STUNNEL_PID" "$STUNNEL_CONF"; then
if [ $RSYNC_REAL_PID -eq 0 ]; then
if [ -r "$RSYNC_PID" ]; then
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
RSYNC_REAL_PID=$(cat "$RSYNC_PID" 2>/dev/null || :)
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
if [ -z "$RSYNC_REAL_PID" ]; then
RSYNC_REAL_PID=0
fi
fi
fi
else
wsrep_log_warning "stunnel cleanup failed."
failure=1
fi
fi
if [ $failure -eq 0 ]; then
if cleanup_pid $RSYNC_REAL_PID "$RSYNC_PID" "$RSYNC_CONF"; then
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
[ -f "$MAGIC_FILE" ] && rm -f "$MAGIC_FILE" || :
[ -f "$BINLOG_TAR_FILE" ] && rm -f "$BINLOG_TAR_FILE" || :
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
else
wsrep_log_warning "rsync cleanup failed."
fi
fi
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
if [ "$WSREP_SST_OPT_ROLE" = 'joiner' ]; then
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
wsrep_cleanup_progress_file
fi
MDEV-25880: rsync may be mistakenly killed when overlapping SST This commit fixes a bug was originally discovered during the galera_nbo_sst_slave mtr test for 10.6 branch. However it is relevant for all versions and can lead to intermittent SST crashes via rsync on very fast server restarts - when a new SST process (for example, after starting a new server instance) overlaps the old SST process started by the previous, already terminated server. This overlap can result in the new rsync being killed instead of the old rsync, or the pid file from the new rsync being killed, which then lead to problems.
2021-06-09 03:41:37 +02:00
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
[ -f "$SST_PID" ] && rm -f "$SST_PID" || :
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
wsrep_log_info "Joiner cleanup done."
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
exit $estatus
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
}
check_pid_and_port()
{
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
local pid_file="$1"
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
local pid=$2
local addr="$3"
local port="$4"
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
local utils='rsync|stunnel'
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
local port_info
local final
MDEV-10432: Post-fix after merging PR#205
2016-11-08 14:35:57 +01:00
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
if ! check_port $pid "$port" "$utils"; then
MDEV-34234: SST hangs when running on unprivileged containers on RHEL9 The lsof utility is prone to blocking on system calls that it uses to obtain information about sockets (or files, devices, etc.). This behavior is described in its own documentation. It has a '-b' option (in combination with warnings suppression via '-w') that reduces the probability of blocking, introducing new problems (luckily probably not relevant for our use case). However, there is no guarantee that it will not hang on some distributions, with some TCP/IP stack implementations, or with some filesystems, etc. Also, of the three utilities that are suitable for our purposes, lsof is the slowest. So if there are other utilities that we use during SST, such as 'ss' or 'sockstat', it is reasonable to use them instead of lsof. This commit changes the prioritization of utilities, it does not need additional tests (besides the numerous SST tests already available in the galera suites). If the system still need to use lsof, this commit adds the '-b' and '-w' options to it command line - to reduce the likelihood of blocking.
2024-09-12 19:00:26 +02:00
if [ $ss_available -ne 0 -o $sockstat_available -ne 0 ]; then
if [ $ss_available -ne 0 ]; then
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
port_info=$($socket_utility $ss_opts -t "( sport = :$port )" 2>/dev/null | \
galera SST scripts: correction of the grep pattern
2024-11-19 03:08:20 +01:00
grep -E '[[:space:]]users:[[:space:]]?\(' | \
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
grep -o -E "([^[:space:]]+[[:space:]]+){4}[^[:space:]]+" || :)
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
else
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
if [ $sockstat_available -gt 1 ]; then
galera SST scripts: fixing glitchy sockstat issues for FreeBSD
2024-09-16 04:57:56 +02:00
# The sockstat command on FreeBSD does not return
# the connection state without special option, but
# it supports filtering by connection state.
# Additionally, the sockstat utility on FreeBSD
# produces an one extra column:
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
port_info=$($socket_utility $sockstat_opts "$port" 2>/dev/null | \
grep -o -E "([^[:space:]]+[[:space:]]+){5}[^[:space:]]+" || :)
else
port_info=$($socket_utility $sockstat_opts "$port" 2>/dev/null | \
grep -E '[[:space:]]LISTEN([[:space:]]|$)' | \
grep -o -E "([^[:space:]]+[[:space:]]+){4}[^[:space:]]+" || :)
MDEV-26101: Galera WSREP SST broken on 10.6 under FreeBSD This commit fixes a call to the sockstat utility for FreeBSD, where this utility requires an extra "-s" parameter to display the connection status and prints one extra column.
2021-08-16 02:00:10 +02:00
fi
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
fi
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
final='$'
MDEV-34234: SST hangs when running on unprivileged containers on RHEL9 The lsof utility is prone to blocking on system calls that it uses to obtain information about sockets (or files, devices, etc.). This behavior is described in its own documentation. It has a '-b' option (in combination with warnings suppression via '-w') that reduces the probability of blocking, introducing new problems (luckily probably not relevant for our use case). However, there is no guarantee that it will not hang on some distributions, with some TCP/IP stack implementations, or with some filesystems, etc. Also, of the three utilities that are suitable for our purposes, lsof is the slowest. So if there are other utilities that we use during SST, such as 'ss' or 'sockstat', it is reasonable to use them instead of lsof. This commit changes the prioritization of utilities, it does not need additional tests (besides the numerous SST tests already available in the galera suites). If the system still need to use lsof, this commit adds the '-b' and '-w' options to it command line - to reduce the likelihood of blocking.
2024-09-12 19:00:26 +02:00
else
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
port_info=$($socket_utility $lsof_opts -i ":$port" 2>/dev/null | \
grep -w -F '(LISTEN)' || :)
final='[[:space:]]'
fi
local busy=0
if [ -n "$port_info" ]; then
local address='(\*|[0-9a-fA-F]*(:[0-9a-fA-F]*){1,7}|[0-9]+(\.[0-9]+){3})'
local filter="[[:space:]]($address|\\[$address\\])(%[^:]+)?:$port$final"
echo "$port_info" | grep -q -E "$filter" && busy=1
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
fi
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
if [ $busy -eq 0 ]; then
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
if ! ps -p $pid >/dev/null 2>&1; then
wsrep_log_error \
"the rsync or stunnel daemon (PID: $pid)" \
"terminated unexpectedly."
exit 16 # EBUSY
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
fi
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
return 1
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
fi
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
galera SST scripts: fixing glitchy sockstat issues for FreeBSD
2024-09-16 04:57:56 +02:00
local rc=0
check_port $pid "$port" "$utils" || rc=$?
if [ $rc -eq 16 ]; then
# We will ignore the return code EBUSY, which indicates
# a failed attempt to run the utility for retrieving
# socket information (on some systems):
return 1
elif [ $rc -ne 0 ]; then
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
wsrep_log_error "rsync or stunnel daemon port '$port'" \
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
"has been taken by another program"
MDEV-9903 - 10.2 : Check and run rsync daemon only in the needed IP See https://github.com/MariaDB/server/pull/235 I submit this code under the BSD-new license.
2016-10-03 12:30:12 +02:00
exit 16 # EBUSY
fi
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
fi
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
check_pid "$pid_file" && [ $CHECK_PID -eq $pid ]
MDEV-9903 - 10.2 : Check and run rsync daemon only in the needed IP See https://github.com/MariaDB/server/pull/235 I submit this code under the BSD-new license.
2016-10-03 12:30:12 +02:00
}
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
get_binlog
MDEV-15436: If log_bin and log_bin_index is different SST with rsync fails. Problem was that in SST log_bin_index name and directory was not handled and passed to rsync SST script. wsrep_sst_common.sh Read binlog index dirname and filename if --binlog-index parameter is provided. Read binlog filenames from that file from donor and write transfered binlog filenames to that file in joiner. mysqld.cc, mysqld.h Moved opt_binlog_index_name from static to global and added it to extern. wsrep_sst.cc generate_binlog_index_opt_val New function to generate binlog index name if opt_binlog_index_name is given on configuration. sst_prepare_other Add binlog index configuration to SST command. wsrep_sst.h Add new SST parameter --binlog-index Add test case.
2018-06-26 11:56:19 +02:00
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
if [ -n "$WSREP_SST_OPT_BINLOG" ]; then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
binlog_dir=$(dirname "$WSREP_SST_OPT_BINLOG")
binlog_base=$(basename "$WSREP_SST_OPT_BINLOG")
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
fi
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
BINLOG_TAR_FILE="$DATA_DIR/wsrep_sst_binlog.tar"
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
MDEV-30220: rsync SST completely ignores aria-log-dir-path This commit adds support for the --aria-log-dir-path option on the command line and for the aria-log-dir-path option in the configuration file to the SST scripts, since before this change these parameters were completely ignored during SST - SST scripts assumed that aria logs files are always located in the same directory as logs for innodb. Tests for this change will be added as a separate commit, along with tests for MDEV-30157 and MDEV-28669.
2022-12-13 15:44:24 +01:00
ar_log_dir="$DATA_DIR"
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
ib_log_dir="$DATA_DIR"
ib_home_dir="$DATA_DIR"
ib_undo_dir="$DATA_DIR"
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
encgroups='--mysqld|sst'
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
check_server_ssl_config
MDEV-25669: SST scripts should check all server groups in config files 1) This commit implements reading all sections from configuration files while looking for the current value of any server variable, which were previously only read from the [mysqld.suffix] group and from [mysqld], but not from other groups such as [mariadb.suffix], [mariadb] or, for example, [server]. 2) This commit also fixes misrecognition of some parameters when parsing a command line containing a special marker for the end of the list of options ("--") or when short option names (such as "-s", "-a" and "-h arg") chained together (like a "-sah arg"). Such parameters can be passed to the SST script in the list of arguments after "--mysqld-args" if the server is started with a complex set of options - this was revealed during manual testing of changes to read configuration files. 3) The server-side preparation code for the "--mysqld-args" option list has also been simplified to make it easier to change in the future (if needed), and has been improved to properly handle the special backquote ("`") character in the argument values.
2021-05-14 12:51:36 +02:00
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
SSTKEY="$tkey"
SSTCERT="$tpem"
SSTCA="$tcert"
SSTCAP="$tcap"
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
MDEV-28204: The tr utility does not work as expected on rsync SST This commit contains a fix to use modern syntax for selecting character classes in the tr utility options. Also one of the tests for SST via rsync (galera_sst_rysnc2) is made more reliable (to avoid rare failures during automatic testing).
2022-04-04 11:28:36 +02:00
SSLMODE=$(parse_cnf "$encgroups" 'ssl-mode' | tr '[[:lower:]]' '[[:upper:]]')
MDEV-26360: Using hostnames breaks certificate validation Fixed flaws with overly strict or, conversely, overly soft verification of certificates in some scenarios: 1. Removed the check that the 'commonname' (CN) in the certificate matches the 'localhost' value on the side of the joiner node, which was performed earlier, even if the address was received by the script only as an argument (out of the exchange via the Galera protocol) - since for the joining node this argument always contains its own local address, not the address of the remote host, so it is always treated as 'localhost', which is not necessarily true (outside of mtr testing); 2. Removed checking the domain name or IP-address of the peer node in the encrypt=2 mode; 3. Fixed checking of compliance of certificates when rsync SST is used; 4. Added the ability to specify CA not only as a file, but also as a path to the directory where the certificates are stored. To do this, the user just needs to specify the path to this directory as the value ssl-ca or tca parameter, ending with the '/' character.
2021-09-23 16:14:54 +02:00
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
if [ -z "$SSLMODE" ]; then
# Implicit verification if CA is set and the SSL mode
# is not specified by user:
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
if [ -n "$SSTCA$SSTCAP" ]; then
STUNNEL_BIN=$(commandex 'stunnel')
if [ -n "$STUNNEL_BIN" ]; then
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
SSLMODE='VERIFY_CA'
fi
# Require SSL by default if SSL key and cert are present:
elif [ -n "$SSTKEY" -a -n "$SSTCERT" ]; then
SSLMODE='REQUIRED'
fi
MDEV-26377: Stricter validation of ssl-mode values This commit adds validation of the values of the ssl-mode parameter in SSL scripts, since now only a basic check for the presence of the "VERIFY_" prefix is performed there to detect "VERIFY_IDENTITY" and "VERIFY_CA", but all other values are not checked at all. In addition, this commit removes leading and trailing spaces from parameter values that SST scripts read from configuration files or from the command line so that they do not interfere with parameter checks and substitutions. Parameter substitution has been made more robust against characters in strings that the shell might erroneously interpret as regexp.
2022-02-22 12:34:58 +01:00
else
case "$SSLMODE" in
'VERIFY_IDENTITY'|'VERIFY_CA'|'REQUIRED'|'DISABLED')
;;
*)
wsrep_log_error "Unrecognized ssl-mode option: '$SSLMODE'"
exit 22 # EINVAL
;;
esac
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
fi
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
if [ -n "$SSTKEY" -a -n "$SSTCERT" ]; then
MDEV-26360: Using hostnames breaks certificate validation Fixed flaws with overly strict or, conversely, overly soft verification of certificates in some scenarios: 1. Removed the check that the 'commonname' (CN) in the certificate matches the 'localhost' value on the side of the joiner node, which was performed earlier, even if the address was received by the script only as an argument (out of the exchange via the Galera protocol) - since for the joining node this argument always contains its own local address, not the address of the remote host, so it is always treated as 'localhost', which is not necessarily true (outside of mtr testing); 2. Removed checking the domain name or IP-address of the peer node in the encrypt=2 mode; 3. Fixed checking of compliance of certificates when rsync SST is used; 4. Added the ability to specify CA not only as a file, but also as a path to the directory where the certificates are stored. To do this, the user just needs to specify the path to this directory as the value ssl-ca or tca parameter, ending with the '/' character.
2021-09-23 16:14:54 +02:00
verify_cert_matches_key "$SSTCERT" "$SSTKEY"
fi
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
CAFILE_OPT=""
CAPATH_OPT=""
if [ -n "$SSTCA$SSTCAP" ]; then
if [ -n "$SSTCA" ]; then
MDEV-26360: Using hostnames breaks certificate validation Fixed flaws with overly strict or, conversely, overly soft verification of certificates in some scenarios: 1. Removed the check that the 'commonname' (CN) in the certificate matches the 'localhost' value on the side of the joiner node, which was performed earlier, even if the address was received by the script only as an argument (out of the exchange via the Galera protocol) - since for the joining node this argument always contains its own local address, not the address of the remote host, so it is always treated as 'localhost', which is not necessarily true (outside of mtr testing); 2. Removed checking the domain name or IP-address of the peer node in the encrypt=2 mode; 3. Fixed checking of compliance of certificates when rsync SST is used; 4. Added the ability to specify CA not only as a file, but also as a path to the directory where the certificates are stored. To do this, the user just needs to specify the path to this directory as the value ssl-ca or tca parameter, ending with the '/' character.
2021-09-23 16:14:54 +02:00
CAFILE_OPT="CAfile = $SSTCA"
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
fi
if [ -n "$SSTCAP" ]; then
CAPATH_OPT="CApath = $SSTCAP"
MDEV-26360: Using hostnames breaks certificate validation Fixed flaws with overly strict or, conversely, overly soft verification of certificates in some scenarios: 1. Removed the check that the 'commonname' (CN) in the certificate matches the 'localhost' value on the side of the joiner node, which was performed earlier, even if the address was received by the script only as an argument (out of the exchange via the Galera protocol) - since for the joining node this argument always contains its own local address, not the address of the remote host, so it is always treated as 'localhost', which is not necessarily true (outside of mtr testing); 2. Removed checking the domain name or IP-address of the peer node in the encrypt=2 mode; 3. Fixed checking of compliance of certificates when rsync SST is used; 4. Added the ability to specify CA not only as a file, but also as a path to the directory where the certificates are stored. To do this, the user just needs to specify the path to this directory as the value ssl-ca or tca parameter, ending with the '/' character.
2021-09-23 16:14:54 +02:00
fi
if [ -n "$SSTCERT" ]; then
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
verify_ca_matches_cert "$SSTCERT" "$SSTCA" "$SSTCAP"
MDEV-26360: Using hostnames breaks certificate validation Fixed flaws with overly strict or, conversely, overly soft verification of certificates in some scenarios: 1. Removed the check that the 'commonname' (CN) in the certificate matches the 'localhost' value on the side of the joiner node, which was performed earlier, even if the address was received by the script only as an argument (out of the exchange via the Galera protocol) - since for the joining node this argument always contains its own local address, not the address of the remote host, so it is always treated as 'localhost', which is not necessarily true (outside of mtr testing); 2. Removed checking the domain name or IP-address of the peer node in the encrypt=2 mode; 3. Fixed checking of compliance of certificates when rsync SST is used; 4. Added the ability to specify CA not only as a file, but also as a path to the directory where the certificates are stored. To do this, the user just needs to specify the path to this directory as the value ssl-ca or tca parameter, ending with the '/' character.
2021-09-23 16:14:54 +02:00
fi
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
fi
MDEV-25759: is_local_ip function can come to incorrect conclusion The is_local_ip function that used in Galera SST scripts now incorrectly identifies ip-addresses falling under the "127.0.0.0/8" netmask as non-local ip, although they certainly belong to the loopback interface. This commit fixes this flaw.
2021-05-23 01:11:19 +02:00
VERIFY_OPT=""
CHECK_OPT=""
CHECK_OPT_LOCAL=""
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
if [ "${SSLMODE#VERIFY}" != "$SSLMODE" ]; then
MDEV-26377: Stricter validation of ssl-mode values This commit adds validation of the values of the ssl-mode parameter in SSL scripts, since now only a basic check for the presence of the "VERIFY_" prefix is performed there to detect "VERIFY_IDENTITY" and "VERIFY_CA", but all other values are not checked at all. In addition, this commit removes leading and trailing spaces from parameter values that SST scripts read from configuration files or from the command line so that they do not interfere with parameter checks and substitutions. Parameter substitution has been made more robust against characters in strings that the shell might erroneously interpret as regexp.
2022-02-22 12:34:58 +01:00
if [ "$SSLMODE" = 'VERIFY_IDENTITY' ]; then
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
VERIFY_OPT='verifyPeer = yes'
MDEV-26377: Stricter validation of ssl-mode values This commit adds validation of the values of the ssl-mode parameter in SSL scripts, since now only a basic check for the presence of the "VERIFY_" prefix is performed there to detect "VERIFY_IDENTITY" and "VERIFY_CA", but all other values are not checked at all. In addition, this commit removes leading and trailing spaces from parameter values that SST scripts read from configuration files or from the command line so that they do not interfere with parameter checks and substitutions. Parameter substitution has been made more robust against characters in strings that the shell might erroneously interpret as regexp.
2022-02-22 12:34:58 +01:00
else
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
VERIFY_OPT='verifyChain = yes'
MDEV-26377: Stricter validation of ssl-mode values This commit adds validation of the values of the ssl-mode parameter in SSL scripts, since now only a basic check for the presence of the "VERIFY_" prefix is performed there to detect "VERIFY_IDENTITY" and "VERIFY_CA", but all other values are not checked at all. In addition, this commit removes leading and trailing spaces from parameter values that SST scripts read from configuration files or from the command line so that they do not interfere with parameter checks and substitutions. Parameter substitution has been made more robust against characters in strings that the shell might erroneously interpret as regexp.
2022-02-22 12:34:58 +01:00
fi
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
if [ -z "$SSTCA$SSTCAP" ]; then
MDEV-26360: Using hostnames breaks certificate validation Fixed flaws with overly strict or, conversely, overly soft verification of certificates in some scenarios: 1. Removed the check that the 'commonname' (CN) in the certificate matches the 'localhost' value on the side of the joiner node, which was performed earlier, even if the address was received by the script only as an argument (out of the exchange via the Galera protocol) - since for the joining node this argument always contains its own local address, not the address of the remote host, so it is always treated as 'localhost', which is not necessarily true (outside of mtr testing); 2. Removed checking the domain name or IP-address of the peer node in the encrypt=2 mode; 3. Fixed checking of compliance of certificates when rsync SST is used; 4. Added the ability to specify CA not only as a file, but also as a path to the directory where the certificates are stored. To do this, the user just needs to specify the path to this directory as the value ssl-ca or tca parameter, ending with the '/' character.
2021-09-23 16:14:54 +02:00
wsrep_log_error "Can't have ssl-mode='$SSLMODE' without CA file or path"
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
exit 22 # EINVAL
fi
MDEV-26360: Using hostnames breaks certificate validation Fixed flaws with overly strict or, conversely, overly soft verification of certificates in some scenarios: 1. Removed the check that the 'commonname' (CN) in the certificate matches the 'localhost' value on the side of the joiner node, which was performed earlier, even if the address was received by the script only as an argument (out of the exchange via the Galera protocol) - since for the joining node this argument always contains its own local address, not the address of the remote host, so it is always treated as 'localhost', which is not necessarily true (outside of mtr testing); 2. Removed checking the domain name or IP-address of the peer node in the encrypt=2 mode; 3. Fixed checking of compliance of certificates when rsync SST is used; 4. Added the ability to specify CA not only as a file, but also as a path to the directory where the certificates are stored. To do this, the user just needs to specify the path to this directory as the value ssl-ca or tca parameter, ending with the '/' character.
2021-09-23 16:14:54 +02:00
if [ -n "$WSREP_SST_OPT_REMOTE_USER" ]; then
CHECK_OPT="checkHost = $WSREP_SST_OPT_REMOTE_USER"
elif [ "$WSREP_SST_OPT_ROLE" = 'donor' ]; then
# check if the address is an ip-address (v4 or v6):
if echo "$WSREP_SST_OPT_HOST_UNESCAPED" | \
galera SST scripts: more robust port checking
2024-09-13 16:46:12 +02:00
grep -q -E '^([0-9]+(\.[0-9]+){3}|[0-9a-fA-F]*(:[0-9a-fA-F]*){1,7})$'
MDEV-26360: Using hostnames breaks certificate validation Fixed flaws with overly strict or, conversely, overly soft verification of certificates in some scenarios: 1. Removed the check that the 'commonname' (CN) in the certificate matches the 'localhost' value on the side of the joiner node, which was performed earlier, even if the address was received by the script only as an argument (out of the exchange via the Galera protocol) - since for the joining node this argument always contains its own local address, not the address of the remote host, so it is always treated as 'localhost', which is not necessarily true (outside of mtr testing); 2. Removed checking the domain name or IP-address of the peer node in the encrypt=2 mode; 3. Fixed checking of compliance of certificates when rsync SST is used; 4. Added the ability to specify CA not only as a file, but also as a path to the directory where the certificates are stored. To do this, the user just needs to specify the path to this directory as the value ssl-ca or tca parameter, ending with the '/' character.
2021-09-23 16:14:54 +02:00
then
CHECK_OPT="checkIP = $WSREP_SST_OPT_HOST_UNESCAPED"
else
CHECK_OPT="checkHost = $WSREP_SST_OPT_HOST"
fi
if is_local_ip "$WSREP_SST_OPT_HOST_UNESCAPED"; then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
CHECK_OPT_LOCAL='checkHost = localhost'
MDEV-26360: Using hostnames breaks certificate validation Fixed flaws with overly strict or, conversely, overly soft verification of certificates in some scenarios: 1. Removed the check that the 'commonname' (CN) in the certificate matches the 'localhost' value on the side of the joiner node, which was performed earlier, even if the address was received by the script only as an argument (out of the exchange via the Galera protocol) - since for the joining node this argument always contains its own local address, not the address of the remote host, so it is always treated as 'localhost', which is not necessarily true (outside of mtr testing); 2. Removed checking the domain name or IP-address of the peer node in the encrypt=2 mode; 3. Fixed checking of compliance of certificates when rsync SST is used; 4. Added the ability to specify CA not only as a file, but also as a path to the directory where the certificates are stored. To do this, the user just needs to specify the path to this directory as the value ssl-ca or tca parameter, ending with the '/' character.
2021-09-23 16:14:54 +02:00
fi
fi
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
fi
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
STUNNEL=""
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
if [ -n "$SSLMODE" -a "$SSLMODE" != 'DISABLED' ]; then
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
if [ -z "${STUNNEL_BIN+x}" ]; then
STUNNEL_BIN=$(commandex 'stunnel')
fi
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
if [ -n "$STUNNEL_BIN" ]; then
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
wsrep_log_info "Using stunnel for SSL encryption: CA: '$SSTCA'," \
"CAPATH='$SSTCAP', ssl-mode='$SSLMODE'"
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
STUNNEL="$STUNNEL_BIN $STUNNEL_CONF"
fi
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
fi
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
readonly SECRET_TAG='secret'
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
readonly BYPASS_TAG='bypass'
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
galera SST scripts: unification of the previous SST completion check
2024-09-15 04:12:27 +02:00
wait_previous_sst
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
# give some time for stunnel from the previous SST to complete:
check_round=0
while check_pid "$STUNNEL_PID" 1 "$STUNNEL_CONF"; do
wsrep_log_info "Lingering stunnel daemon found at startup," \
"waiting for it to exit"
galera SST scripts: parsing CN in certificates This commit contains a fix for the code that extracts and parses the CN (common name, domain name) record from certificates using the openssl utility. This code is also made common to the rsync and mariabackup scripts. There is also some systematization of the use of 'printf' and 'echo' builtins/utilities.
2024-04-25 00:13:02 +02:00
check_round=$(( check_round+1 ))
galera SST scripts: unification of the previous SST completion check
2024-09-15 04:12:27 +02:00
if [ $check_round -eq 30 ]; then
wsrep_log_error "stunnel daemon still running..."
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
exit 114 # EALREADY
fi
sleep 1
done
# give some time for rsync from the previous SST to complete:
check_round=0
while check_pid "$RSYNC_PID" 1 "$RSYNC_CONF"; do
wsrep_log_info "Lingering rsync daemon found at startup," \
"waiting for it to exit"
galera SST scripts: parsing CN in certificates This commit contains a fix for the code that extracts and parses the CN (common name, domain name) record from certificates using the openssl utility. This code is also made common to the rsync and mariabackup scripts. There is also some systematization of the use of 'printf' and 'echo' builtins/utilities.
2024-04-25 00:13:02 +02:00
check_round=$(( check_round+1 ))
galera SST scripts: unification of the previous SST completion check
2024-09-15 04:12:27 +02:00
if [ $check_round -eq 30 ]; then
wsrep_log_error "rsync daemon still running..."
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
exit 114 # EALREADY
fi
sleep 1
done
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
[ -f "$MAGIC_FILE" ] && rm -f "$MAGIC_FILE"
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
[ -f "$BINLOG_TAR_FILE" ] && rm -f "$BINLOG_TAR_FILE"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
RC=0
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
if [ "$WSREP_SST_OPT_ROLE" = 'donor' ]; then
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
if [ -n "$STUNNEL" ]; then
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
cat << EOF > "$STUNNEL_CONF"
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
key = $SSTKEY
cert = $SSTCERT
${CAFILE_OPT}
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
${CAPATH_OPT}
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
foreground = yes
pid = $STUNNEL_PID
debug = warning
client = yes
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
connect = $WSREP_SST_OPT_HOST_UNESCAPED:$WSREP_SST_OPT_PORT
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
TIMEOUTclose = 0
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
${VERIFY_OPT}
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
${CHECK_OPT}
MDEV-25759: is_local_ip function can come to incorrect conclusion The is_local_ip function that used in Galera SST scripts now incorrectly identifies ip-addresses falling under the "127.0.0.0/8" netmask as non-local ip, although they certainly belong to the loopback interface. This commit fixes this flaw.
2021-05-23 01:11:19 +02:00
${CHECK_OPT_LOCAL}
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
EOF
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
fi
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
if [ $WSREP_SST_OPT_BYPASS -eq 0 ]; then
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-32344: IST failed with ssl-mode=VERIFY_CA This commit fixes a bug where IST could be rejected in favor of SST when ssl-mode=VERIFY_CA and when mariabackup is used. It also contains a test and small code simplifications that will make it easier to find bugs in the future.
2023-12-07 01:29:57 +01:00
FLUSHED="$DATA/tables_flushed"
ERROR="$DATA/sst_error"
MDEV-9598: Donor's rsync SST script hangs if FTWRL fails During SST, since wsrep_sst_rsync waits for mysqld to create "tables_flushed" file after it has successfully executed FTWRL, it would wait forever if FTWRL fails. Fixed by introducing a mechanism to report failure to the script.
2016-02-26 16:49:19 +01:00
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
[ -f "$FLUSHED" ] && rm -f "$FLUSHED"
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
[ -f "$ERROR" ] && rm -f "$ERROR"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
echo 'flush tables'
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-6594: Use separate domain_id for Galera transactions
2015-02-28 04:33:41 +01:00
# Wait for :
MDEV-9598: Donor's rsync SST script hangs if FTWRL fails During SST, since wsrep_sst_rsync waits for mysqld to create "tables_flushed" file after it has successfully executed FTWRL, it would wait forever if FTWRL fails. Fixed by introducing a mechanism to report failure to the script.
2016-02-26 16:49:19 +01:00
# (a) Tables to be flushed, AND
# (b) Cluster state ID & wsrep_gtid_domain_id to be written to the file, OR
# (c) ERROR file, in case flush tables operation failed.
MDEV-28758: Mariabackup copies binary logs to backup directory This commit restores defaults and functionality regarding binlogs to the way it was prior to MDEV-27524. The mariabackup utility no longer saves binlogs files as part of a backup without the --galera-info option. However, since we use --galera-info during SST, the behavior of mariabackup changes and, in combination with GTIDs support enabled, mariabackup transfers one (most recent) binlog file obtained after FLUSH BINARY LOGS. In other cases, binlogs are not transferred during SST in mariabackup mode. As for SST in the rsync mode, it works the same way as before MDEV-27524 - by default it transfers one last binlog file. The --sst-max-binlogs option for mariabackup and the sst_max_binlogs parameter in the [sst] / server sections are no longer supported for SST via mariabackup.
2022-07-19 13:26:19 +02:00
while [ ! -r "$FLUSHED" ] || \
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
! grep -q -F ':' -- "$FLUSHED"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
do
MDEV-9598: Donor's rsync SST script hangs if FTWRL fails During SST, since wsrep_sst_rsync waits for mysqld to create "tables_flushed" file after it has successfully executed FTWRL, it would wait forever if FTWRL fails. Fixed by introducing a mechanism to report failure to the script.
2016-02-26 16:49:19 +01:00
# Check whether ERROR file exists.
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
if [ -f "$ERROR" ]; then
MDEV-9598: Donor's rsync SST script hangs if FTWRL fails During SST, since wsrep_sst_rsync waits for mysqld to create "tables_flushed" file after it has successfully executed FTWRL, it would wait forever if FTWRL fails. Fixed by introducing a mechanism to report failure to the script.
2016-02-26 16:49:19 +01:00
# Flush tables operation failed.
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
rm "$ERROR"
MDEV-9598: Donor's rsync SST script hangs if FTWRL fails During SST, since wsrep_sst_rsync waits for mysqld to create "tables_flushed" file after it has successfully executed FTWRL, it would wait forever if FTWRL fails. Fixed by introducing a mechanism to report failure to the script.
2016-02-26 16:49:19 +01:00
exit 255
fi
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
sleep 0.2
done
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
STATE=$(cat "$FLUSHED")
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
rm "$FLUSHED"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
sync
MDEV-25975 innodb_disallow_writes causes shutdown to hang We will remove the parameter innodb_disallow_writes because it is badly designed and implemented. The parameter was never allowed at startup. It was only internally used by Galera snapshot transfer. If a user executed SET GLOBAL innodb_disallow_writes=ON; the server could hang even on subsequent read operations. During Galera snapshot transfer, we will block writes to implement an rsync friendly snapshot, as follows: sst_flush_tables() will acquire a global lock by executing FLUSH TABLES WITH READ LOCK, which will block any writes at the high level. sst_disable_innodb_writes(), invoked via ha_disable_internal_writes(true), will suspend or disable InnoDB background tasks or threads that could initiate writes. As part of this, log_make_checkpoint() will be invoked to ensure that anything in the InnoDB buf_pool.flush_list will be written to the data files. This has the nice side effect that the Galera joiner will avoid crash recovery. The changes to sql/wsrep.cc and to the tests are based on a prototype that was developed by Jan Lindström. Reviewed by: Jan Lindström
2022-04-06 07:06:49 +02:00
wsrep_log_info "Tables flushed"
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
if [ -n "$WSREP_SST_OPT_BINLOG" ]; then
# Change the directory to binlog base (if possible):
cd "$DATA"
# Let's check the existence of the file with the index:
if [ -f "$WSREP_SST_OPT_BINLOG_INDEX" ]; then
# Let's read the binlog index:
MDEV-28758: Mariabackup copies binary logs to backup directory This commit restores defaults and functionality regarding binlogs to the way it was prior to MDEV-27524. The mariabackup utility no longer saves binlogs files as part of a backup without the --galera-info option. However, since we use --galera-info during SST, the behavior of mariabackup changes and, in combination with GTIDs support enabled, mariabackup transfers one (most recent) binlog file obtained after FLUSH BINARY LOGS. In other cases, binlogs are not transferred during SST in mariabackup mode. As for SST in the rsync mode, it works the same way as before MDEV-27524 - by default it transfers one last binlog file. The --sst-max-binlogs option for mariabackup and the sst_max_binlogs parameter in the [sst] / server sections are no longer supported for SST via mariabackup.
2022-07-19 13:26:19 +02:00
max_binlogs=$(parse_cnf "$encgroups" 'sst-max-binlogs' 1)
if [ $max_binlogs -ge 0 ]; then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
binlog_files=""
if [ $max_binlogs -gt 0 ]; then
binlog_files=$(tail -n $max_binlogs \
"$WSREP_SST_OPT_BINLOG_INDEX")
fi
else
binlog_files=$(cat "$WSREP_SST_OPT_BINLOG_INDEX")
fi
if [ -n "$binlog_files" ]; then
# Preparing binlog files for transfer:
wsrep_log_info "Preparing binlog files for transfer:"
tar_type=0
wsrep scripts fixes for working on OpenBSD
2023-12-31 01:42:10 +01:00
if tar --help 2>/dev/null | grep -qw -F -- '--transform'; then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
tar_type=1
wsrep scripts fixes for working on OpenBSD
2023-12-31 01:42:10 +01:00
elif tar --version 2>/dev/null | grep -qw -E '^bsdtar'; then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
tar_type=2
fi
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
if [ $tar_type -eq 2 ]; then
galera SST scripts: parsing CN in certificates This commit contains a fix for the code that extracts and parses the CN (common name, domain name) record from certificates using the openssl utility. This code is also made common to the rsync and mariabackup scripts. There is also some systematization of the use of 'printf' and 'echo' builtins/utilities.
2024-04-25 00:13:02 +02:00
echo "$binlog_files" >&2
MDEV-27777: Some Galera tests fail on FreeBSD This commit fixes problems due to bugs and quirks in bsdtar (the FreeBSD version of tar). Separate tests are not required, because without these fixes, many other tests fail when tested in the FreeBSD environment. Also, the grep patterns for reading utility version numbers has been made more robust. The notation of some options of the "cut" utility has been changed.
2022-02-12 00:59:15 +01:00
fi
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
if [ $tar_type -ne 0 ]; then
# Preparing list of the binlog file names:
echo "$binlog_files" | {
binlogs=""
while read bin_file || [ -n "$bin_file" ]; do
[ ! -f "$bin_file" ] && continue
MDEV-27777: Some Galera tests fail on FreeBSD This commit fixes problems due to bugs and quirks in bsdtar (the FreeBSD version of tar). Separate tests are not required, because without these fixes, many other tests fail when tested in the FreeBSD environment. Also, the grep patterns for reading utility version numbers has been made more robust. The notation of some options of the "cut" utility has been changed.
2022-02-12 00:59:15 +01:00
if [ -n "$BASH_VERSION" ]; then
first="${bin_file:0:1}"
else
first=$(echo "$bin_file" | cut -c1)
fi
if [ "$first" = '-' -o "$first" = '@' ]; then
bin_file="./$bin_file"
fi
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
binlogs="$binlogs${binlogs:+ }'$bin_file'"
done
if [ -n "$binlogs" ]; then
if [ $tar_type -eq 1 ]; then
MDEV-27777: Some Galera tests fail on FreeBSD This commit fixes problems due to bugs and quirks in bsdtar (the FreeBSD version of tar). Separate tests are not required, because without these fixes, many other tests fail when tested in the FreeBSD environment. Also, the grep patterns for reading utility version numbers has been made more robust. The notation of some options of the "cut" utility has been changed.
2022-02-12 00:59:15 +01:00
tar_options="--transform='s/^.*\///g'"
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
else
MDEV-27777: Some Galera tests fail on FreeBSD This commit fixes problems due to bugs and quirks in bsdtar (the FreeBSD version of tar). Separate tests are not required, because without these fixes, many other tests fail when tested in the FreeBSD environment. Also, the grep patterns for reading utility version numbers has been made more robust. The notation of some options of the "cut" utility has been changed.
2022-02-12 00:59:15 +01:00
# bsdtar handles backslash incorrectly:
tar_options="-s '?^.*/??g'"
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
fi
eval tar -P $tar_options \
-cvf "'$BINLOG_TAR_FILE'" $binlogs >&2
fi
}
else
tar_options='-cvf'
echo "$binlog_files" | \
while read bin_file || [ -n "$bin_file" ]; do
[ ! -f "$bin_file" ] && continue
bin_dir=$(dirname "$bin_file")
bin_base=$(basename "$bin_file")
MDEV-27777: Some Galera tests fail on FreeBSD This commit fixes problems due to bugs and quirks in bsdtar (the FreeBSD version of tar). Separate tests are not required, because without these fixes, many other tests fail when tested in the FreeBSD environment. Also, the grep patterns for reading utility version numbers has been made more robust. The notation of some options of the "cut" utility has been changed.
2022-02-12 00:59:15 +01:00
if [ -n "$BASH_VERSION" ]; then
first="${bin_base:0:1}"
else
first=$(echo "$bin_base" | cut -c1)
fi
if [ "$first" = '-' -o "$first" = '@' ]; then
bin_base="./$bin_base"
fi
pre-MDEV-30157 & pre-MDEV-28669: fixes before the main corrections This commit adds even more correct handling of parameters with paths when they contain leading or trailing spaces and/or slashes. Also it fixes problems that occur when the user specified explicit paths to additional directories, but these paths match the specified path of the data directory - in this case, additional subdirectories should be treated (in relation to the data directory) in the same way as if these paths were not specified or as if they are implicitly specified as "." or "./". But prior to this fix, existing code treated any values as if they were completely separate directories, whether or not they actually point to the same location to which datadir points to - and this sometimes resulted in incorrect file transfers. This fix does not contain separate tests, as tests will be part of the main commit(s). This fix has been made as a separate commit to facilitate review for major substantive fixes related to MDEV-30157 and MDEV-28669.
2022-12-13 10:32:21 +01:00
if [ -n "$bin_dir" -a "$bin_dir" != '.' -a \
"$bin_dir" != "$DATA_DIR" ]
then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
tar $tar_options "$BINLOG_TAR_FILE" \
-C "$bin_dir" "$bin_base" >&2
else
tar $tar_options "$BINLOG_TAR_FILE" \
"$bin_base" >&2
fi
tar_options='-rvf'
done
fi
fi
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
fi
MDEV-10432: Post-fix after merging PR#205
2016-11-08 14:35:57 +01:00
cd "$OLD_PWD"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
fi
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
# Use deltaxfer only for WAN:
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
WHOLE_FILE_OPT=""
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
if [ "${WSREP_METHOD%_wan}" = "$WSREP_METHOD" ]; then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
WHOLE_FILE_OPT='--whole-file'
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
fi
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
# Old filter - include everything except selected
# FILTER=(--exclude '*.err' --exclude '*.pid' --exclude '*.sock' \
# --exclude '*.conf' --exclude core --exclude 'galera.*' \
# --exclude grastate.txt --exclude '*.pem' \
# --exclude '*.[0-9][0-9][0-9][0-9][0-9][0-9]' --exclude '*.index')
# New filter - exclude everything except dirs (schemas) and innodb files
FILTER="-f '- /lost+found'
-f '- /.zfs'
-f '- /.fseventsd'
-f '- /.Trashes'
-f '- /.pid'
-f '- /.conf'
MDEV-31332: Galera rsync sst to ignore .snapshot/ files .snapshot exists as a directory on NetApp storage and should not be copied during the sst process. Thanks Daniel Czadek for the bug report. Signed-off-by: Julius Goryavsky <julius.goryavsky@mariadb.com>
2023-07-18 09:04:05 +02:00
-f '- /.snapshot/'
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
-f '+ /wsrep_sst_binlog.tar'
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
-f '- $ib_home_dir/ib_lru_dump'
-f '- $ib_home_dir/ibdata*'
MDEV-30157: Galera SST doesn't properly handle undo* files from innodb This fix adds separate handling for "undo*" files that contain undo logs as part of innodb files and adds a filter for undo* to the main filter used when initially transferring files with rsync.
2022-12-13 14:59:24 +01:00
-f '- $ib_undo_dir/undo*'
-f '- $ib_log_dir/ib_logfile[0-9]*'
MDEV-30220: rsync SST completely ignores aria-log-dir-path This commit adds support for the --aria-log-dir-path option on the command line and for the aria-log-dir-path option in the configuration file to the SST scripts, since before this change these parameters were completely ignored during SST - SST scripts assumed that aria logs files are always located in the same directory as logs for innodb. Tests for this change will be added as a separate commit, along with tests for MDEV-30157 and MDEV-28669.
2022-12-13 15:44:24 +01:00
-f '- $ar_log_dir/aria_log_control'
-f '- $ar_log_dir/aria_log.*'
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
-f '+ /*/'
-f '- /*'"
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
# first, the normal directories, so that we can detect
# incompatible protocol:
eval rsync ${STUNNEL:+"--rsh='$STUNNEL'"} \
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
--owner --group --perms --links --specials \
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
--ignore-times --inplace --dirs --delete --quiet \
MDEV-32344: IST failed with ssl-mode=VERIFY_CA This commit fixes a bug where IST could be rejected in favor of SST when ssl-mode=VERIFY_CA and when mariabackup is used. It also contains a test and small code simplifications that will make it easier to find bugs in the future.
2023-12-07 01:29:57 +01:00
$WHOLE_FILE_OPT $FILTER "'$DATA/'" \
MDEV-24962 addendum: improved handling of paths with spaces
2021-05-06 01:16:52 +02:00
"'rsync://$WSREP_SST_OPT_ADDR'" >&2 || RC=$?
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
if [ $RC -ne 0 ]; then
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
wsrep_log_error "rsync returned code $RC:"
case $RC in
12) RC=71 # EPROTO
wsrep_log_error \
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
"rsync server on the other end has incompatible" \
"protocol. Make sure you have the same version of" \
"rsync on all nodes."
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
;;
22) RC=12 # ENOMEM
;;
*) RC=255 # unknown error
;;
esac
exit $RC
fi
MDEV-25975 innodb_disallow_writes causes shutdown to hang We will remove the parameter innodb_disallow_writes because it is badly designed and implemented. The parameter was never allowed at startup. It was only internally used by Galera snapshot transfer. If a user executed SET GLOBAL innodb_disallow_writes=ON; the server could hang even on subsequent read operations. During Galera snapshot transfer, we will block writes to implement an rsync friendly snapshot, as follows: sst_flush_tables() will acquire a global lock by executing FLUSH TABLES WITH READ LOCK, which will block any writes at the high level. sst_disable_innodb_writes(), invoked via ha_disable_internal_writes(true), will suspend or disable InnoDB background tasks or threads that could initiate writes. As part of this, log_make_checkpoint() will be invoked to ensure that anything in the InnoDB buf_pool.flush_list will be written to the data files. This has the nice side effect that the Galera joiner will avoid crash recovery. The changes to sql/wsrep.cc and to the tests are based on a prototype that was developed by Jan Lindström. Reviewed by: Jan Lindström
2022-04-06 07:06:49 +02:00
wsrep_log_info "Transfer of normal directories done"
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
if [ -d "$ib_home_dir" ]; then
Fixes after review and correction of the problems caused by the fact that during the SST innodb plugin is not yet initialized, as well as problems with running tests from the root user (not directly related to the MDEV-10754).
2018-08-09 04:24:12 +02:00
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
# Transfer InnoDB data files
rsync ${STUNNEL:+--rsh="$STUNNEL"} \
--owner --group --perms --links --specials \
--ignore-times --inplace --dirs --delete --quiet \
$WHOLE_FILE_OPT -f '+ /ibdata*' -f '+ /ib_lru_dump' \
-f '- **' "$ib_home_dir/" \
"rsync://$WSREP_SST_OPT_ADDR-data_dir" >&2 || RC=$?
Fixes after review and correction of the problems caused by the fact that during the SST innodb plugin is not yet initialized, as well as problems with running tests from the root user (not directly related to the MDEV-10754).
2018-08-09 04:24:12 +02:00
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
if [ $RC -ne 0 ]; then
wsrep_log_error "rsync innodb_data_home_dir returned code $RC:"
exit 255 # unknown error
fi
MDEV-25975 innodb_disallow_writes causes shutdown to hang We will remove the parameter innodb_disallow_writes because it is badly designed and implemented. The parameter was never allowed at startup. It was only internally used by Galera snapshot transfer. If a user executed SET GLOBAL innodb_disallow_writes=ON; the server could hang even on subsequent read operations. During Galera snapshot transfer, we will block writes to implement an rsync friendly snapshot, as follows: sst_flush_tables() will acquire a global lock by executing FLUSH TABLES WITH READ LOCK, which will block any writes at the high level. sst_disable_innodb_writes(), invoked via ha_disable_internal_writes(true), will suspend or disable InnoDB background tasks or threads that could initiate writes. As part of this, log_make_checkpoint() will be invoked to ensure that anything in the InnoDB buf_pool.flush_list will be written to the data files. This has the nice side effect that the Galera joiner will avoid crash recovery. The changes to sql/wsrep.cc and to the tests are based on a prototype that was developed by Jan Lindström. Reviewed by: Jan Lindström
2022-04-06 07:06:49 +02:00
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
wsrep_log_info "Transfer of InnoDB data files done"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
fi
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
if [ -d "$ib_log_dir" ]; then
MDEV-25975 innodb_disallow_writes causes shutdown to hang We will remove the parameter innodb_disallow_writes because it is badly designed and implemented. The parameter was never allowed at startup. It was only internally used by Galera snapshot transfer. If a user executed SET GLOBAL innodb_disallow_writes=ON; the server could hang even on subsequent read operations. During Galera snapshot transfer, we will block writes to implement an rsync friendly snapshot, as follows: sst_flush_tables() will acquire a global lock by executing FLUSH TABLES WITH READ LOCK, which will block any writes at the high level. sst_disable_innodb_writes(), invoked via ha_disable_internal_writes(true), will suspend or disable InnoDB background tasks or threads that could initiate writes. As part of this, log_make_checkpoint() will be invoked to ensure that anything in the InnoDB buf_pool.flush_list will be written to the data files. This has the nice side effect that the Galera joiner will avoid crash recovery. The changes to sql/wsrep.cc and to the tests are based on a prototype that was developed by Jan Lindström. Reviewed by: Jan Lindström
2022-04-06 07:06:49 +02:00
Merge branch '10.6' into '10.11'
2024-09-17 01:21:26 +02:00
# second, we transfer the InnoDB log file
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
rsync ${STUNNEL:+--rsh="$STUNNEL"} \
--owner --group --perms --links --specials \
--ignore-times --inplace --dirs --delete --quiet \
Merge branch '10.6' into '10.11'
2024-09-17 01:21:26 +02:00
$WHOLE_FILE_OPT -f '+ /ib_logfile0' \
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
-f '- **' "$ib_log_dir/" \
"rsync://$WSREP_SST_OPT_ADDR-log_dir" >&2 || RC=$?
if [ $RC -ne 0 ]; then
wsrep_log_error "rsync innodb_log_group_home_dir returned code $RC:"
exit 255 # unknown error
fi
wsrep_log_info "Transfer of InnoDB log files done"
MDEV-30157: Galera SST doesn't properly handle undo* files from innodb This fix adds separate handling for "undo*" files that contain undo logs as part of innodb files and adds a filter for undo* to the main filter used when initially transferring files with rsync.
2022-12-13 14:59:24 +01:00
fi
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
if [ "$ib_undo_dir" ]; then
MDEV-30157: Galera SST doesn't properly handle undo* files from innodb This fix adds separate handling for "undo*" files that contain undo logs as part of innodb files and adds a filter for undo* to the main filter used when initially transferring files with rsync.
2022-12-13 14:59:24 +01:00
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
# third, we transfer InnoDB undo logs
rsync ${STUNNEL:+--rsh="$STUNNEL"} \
--owner --group --perms --links --specials \
--ignore-times --inplace --dirs --delete --quiet \
$WHOLE_FILE_OPT -f '+ /undo*' \
-f '- **' "$ib_undo_dir/" \
"rsync://$WSREP_SST_OPT_ADDR-undo_dir" >&2 || RC=$?
if [ $RC -ne 0 ]; then
wsrep_log_error "rsync innodb_undo_dir returned code $RC:"
exit 255 # unknown error
fi
wsrep_log_info "Transfer of InnoDB undo logs done"
MDEV-30220: rsync SST completely ignores aria-log-dir-path This commit adds support for the --aria-log-dir-path option on the command line and for the aria-log-dir-path option in the configuration file to the SST scripts, since before this change these parameters were completely ignored during SST - SST scripts assumed that aria logs files are always located in the same directory as logs for innodb. Tests for this change will be added as a separate commit, along with tests for MDEV-30157 and MDEV-28669.
2022-12-13 15:44:24 +01:00
fi
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
if [ "$ar_log_dir" ]; then
# fourth, we transfer Aria logs
rsync ${STUNNEL:+--rsh="$STUNNEL"} \
--owner --group --perms --links --specials \
--ignore-times --inplace --dirs --delete --quiet \
$WHOLE_FILE_OPT -f '+ /aria_log_control' -f '+ /aria_log.*' \
-f '- **' "$ar_log_dir/" \
"rsync://$WSREP_SST_OPT_ADDR-aria_log" >&2 || RC=$?
if [ $RC -ne 0 ]; then
wsrep_log_error "rsync aria_log_dir_path returned code $RC:"
exit 255 # unknown error
fi
wsrep_log_info "Transfer of Aria logs done"
fi
MDEV-25975 innodb_disallow_writes causes shutdown to hang We will remove the parameter innodb_disallow_writes because it is badly designed and implemented. The parameter was never allowed at startup. It was only internally used by Galera snapshot transfer. If a user executed SET GLOBAL innodb_disallow_writes=ON; the server could hang even on subsequent read operations. During Galera snapshot transfer, we will block writes to implement an rsync friendly snapshot, as follows: sst_flush_tables() will acquire a global lock by executing FLUSH TABLES WITH READ LOCK, which will block any writes at the high level. sst_disable_innodb_writes(), invoked via ha_disable_internal_writes(true), will suspend or disable InnoDB background tasks or threads that could initiate writes. As part of this, log_make_checkpoint() will be invoked to ensure that anything in the InnoDB buf_pool.flush_list will be written to the data files. This has the nice side effect that the Galera joiner will avoid crash recovery. The changes to sql/wsrep.cc and to the tests are based on a prototype that was developed by Jan Lindström. Reviewed by: Jan Lindström
2022-04-06 07:06:49 +02:00
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
# then, we parallelize the transfer of database directories,
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
# use '.' so that path concatenation works:
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
backup_threads=$(parse_cnf '--mysqld|sst' 'backup-threads')
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
if [ -z "$backup_threads" ]; then
get_proc
backup_threads=$nproc
fi
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-30157: Galera SST doesn't properly handle undo* files from innodb This fix adds separate handling for "undo*" files that contain undo logs as part of innodb files and adds a filter for undo* to the main filter used when initially transferring files with rsync.
2022-12-13 14:59:24 +01:00
cd "$DATA"
MDEV-29893: SST fails when having datadir set to a symlink SST for mariabackup may not destroy old files if datadir or other working directory is declared as a symlink due to the lack of the "-L" option among the find utility options, similarly SST for rsync in some cases may not transfer data directories if they are created as symlinks. This fix adds the missing option and generally unifies the work with find utility options to avoid failures in the interpretation of directories and regular expressions.
2023-10-10 11:56:19 +02:00
findopt='-L'
[ "$OS" = 'FreeBSD' ] && findopt="$findopt -E"
find $findopt . -maxdepth 1 -mindepth 1 -type d -not -name 'lost+found' \
MDEV-31332: Galera rsync sst to ignore .snapshot/ files .snapshot exists as a directory on NetApp storage and should not be copied during the sst process. Thanks Daniel Czadek for the bug report. Signed-off-by: Julius Goryavsky <julius.goryavsky@mariadb.com>
2023-07-18 09:04:05 +02:00
-not -name '.zfs' -not -name .snapshot -print0 \
MDEV-29893: SST fails when having datadir set to a symlink SST for mariabackup may not destroy old files if datadir or other working directory is declared as a symlink due to the lack of the "-L" option among the find utility options, similarly SST for rsync in some cases may not transfer data directories if they are created as symlinks. This fix adds the missing option and generally unifies the work with find utility options to avoid failures in the interpretation of directories and regular expressions.
2023-10-10 11:56:19 +02:00
| xargs -I{} -0 -P $backup_threads \
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
rsync ${STUNNEL:+--rsh="$STUNNEL"} \
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
--owner --group --perms --links --specials --ignore-times \
--inplace --recursive --delete --quiet $WHOLE_FILE_OPT \
MDEV-30157: Galera SST doesn't properly handle undo* files from innodb This fix adds separate handling for "undo*" files that contain undo logs as part of innodb files and adds a filter for undo* to the main filter used when initially transferring files with rsync.
2022-12-13 14:59:24 +01:00
-f '- $ib_home_dir/ib_lru_dump' \
-f '- $ib_home_dir/ibdata*' \
-f '- $ib_undo_dir/undo*' \
-f '- $ib_log_dir/ib_logfile[0-9]*' \
MDEV-30220: rsync SST completely ignores aria-log-dir-path This commit adds support for the --aria-log-dir-path option on the command line and for the aria-log-dir-path option in the configuration file to the SST scripts, since before this change these parameters were completely ignored during SST - SST scripts assumed that aria logs files are always located in the same directory as logs for innodb. Tests for this change will be added as a separate commit, along with tests for MDEV-30157 and MDEV-28669.
2022-12-13 15:44:24 +01:00
-f '- $ar_log_dir/aria_log_control' \
-f '- $ar_log_dir/aria_log.*' \
MDEV-32344: IST failed with ssl-mode=VERIFY_CA This commit fixes a bug where IST could be rejected in favor of SST when ssl-mode=VERIFY_CA and when mariabackup is used. It also contains a test and small code simplifications that will make it easier to find bugs in the future.
2023-12-07 01:29:57 +01:00
"$DATA/{}/" \
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
"rsync://$WSREP_SST_OPT_ADDR/{}" >&2 || RC=$?
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-10432: Post-fix after merging PR#205
2016-11-08 14:35:57 +01:00
cd "$OLD_PWD"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
if [ $RC -ne 0 ]; then
wsrep_log_error "find/rsync returned code $RC:"
exit 255 # unknown error
fi
MDEV-25975 innodb_disallow_writes causes shutdown to hang We will remove the parameter innodb_disallow_writes because it is badly designed and implemented. The parameter was never allowed at startup. It was only internally used by Galera snapshot transfer. If a user executed SET GLOBAL innodb_disallow_writes=ON; the server could hang even on subsequent read operations. During Galera snapshot transfer, we will block writes to implement an rsync friendly snapshot, as follows: sst_flush_tables() will acquire a global lock by executing FLUSH TABLES WITH READ LOCK, which will block any writes at the high level. sst_disable_innodb_writes(), invoked via ha_disable_internal_writes(true), will suspend or disable InnoDB background tasks or threads that could initiate writes. As part of this, log_make_checkpoint() will be invoked to ensure that anything in the InnoDB buf_pool.flush_list will be written to the data files. This has the nice side effect that the Galera joiner will avoid crash recovery. The changes to sql/wsrep.cc and to the tests are based on a prototype that was developed by Jan Lindström. Reviewed by: Jan Lindström
2022-04-06 07:06:49 +02:00
wsrep_log_info "Transfer of data done"
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
[ -f "$BINLOG_TAR_FILE" ] && rm "$BINLOG_TAR_FILE"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
else # BYPASS
wsrep sst scripts: removing extra blank lines and spaces Removed numerous extra blank lines and spaces that interfere with reading and understanding program code, making it more difficult to find errors in scripts. I also removed all extra trailing spaces at the ends of lines, which lead to marking extra lines as changes (in subsequent changes). The amount of indentation in some parts of the code has also been normalized.
2021-04-15 13:53:28 +02:00
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
wsrep_log_info "Bypassing state dump."
MDEV-6594: Use separate domain_id for Galera transactions
2015-02-28 04:33:41 +01:00
# Store donor's wsrep GTID (state ID) and wsrep_gtid_domain_id
# (separated by a space).
STATE="$WSREP_SST_OPT_GTID $WSREP_SST_OPT_GTID_DOMAIN_ID"
wsrep sst scripts: removing extra blank lines and spaces Removed numerous extra blank lines and spaces that interfere with reading and understanding program code, making it more difficult to find errors in scripts. I also removed all extra trailing spaces at the ends of lines, which lead to marking extra lines as changes (in subsequent changes). The amount of indentation in some parts of the code has also been normalized.
2021-04-15 13:53:28 +02:00
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
fi
MDEV-25975 innodb_disallow_writes causes shutdown to hang We will remove the parameter innodb_disallow_writes because it is badly designed and implemented. The parameter was never allowed at startup. It was only internally used by Galera snapshot transfer. If a user executed SET GLOBAL innodb_disallow_writes=ON; the server could hang even on subsequent read operations. During Galera snapshot transfer, we will block writes to implement an rsync friendly snapshot, as follows: sst_flush_tables() will acquire a global lock by executing FLUSH TABLES WITH READ LOCK, which will block any writes at the high level. sst_disable_innodb_writes(), invoked via ha_disable_internal_writes(true), will suspend or disable InnoDB background tasks or threads that could initiate writes. As part of this, log_make_checkpoint() will be invoked to ensure that anything in the InnoDB buf_pool.flush_list will be written to the data files. This has the nice side effect that the Galera joiner will avoid crash recovery. The changes to sql/wsrep.cc and to the tests are based on a prototype that was developed by Jan Lindström. Reviewed by: Jan Lindström
2022-04-06 07:06:49 +02:00
wsrep_log_info "Sending continue to donor"
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
echo 'continue' # now server can resume updating data
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
echo "$STATE" > "$MAGIC_FILE"
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
if [ -n "$WSREP_SST_OPT_REMOTE_PSWD" ]; then
# Let joiner know that we know its secret
echo "$SECRET_TAG $WSREP_SST_OPT_REMOTE_PSWD" >> "$MAGIC_FILE"
fi
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
if [ $WSREP_SST_OPT_BYPASS -ne 0 ]; then
echo "$BYPASS_TAG" >> "$MAGIC_FILE"
fi
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
rsync ${STUNNEL:+--rsh="$STUNNEL"} \
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
--archive --quiet --checksum "$MAGIC_FILE" \
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
"rsync://$WSREP_SST_OPT_ADDR" >&2 || RC=$?
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
rm "$MAGIC_FILE"
MDEV-24097: galera[_3nodes] suite tests in MTR sporadically fails This is the first part of the fixes for MDEV-24097. This commit contains the fixes for instability when testing Galera and when restarting nodes quickly: 1) Protection against a "stuck" old SST process during the execution of the new SST (after restarting the node) is now implemented for mariabackup / xtrabackup, which should help to avoid almost all conflicts due to the use of the same ports - both during testing with mtr, so and when restarting nodes quickly in a production environment. 2) Added more protection to scripts against unexpected return of the rc != 0 (in the commands for deleting temporary files, etc). 3) Added protection against unexpected crashes during binlog transfer (in SST scripts for rsync). 4) Spaces and some special characters in binlog filenames shouldn't be a problem now (at the script level). 5) Daemon process termination tracking has been made more robust against crashes due to unexpected termination of the previous SST process while new scripts are running. 6) Reading ssl encryption parameters has been moved from specific SST scripts to a common wsrep_sst_common.sh script, which allows unified error handling, unified diagnostics and simplifies script revisions in the future. 7) Improved diagnostics of errors related to the use of openssl. 8) Corrections have been made for xtrabackup-v2 (both in tests and in the script code) that restore the work of xtrabackup with updated versions of innodb. 9) Fixed some tests for galera_3nodes, although the complete solution for the problem of starting three nodes at the same time on fast machines will be done in a separate commit. No additional tests are required as this commit fixes problems with existing tests.
2021-12-23 14:19:45 +01:00
if [ $RC -ne 0 ]; then
wsrep_log_error "rsync $MAGIC_FILE returned code $RC:"
exit 255 # unknown error
fi
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
echo "done $STATE"
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
if [ -n "$STUNNEL" ]; then
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
rm "$STUNNEL_CONF"
[ -f "$STUNNEL_PID" ] && rm "$STUNNEL_PID"
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
fi
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
else # joiner
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
check_sockets_utils
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
galera SST scripts: moving common code to wsrep_sst_common file
2024-09-11 18:53:24 +02:00
create_dirs
MDEV-26377: Stricter validation of ssl-mode values This commit adds validation of the values of the ssl-mode parameter in SSL scripts, since now only a basic check for the presence of the "VERIFY_" prefix is performed there to detect "VERIFY_IDENTITY" and "VERIFY_CA", but all other values are not checked at all. In addition, this commit removes leading and trailing spaces from parameter values that SST scripts read from configuration files or from the command line so that they do not interfere with parameter checks and substitutions. Parameter substitution has been made more robust against characters in strings that the shell might erroneously interpret as regexp.
2022-02-22 12:34:58 +01:00
ADDR="$WSREP_SST_OPT_HOST"
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
RSYNC_PORT="$WSREP_SST_OPT_PORT"
RSYNC_ADDR="$WSREP_SST_OPT_HOST"
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
RSYNC_ADDR_UNESCAPED="$WSREP_SST_OPT_HOST_UNESCAPED"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
trap cleanup_joiner EXIT
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
touch "$SST_PROGRESS_FILE"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
if [ -n "${MYSQL_TMP_DIR:-}" ]; then
MW-366 Improved support for IPv6 networks - made mysqld and SST scripts to recognize []-escaped IPv6 addresses - pulled in latest Percona and MariaDB updates to SST scripts - instruct netcat and socat in wsrep_sst_xtrabackup-v2 to listen on IPv6 socket via sockopt parameter in the [sst] section of my.cnf In summary, wsrep_node_address and wsrep_sst_receive_address can now be set to IPv6 addresses escaped by []. Rsync SST works out ouf the box thanks to rsync daemon listening on both IPv4 and IPv6 sockets by default. For xtrabackup SST onver IPv6 one needs to set sockopt in the [sst] section of joiner's configuration file to ",pf=ip6" if using socat as a streamer or to "-6" if using netcat.
2017-03-03 21:28:27 +01:00
SILENT="log file = $MYSQL_TMP_DIR/rsyncd.log"
when running mtr tests don't let galera-started rsyncd to log to syslog
2014-10-02 18:54:01 +02:00
else
MW-366 Improved support for IPv6 networks - made mysqld and SST scripts to recognize []-escaped IPv6 addresses - pulled in latest Percona and MariaDB updates to SST scripts - instruct netcat and socat in wsrep_sst_xtrabackup-v2 to listen on IPv6 socket via sockopt parameter in the [sst] section of my.cnf In summary, wsrep_node_address and wsrep_sst_receive_address can now be set to IPv6 addresses escaped by []. Rsync SST works out ouf the box thanks to rsync daemon listening on both IPv4 and IPv6 sockets by default. For xtrabackup SST onver IPv6 one needs to set sockopt in the [sst] section of joiner's configuration file to ",pf=ip6" if using socat as a streamer or to "-6" if using netcat.
2017-03-03 21:28:27 +01:00
SILENT=""
when running mtr tests don't let galera-started rsyncd to log to syslog
2014-10-02 18:54:01 +02:00
fi
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
cat << EOF > "$RSYNC_CONF"
pid file = $RSYNC_PID
use chroot = no
read only = no
timeout = 300
when running mtr tests don't let galera-started rsyncd to log to syslog
2014-10-02 18:54:01 +02:00
$SILENT
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
[$MODULE]
MDEV-32344: IST failed with ssl-mode=VERIFY_CA This commit fixes a bug where IST could be rejected in favor of SST when ssl-mode=VERIFY_CA and when mariabackup is used. It also contains a test and small code simplifications that will make it easier to find bugs in the future.
2023-12-07 01:29:57 +01:00
path = $DATA
MDEV-21709 ZFS snapdir=visible breaks Galera rsync SST replcation Fix for Galera rsync SST with the specific conditions listed in MDEV-21709 Exclude needs to be on receiving side too
2020-02-11 19:27:59 +01:00
exclude = .zfs
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
[$MODULE-log_dir]
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
path = $ib_log_dir
Fixes after review and correction of the problems caused by the fact that during the SST innodb plugin is not yet initialized, as well as problems with running tests from the root user (not directly related to the MDEV-10754).
2018-08-09 04:24:12 +02:00
[$MODULE-data_dir]
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
path = $ib_home_dir
MDEV-30157: Galera SST doesn't properly handle undo* files from innodb This fix adds separate handling for "undo*" files that contain undo logs as part of innodb files and adds a filter for undo* to the main filter used when initially transferring files with rsync.
2022-12-13 14:59:24 +01:00
[$MODULE-undo_dir]
path = $ib_undo_dir
MDEV-30220: rsync SST completely ignores aria-log-dir-path This commit adds support for the --aria-log-dir-path option on the command line and for the aria-log-dir-path option in the configuration file to the SST scripts, since before this change these parameters were completely ignored during SST - SST scripts assumed that aria logs files are always located in the same directory as logs for innodb. Tests for this change will be added as a separate commit, along with tests for MDEV-30157 and MDEV-28669.
2022-12-13 15:44:24 +01:00
[$MODULE-aria_log]
path = $ar_log_dir
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
EOF
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
# If the IP is local, listen only on it:
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
if is_local_ip "$RSYNC_ADDR_UNESCAPED"; then
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
RSYNC_EXTRA_ARGS="--address $RSYNC_ADDR_UNESCAPED"
STUNNEL_ACCEPT="$RSYNC_ADDR_UNESCAPED:$RSYNC_PORT"
MDEV-9903 - 10.2 : Check and run rsync daemon only in the needed IP See https://github.com/MariaDB/server/pull/235 I submit this code under the BSD-new license.
2016-10-03 12:30:12 +02:00
else
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
# Not local, possibly a NAT, listen on all interfaces:
wsrep sst scripts: removing extra blank lines and spaces Removed numerous extra blank lines and spaces that interfere with reading and understanding program code, making it more difficult to find errors in scripts. I also removed all extra trailing spaces at the ends of lines, which lead to marking extra lines as changes (in subsequent changes). The amount of indentation in some parts of the code has also been normalized.
2021-04-15 13:53:28 +02:00
RSYNC_EXTRA_ARGS=""
STUNNEL_ACCEPT="$RSYNC_PORT"
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
# Overwrite address with all:
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
RSYNC_ADDR='*'
MDEV-9903 - 10.2 : Check and run rsync daemon only in the needed IP See https://github.com/MariaDB/server/pull/235 I submit this code under the BSD-new license.
2016-10-03 12:30:12 +02:00
fi
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
if [ -z "$STUNNEL" ]; then
rsync --daemon --no-detach --port "$RSYNC_PORT" \
--config "$RSYNC_CONF" $RSYNC_EXTRA_ARGS &
wsrep sst scripts: removing extra blank lines and spaces Removed numerous extra blank lines and spaces that interfere with reading and understanding program code, making it more difficult to find errors in scripts. I also removed all extra trailing spaces at the ends of lines, which lead to marking extra lines as changes (in subsequent changes). The amount of indentation in some parts of the code has also been normalized.
2021-04-15 13:53:28 +02:00
RSYNC_REAL_PID=$!
MDEV-25880: rsync may be mistakenly killed when overlapping SST This commit fixes a bug was originally discovered during the galera_nbo_sst_slave mtr test for 10.6 branch. However it is relevant for all versions and can lead to intermittent SST crashes via rsync on very fast server restarts - when a new SST process (for example, after starting a new server instance) overlaps the old SST process started by the previous, already terminated server. This overlap can result in the new rsync being killed instead of the old rsync, or the pid file from the new rsync being killed, which then lead to problems.
2021-06-09 03:41:37 +02:00
TRANSFER_REAL_PID=$RSYNC_REAL_PID
TRANSFER_PID="$RSYNC_PID"
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
else
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
# Let's check if the path to the config file contains a space?
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
RSYNC_BIN=$(commandex 'rsync')
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
if [ "${RSYNC_CONF#* }" = "$RSYNC_CONF" ]; then
cat << EOF > "$STUNNEL_CONF"
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
key = $SSTKEY
cert = $SSTCERT
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
${CAFILE_OPT}
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
${CAPATH_OPT}
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
foreground = yes
pid = $STUNNEL_PID
debug = warning
client = no
MDEV-25759: is_local_ip function can come to incorrect conclusion The is_local_ip function that used in Galera SST scripts now incorrectly identifies ip-addresses falling under the "127.0.0.0/8" netmask as non-local ip, although they certainly belong to the loopback interface. This commit fixes this flaw.
2021-05-23 01:11:19 +02:00
${VERIFY_OPT}
${CHECK_OPT}
${CHECK_OPT_LOCAL}
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
[rsync]
accept = $STUNNEL_ACCEPT
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
exec = $RSYNC_BIN
MDEV-24962 addendum: improved handling of paths with spaces
2021-05-06 01:16:52 +02:00
execargs = rsync --server --daemon --config=$RSYNC_CONF .
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
EOF
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
else
# The path contains a space, so we will run it via
# shell with "eval" command:
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
export RSYNC_CMD="eval '$RSYNC_BIN' --server --daemon --config='$RSYNC_CONF' ."
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
cat << EOF > "$STUNNEL_CONF"
key = $SSTKEY
cert = $SSTCERT
${CAFILE_OPT}
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
${CAPATH_OPT}
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
foreground = yes
pid = $STUNNEL_PID
debug = warning
client = no
MDEV-25759: is_local_ip function can come to incorrect conclusion The is_local_ip function that used in Galera SST scripts now incorrectly identifies ip-addresses falling under the "127.0.0.0/8" netmask as non-local ip, although they certainly belong to the loopback interface. This commit fixes this flaw.
2021-05-23 01:11:19 +02:00
${VERIFY_OPT}
${CHECK_OPT}
${CHECK_OPT_LOCAL}
MDEV-25719: stunnel uses "verifyChain" without subject checks Another batch of changes that should make the SST process more reliable in all scenarios: 1) Added hostname or CN verification when stunnel is used with certificate chain verification (verifyChain = yes); 2) Added check for the absence of the stunnel utility for mtr tests; 3) Deletion of working files before and after SST is done more accurately; 4) rsync on joiner can be run even if the path to its configuration file contains spaces; 5) More accurate directory creation (for data files and for logs); 6) IST with mysqldump no longer turns off statement logging; 7) Reset password for mysqldump when password is empty but username is specified; 8) More reliable quoting when generating statements in wsrep_sst_mysqldump; 9) Added explicit generation of 2048-bit Diffie-Hellman parameters for sockat < 1.7.3, by analogy with xtrabackup; 10) Compression parameters for qpress are read from all suitable server groups in configuration file, as well as from the [sst] and [xtrabackup] groups; 11) Added a test that checks compression using qpress; 12) Checking for optional utilities is modified to work even if they implemented as built-in shell commands (unlikely on real systems, but more reliable).
2021-05-21 03:11:48 +02:00
[rsync]
accept = $STUNNEL_ACCEPT
exec = $SHELL
execargs = $SHELL -c \$RSYNC_CMD
EOF
fi
wsrep sst scripts: removing extra blank lines and spaces Removed numerous extra blank lines and spaces that interfere with reading and understanding program code, making it more difficult to find errors in scripts. I also removed all extra trailing spaces at the ends of lines, which lead to marking extra lines as changes (in subsequent changes). The amount of indentation in some parts of the code has also been normalized.
2021-04-15 13:53:28 +02:00
stunnel "$STUNNEL_CONF" &
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
STUNNEL_REAL_PID=$!
MDEV-25880: rsync may be mistakenly killed when overlapping SST This commit fixes a bug was originally discovered during the galera_nbo_sst_slave mtr test for 10.6 branch. However it is relevant for all versions and can lead to intermittent SST crashes via rsync on very fast server restarts - when a new SST process (for example, after starting a new server instance) overlaps the old SST process started by the previous, already terminated server. This overlap can result in the new rsync being killed instead of the old rsync, or the pid file from the new rsync being killed, which then lead to problems.
2021-06-09 03:41:37 +02:00
TRANSFER_REAL_PID=$STUNNEL_REAL_PID
TRANSFER_PID="$STUNNEL_PID"
Use stunnel during rsync SST if available (cherry picked from commit 1adc382c2fb4300059d130521a24a1dab141531e)
2018-02-12 22:08:57 +01:00
fi
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
if [ "${SSLMODE#VERIFY}" != "$SSLMODE" ]; then
MDEV-26377: Stricter validation of ssl-mode values This commit adds validation of the values of the ssl-mode parameter in SSL scripts, since now only a basic check for the presence of the "VERIFY_" prefix is performed there to detect "VERIFY_IDENTITY" and "VERIFY_CA", but all other values are not checked at all. In addition, this commit removes leading and trailing spaces from parameter values that SST scripts read from configuration files or from the command line so that they do not interfere with parameter checks and substitutions. Parameter substitution has been made more robust against characters in strings that the shell might erroneously interpret as regexp.
2022-02-22 12:34:58 +01:00
# backward-incompatible behavior:
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
CN=""
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
if [ -n "$SSTCERT" ]; then
galera SST scripts: parsing CN in certificates This commit contains a fix for the code that extracts and parses the CN (common name, domain name) record from certificates using the openssl utility. This code is also made common to the rsync and mariabackup scripts. There is also some systematization of the use of 'printf' and 'echo' builtins/utilities.
2024-04-25 00:13:02 +02:00
CN=$(openssl_getCN "$SSTCERT")
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
fi
MDEV-23580: WSREP_SST: [ERROR] rsync daemon port has been taken This commit contains a large set of further bug fixes and improvements to SST scripts for Galera, continuing the work that was started in MDEV-24962 to make SST scripts work smoothly in different network configurations (especially using ipv6) and with different environment settings: 1) The ipv6 addresses were incorrectly handled in the SST script for rsync (incorrect address substitution for establishing a connection, incorrect address substitution for bind, and so on); 2) Checking the locality of the ip-address in SST scripts did not support ipv6 addresses (such as "[::1]"), which were falsely identified as non-local ip, which further did not allow running two SSTs on different local addresses on the same machine. On the other hand, this bug masked some other errors (related to handling ipv6 addresses); 3) The code for checking the locality of the ip address was different in the SST scripts for rsync and for mysqldump, with individual flaws. This code is now made common and moved to wsrep_sst_common; 4) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions did not process ipv6 addresses correctly in all cases (not for all branches); 5) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) in the wait_for_listen() and check_pid_and_port() functions for some code branches could give a false positive result due to the textual match of prefixes in the port number and/or PID of the process; 6) Waiting for the start of the transport channel (socat, nc, rsync, stunnel) was supported through different utilities in SST scripts for mariabackup and for rsync, and with various minor flaws in the code. Now the code is still different in these scripts, but it supports a common set of utilities (lsof, ss, sockstat) and is synchronized across patterns that used to check the output of these utilities; 7) In SST via mariabackup, the signal about readiness to receive data is sometimes sent too early - immediately after listen(), and not after accept() (which are called by socat or netcat utility). 8) Checking availability of the some options of some utilities was done using the grep pattern, which easily gives false positives; 9) Common name (CN) for local addresses, if not explicitly specified, is now always replaced to "localhost" to avoid the need to generate many separate certificates for local addresses of one machine and not to depend on which the local address is currently used in test (ipv4 or ipv6, etc.); 10) In tests galera_sst_mariabackup_encrypt_with_key_server and galera_sst_rsync_encrypt_with_key_server the correct certificate is selected to avoid commonname (CN) mismatch problems; 11) Further refactoring to protect against spaces in file names. 12) Further general refactoring to eliminate bash-specific constructs or to improve code readability; 13) The code for setting options for the nc (netcat) utility was different in different scripts for SST - now it is made identical. 14) Fixed long-time broken encryption via xbcrypt in combination with mariabackup and added support for key-based encryption via openssl utility, which is now enabled by default for encrypt=1 mode (this default mode can be changed using a new configuration file option "encypt-format=openssl|xbcrypt", which can be placed in the [mysqld], [sst] or in the [xtrabackup] section) - this change will allow us to use and to test the encypt=1 encryption without installing non-standard third-party utilities.
2021-05-10 04:27:16 +02:00
MY_SECRET="$(wsrep_gen_secret)"
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
# Add authentication data to address
ADDR="$CN:$MY_SECRET@$WSREP_SST_OPT_HOST"
else
MY_SECRET="" # for check down in recv_joiner()
fi
MDEV-27181: Galera SST scripts should use ssl_capath for CA directory 1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA directory. The current implementation tries to automatically detect the path using the trailing slash in the ssl_ca variable value, but this approach is not compatible with the server configuration. Now, by analogy with the server, SST scripts also use a separate ssl_capath variable. In addition, a similar tcapath variable has been added for the old-style configuration (in the "sst" section). 2. Openssl utility detection made more reliable. 3. Removed extra spaces in automatically generated command lines - to simplify debugging of the SST scripts. 4. In general, the code for detecting the presence or absence of auxiliary utilities has been improved - it is made more reliable in some configurations (and for shells other than bash).
2021-12-13 02:15:57 +01:00
until check_pid_and_port "$TRANSFER_PID" $TRANSFER_REAL_PID \
"$RSYNC_ADDR_UNESCAPED" "$RSYNC_PORT"
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
do
sleep 0.2
done
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
echo "ready $ADDR:$RSYNC_PORT/$MODULE"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
# wait for SST to complete by monitoring magic file
MDEV-25818: RSYNC SST failed due to busy port This commit reduces the likelihood of getting a busy port on quick restarts with rsync SST (problem MDEV-25818) and fixes a number of other flaws in SST scripts, adds new functionality, and also synchronizes the xtrabackup-v2 script with the mariabackup script (the latter applies only to the 10.2 branch): 1) SST via rsync: rsync and stunnel does not always get the right time to complete by correctly handling SIGTERM. These utilities are now given more time to complete normally (via normal SIGTERM processing) before we move on to using "kill -9"; 2) SST via rsync: attempts to terminate an rsync or stunnel process (via "kill" utility) are only made if it did not terminated on its own; 3) SST via rsync: if a combination of stunnel and rsync is used, then we need to wait for both utilities to finish or stop, not just one of them; 4) The config file and pid file for stunnel are now deleted after successful completion of SST on the donor node; 5) The configs and pid files from rsync and stunnel should not be deleted unless these utilities succeed (or are sucessfully terminated) on the joiner node; 6) The configs and pid files now excluded from transfer via rsync; 7) Spaces in paths are now valid for config files as well (when used with SST via rsync or mariabackup / xtrabackup[-v2]); 8) SST via mariabackup: added preliminary verification of keys and certificates that are used when establishing a connection using SSL (to avoid long timeouts and improve diagnostics) - by analogy with how it is done for the xtrabackup-v2 (plus check for CA file), while that check is skipped if the user does not have openssl installed (or does not have diff utility); 9) Added backup-threads=<n> configuration option which adds "--parallel=<n>" for mariabackup / xtrabackup at backup and move-back stages; 10) Added encrypt-threads and encrypt-chunk-size configuration options for xbcrypt management (when xbcrypt is used); 11) Small optimization: checking the socat version and adding a file with parameters for 2048-bit Diffie-Hellman (if necessary) is done only if the user has not specified "dhparam=" in the "sockopt" option value; 12) SST via rsync now supports "backup-threads" configuration option (in server-related sections or in the "[sst]"); 13) Determining the number of available processors is now supported for FreeBSD + mariabackup/xtrabackup: before that we might have problems with "--compact" (rebuild indexes) or qpress on FreeBSD; 14) The check_pid() function should not raise an error state in the rare cases when the pid file was created, but it is empty, or if it is deleted right during the check, or when zero is read from the pid file; 15) Iproved templates that are used to check if a requested socket is "listening" when using the ss utility; 16) Shortened some other templates for socket state utilities; 17) Temporary files created by mariabackup / xtrabackup are moved to a separate subdirectory inside tmpdir (so they don't get mixed with other temporary files, which can make debugging more difficult); 18) 10.2 only: the script for SST via xtrabackup-v2 has been brought in full compliance with all the bugfixes made for mariabackup (as it previously contained many flaws compared to the updated script for mariabackup).
2021-05-29 19:54:25 +02:00
while [ ! -r "$MAGIC_FILE" ] && check_pid "$TRANSFER_PID" && \
galera SST scripts: removing obsolete xtrabackup_pid support Removed handling of the long-unsupported xtrabackup_pid file, as it is not even created by modern versions of mariabackup. Instead, added stopping of the asynchronous process that mariabackup runs (if it is still active) to the exception handler.
2024-09-10 03:45:19 +02:00
ps -p $WSREP_SST_OPT_PARENT >/dev/null 2>&1
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
do
sleep 1
done
galera SST scripts: removing obsolete xtrabackup_pid support Removed handling of the long-unsupported xtrabackup_pid file, as it is not even created by modern versions of mariabackup. Instead, added stopping of the asynchronous process that mariabackup runs (if it is still active) to the exception handler.
2024-09-10 03:45:19 +02:00
if ! ps -p $WSREP_SST_OPT_PARENT >/dev/null 2>&1; then
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
wsrep_log_error \
galera SST scripts: removing obsolete xtrabackup_pid support Removed handling of the long-unsupported xtrabackup_pid file, as it is not even created by modern versions of mariabackup. Instead, added stopping of the asynchronous process that mariabackup runs (if it is still active) to the exception handler.
2024-09-10 03:45:19 +02:00
"Parent mysqld process (PID: $WSREP_SST_OPT_PARENT)" \
"terminated unexpectedly."
kill -- -$WSREP_SST_OPT_PARENT
MDEV-15442 xtrabackup-v2 SST donor stuck in DONOR/DESYNCED state when joiner is killed SST transfer scripts rsync and maribackup now monitor parent process and will cleanup if process dies
2018-06-20 13:16:34 +02:00
sleep 1
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
exit 32
fi
MDEV-28423: Galera IST is failing on Joiner node This commit fixes an issue with IST handling in version 10.9 which is a regression after MDEV-26971 and related to trying to get a non-existent "total" tag on the IST branch (this tag is only defined in SST mode).
2022-05-06 02:38:36 +02:00
if [ ! -r "$MAGIC_FILE" ]; then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
# This message should cause joiner to abort:
MDEV-28423: Galera IST is failing on Joiner node This commit fixes an issue with IST handling in version 10.9 which is a regression after MDEV-26971 and related to trying to get a non-existent "total" tag on the IST branch (this tag is only defined in SST mode).
2022-05-06 02:38:36 +02:00
wsrep_log_info "rsync process ended without creating" \
"magic file ($MAGIC_FILE)"
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
exit 32
fi
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
MDEV-28423: Galera IST is failing on Joiner node This commit fixes an issue with IST handling in version 10.9 which is a regression after MDEV-26971 and related to trying to get a non-existent "total" tag on the IST branch (this tag is only defined in SST mode).
2022-05-06 02:38:36 +02:00
if [ -n "$MY_SECRET" ]; then
# Check donor supplied secret:
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
SECRET=$(grep -m1 -E "^$SECRET_TAG[[:space:]]" "$MAGIC_FILE" || :)
MDEV-28423: Galera IST is failing on Joiner node This commit fixes an issue with IST handling in version 10.9 which is a regression after MDEV-26971 and related to trying to get a non-existent "total" tag on the IST branch (this tag is only defined in SST mode).
2022-05-06 02:38:36 +02:00
SECRET=$(trim_string "${SECRET#$SECRET_TAG}")
if [ "$SECRET" != "$MY_SECRET" ]; then
wsrep_log_error "Donor does not know my secret!"
wsrep_log_info "Donor: '$SECRET', my: '$MY_SECRET'"
exit 32
fi
fi
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
if [ $WSREP_SST_OPT_BYPASS -eq 0 ]; then
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
if grep -m1 -qE "^$BYPASS_TAG([[:space:]]+.*)?\$" "$MAGIC_FILE"; then
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
readonly WSREP_SST_OPT_BYPASS=1
readonly WSREP_TRANSFER_TYPE='IST'
fi
fi
binlog_tar_present=0
if [ -f "$BINLOG_TAR_FILE" ]; then
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
binlog_tar_present=1
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
if [ $WSREP_SST_OPT_BYPASS -ne 0 ]; then
wsrep_log_warning "tar with binlogs transferred in the IST mode"
fi
fi
if [ $WSREP_SST_OPT_BYPASS -eq 0 -a -n "$WSREP_SST_OPT_BINLOG" ]; then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
# If it is SST (not an IST) or tar with binlogs is present
# among the transferred files, then we need to remove the
# old binlogs:
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
cd "$DATA"
# Clean up the old binlog files and index:
binlog_index="$WSREP_SST_OPT_BINLOG_INDEX"
if [ -f "$binlog_index" ]; then
while read bin_file || [ -n "$bin_file" ]; do
rm -f "$bin_file" || :
done < "$binlog_index"
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
rm "$binlog_index"
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
fi
binlog_cd=0
# Change the directory to binlog base (if possible):
if [ -n "$binlog_dir" -a "$binlog_dir" != '.' -a \
pre-MDEV-30157 & pre-MDEV-28669: fixes before the main corrections This commit adds even more correct handling of parameters with paths when they contain leading or trailing spaces and/or slashes. Also it fixes problems that occur when the user specified explicit paths to additional directories, but these paths match the specified path of the data directory - in this case, additional subdirectories should be treated (in relation to the data directory) in the same way as if these paths were not specified or as if they are implicitly specified as "." or "./". But prior to this fix, existing code treated any values as if they were completely separate directories, whether or not they actually point to the same location to which datadir points to - and this sometimes resulted in incorrect file transfers. This fix does not contain separate tests, as tests will be part of the main commit(s). This fix has been made as a separate commit to facilitate review for major substantive fixes related to MDEV-30157 and MDEV-28669.
2022-12-13 10:32:21 +01:00
"$binlog_dir" != "$DATA_DIR" -a -d "$binlog_dir" ]
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
then
binlog_cd=1
cd "$binlog_dir"
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
fi
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
# Clean up unindexed binlog files:
rm -f "$binlog_base".[0-9]* || :
[ $binlog_cd -ne 0 ] && cd "$DATA_DIR"
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
if [ $binlog_tar_present -ne 0 ]; then
MDEV-25880 part 2: Improving reliability of the SST scripts Additional improvements aimed at improving operational reliability of the SST scripts: 1) Script need to give rsync and stunnel a short time to terminate after "kill -9" before the first PID check using ps utility; 2) The temporary file used to create the binlog index could sometimes remain in the data directory if tar failed and then may be reused without being cleaned up (the next time when SST was run) - now it's fixed; 3) The temporary file used to build the binlog index is now created using mktemp and, if this variable is present in the configuration file, in tmpdir; 4) Checking the secret tag in SST via rsync is made faster and does not require creating a temporary file, which could remain in the data directory in case of failure; 5) Added "-F" option to grep to check the tag when using mariabackup/xtrabackup-v2 - to avoid possible collisions in case of special characters in the tag value (unlikely scenario, but the new check is more reliable).
2021-06-15 06:24:38 +02:00
# Create a temporary file:
tmpdir=$(parse_cnf '--mysqld|sst' 'tmpdir')
if [ -z "$tmpdir" ]; then
tmpfile="$(mktemp)"
MDEV-26441: Linux-dependent construct in SST scripts SST scripts currently use Linux-specific construction to create a temporary directory if the path prefix for that directory is specified by the user. This does not work with FreeBSD. This commit adds support for FreeBSD. No separate test required.
2021-09-20 12:10:53 +02:00
elif [ "$OS" = 'Linux' ]; then
MDEV-25880 part 2: Improving reliability of the SST scripts Additional improvements aimed at improving operational reliability of the SST scripts: 1) Script need to give rsync and stunnel a short time to terminate after "kill -9" before the first PID check using ps utility; 2) The temporary file used to create the binlog index could sometimes remain in the data directory if tar failed and then may be reused without being cleaned up (the next time when SST was run) - now it's fixed; 3) The temporary file used to build the binlog index is now created using mktemp and, if this variable is present in the configuration file, in tmpdir; 4) Checking the secret tag in SST via rsync is made faster and does not require creating a temporary file, which could remain in the data directory in case of failure; 5) Added "-F" option to grep to check the tag when using mariabackup/xtrabackup-v2 - to avoid possible collisions in case of special characters in the tag value (unlikely scenario, but the new check is more reliable).
2021-06-15 06:24:38 +02:00
tmpfile=$(mktemp "--tmpdir=$tmpdir")
MDEV-26441: Linux-dependent construct in SST scripts SST scripts currently use Linux-specific construction to create a temporary directory if the path prefix for that directory is specified by the user. This does not work with FreeBSD. This commit adds support for FreeBSD. No separate test required.
2021-09-20 12:10:53 +02:00
else
MDEV-27737 Wsrep SST scripts not working on FreeBSD - Changed SST scripts to use /usr/bin/env bash instead of /bin/bash for better portability. - Fixed use of mktemp on non-Linux platforms to produce temporary file instead of directory. Reviewed-by: Jan Lindström <jan.lindstrom@mariadb.com>
2022-02-03 13:06:25 +01:00
tmpfile=$(TMPDIR="$tmpdir"; mktemp)
MDEV-25880 part 2: Improving reliability of the SST scripts Additional improvements aimed at improving operational reliability of the SST scripts: 1) Script need to give rsync and stunnel a short time to terminate after "kill -9" before the first PID check using ps utility; 2) The temporary file used to create the binlog index could sometimes remain in the data directory if tar failed and then may be reused without being cleaned up (the next time when SST was run) - now it's fixed; 3) The temporary file used to build the binlog index is now created using mktemp and, if this variable is present in the configuration file, in tmpdir; 4) Checking the secret tag in SST via rsync is made faster and does not require creating a temporary file, which could remain in the data directory in case of failure; 5) Added "-F" option to grep to check the tag when using mariabackup/xtrabackup-v2 - to avoid possible collisions in case of special characters in the tag value (unlikely scenario, but the new check is more reliable).
2021-06-15 06:24:38 +02:00
fi
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
index_dir=$(dirname "$binlog_index");
pre-MDEV-30157 & pre-MDEV-28669: fixes before the main corrections This commit adds even more correct handling of parameters with paths when they contain leading or trailing spaces and/or slashes. Also it fixes problems that occur when the user specified explicit paths to additional directories, but these paths match the specified path of the data directory - in this case, additional subdirectories should be treated (in relation to the data directory) in the same way as if these paths were not specified or as if they are implicitly specified as "." or "./". But prior to this fix, existing code treated any values as if they were completely separate directories, whether or not they actually point to the same location to which datadir points to - and this sometimes resulted in incorrect file transfers. This fix does not contain separate tests, as tests will be part of the main commit(s). This fix has been made as a separate commit to facilitate review for major substantive fixes related to MDEV-30157 and MDEV-28669.
2022-12-13 10:32:21 +01:00
if [ -n "$index_dir" -a "$index_dir" != '.' -a \
"$index_dir" != "$DATA_DIR" ]
then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
[ ! -d "$index_dir" ] && mkdir -p "$index_dir"
fi
binlog_cd=0
pre-MDEV-30157 & pre-MDEV-28669: fixes before the main corrections This commit adds even more correct handling of parameters with paths when they contain leading or trailing spaces and/or slashes. Also it fixes problems that occur when the user specified explicit paths to additional directories, but these paths match the specified path of the data directory - in this case, additional subdirectories should be treated (in relation to the data directory) in the same way as if these paths were not specified or as if they are implicitly specified as "." or "./". But prior to this fix, existing code treated any values as if they were completely separate directories, whether or not they actually point to the same location to which datadir points to - and this sometimes resulted in incorrect file transfers. This fix does not contain separate tests, as tests will be part of the main commit(s). This fix has been made as a separate commit to facilitate review for major substantive fixes related to MDEV-30157 and MDEV-28669.
2022-12-13 10:32:21 +01:00
if [ -n "$binlog_dir" -a "$binlog_dir" != '.' -a \
"$binlog_dir" != "$DATA_DIR" ]
then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
[ ! -d "$binlog_dir" ] && mkdir -p "$binlog_dir"
binlog_cd=1
MDEV-27777: Some Galera tests fail on FreeBSD This commit fixes problems due to bugs and quirks in bsdtar (the FreeBSD version of tar). Separate tests are not required, because without these fixes, many other tests fail when tested in the FreeBSD environment. Also, the grep patterns for reading utility version numbers has been made more robust. The notation of some options of the "cut" utility has been changed.
2022-02-12 00:59:15 +01:00
cd "$binlog_dir"
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
fi
# Extracting binlog files:
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
wsrep_log_info "Extracting binlog files:"
wsrep scripts fixes for working on OpenBSD
2023-12-31 01:42:10 +01:00
if tar --version 2>/dev/null | grep -qw -E '^bsdtar'; then
MDEV-27777: Some Galera tests fail on FreeBSD This commit fixes problems due to bugs and quirks in bsdtar (the FreeBSD version of tar). Separate tests are not required, because without these fixes, many other tests fail when tested in the FreeBSD environment. Also, the grep patterns for reading utility version numbers has been made more robust. The notation of some options of the "cut" utility has been changed.
2022-02-12 00:59:15 +01:00
tar -tf "$BINLOG_TAR_FILE" > "$tmpfile" && \
tar -xvf "$BINLOG_TAR_FILE" > /dev/null || RC=$?
else
tar -xvf "$BINLOG_TAR_FILE" > "$tmpfile" && \
cat "$tmpfile" >&2 || RC=$?
fi
if [ $RC -ne 0 ]; then
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
wsrep_log_error "Error unpacking tar file with binlog files"
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
rm "$tmpfile"
MDEV-25880 part 2: Improving reliability of the SST scripts Additional improvements aimed at improving operational reliability of the SST scripts: 1) Script need to give rsync and stunnel a short time to terminate after "kill -9" before the first PID check using ps utility; 2) The temporary file used to create the binlog index could sometimes remain in the data directory if tar failed and then may be reused without being cleaned up (the next time when SST was run) - now it's fixed; 3) The temporary file used to build the binlog index is now created using mktemp and, if this variable is present in the configuration file, in tmpdir; 4) Checking the secret tag in SST via rsync is made faster and does not require creating a temporary file, which could remain in the data directory in case of failure; 5) Added "-F" option to grep to check the tag when using mariabackup/xtrabackup-v2 - to avoid possible collisions in case of special characters in the tag value (unlikely scenario, but the new check is more reliable).
2021-06-15 06:24:38 +02:00
exit 32
fi
# Rebuild binlog index:
MDEV-27524: Incorrect binlogs after Galera SST using rsync and mariabackup This commit adds correct handling of binlogs for SST using rsync or mariabackup. Before this fix, binlogs were handled incorrectly - - only one (last) binary log file was transferred during SST, which then led to various failures (for example, when trying to list all events from the binary log). These bugs were long masked by flaws in the primitive binlogs handling code in the SST scripts, which causing binary logs files to be erased after transfer or not added to the binlog index on the joiner node. Now the correct transfer of all binary logs (not just the last of the binary log files) has been implemented both for the rsync (at the script level) and for the mariabackup (at the level of the main utility code). This commit also adds a new sst_max_binlogs=<n> parameter, which can be located in the [sst] section or in the [xtrabackup] section (historically, supported for mariabackup only, not for rsync), or in one of the server sections. This parameter specifies the number of binary log files to be sent to the joiner node during SST. This option is added for compatibility with old SST scripting behavior, which can be emulated by setting the sst_max_binlogs=1 (although in general this can cause problems for the reasons described above). In addition, setting the sst_max_binlogs=0 can be used to suppress the transmission of binary logs to the joiner nodes during SST (although sometimes a single file with the current binary log can still be transmitted to the joiner, even with sst_max_binlogs=0, because this sometimes necessary in modes that involve the use of GTIDs with Galera). Also, this commit ensures correct handling of paths to various innodb files and directories in the SST scripts, and fixes some problems with this that existed in mariabackup utility (which were associated with incorrect handling of the innodb_data_dir parameter in some scenarios). In addition, this commit contains the following enhancements: 1) Added tests for mtr, which check the correct work with binlogs after SST (using rsync and mariabackup); 2) Added correct handling of slashes at the end of all paths that the SST script receives as parameters; 3) Improved parsing code for --mysqld-args parameters. Now it correctly processes the sequence "--" after the name of the one-letter option; 4) Checking the secret signature during joiner authentication is made independent of presence of bash (as a unix shell) in the system and diff utility no longer needed to check certificates compliance; 5) All directories that are necessary for the correct placement of various logs are automatically created by SST scripts in advance (before running mariabackup on the joiner node); 6) Removal of old binary logs on joiner is done using the binlog index (if it exists) (not only by fixed pattern that based on the current binlog name, as before); 7) Paths for placing binary logs are correctly processed if they are set as relative paths (to the datadir); 8) SST scripts are made even more resistant to spaces in filenames (now for binlogs); 9) In case of failure, SST scripts now always end with an exit code other than zero; 10) SST script for rsync now correctly create a tar file with the binlogs, even if the paths to them (in the binlog index file) are specified as a mix of absolute and relative paths, and even if they do not match with the datadir path specified in the current configuration settings.
2022-02-22 10:45:06 +01:00
[ $binlog_cd -ne 0 ] && cd "$DATA_DIR"
while read bin_file || [ -n "$bin_file" ]; do
echo "$binlog_dir${binlog_dir:+/}$bin_file" >> "$binlog_index"
MDEV-25880 part 2: Improving reliability of the SST scripts Additional improvements aimed at improving operational reliability of the SST scripts: 1) Script need to give rsync and stunnel a short time to terminate after "kill -9" before the first PID check using ps utility; 2) The temporary file used to create the binlog index could sometimes remain in the data directory if tar failed and then may be reused without being cleaned up (the next time when SST was run) - now it's fixed; 3) The temporary file used to build the binlog index is now created using mktemp and, if this variable is present in the configuration file, in tmpdir; 4) Checking the secret tag in SST via rsync is made faster and does not require creating a temporary file, which could remain in the data directory in case of failure; 5) Added "-F" option to grep to check the tag when using mariabackup/xtrabackup-v2 - to avoid possible collisions in case of special characters in the tag value (unlikely scenario, but the new check is more reliable).
2021-06-15 06:24:38 +02:00
done < "$tmpfile"
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
rm "$tmpfile"
MDEV-24962: Galera SST innobackupex-move ignores Environment settings After switching to the new mariabackup interface (instead of the outdated innobackupex interface, which is supported for compatibility), we need to explicitly pass a path to the datadir directory as a parameter, since in the new interface the value of this option is not automatically set in such a way that it always matches the SST/IST logic. This commit adds passing this option as an explicit parameter to mariabackup. This commit also removed unnecessary options that are not used and not supported by mariabackup. Also, numerous flaws in the common wsrep_sst_common script have been fixed: 1) There are many bash-specific constructs in the script that may not be supported by other interpreters, which can lead to the most unexpected errors during SST, because failures in the interpretation of bash-specific constructs lead to incorrect parsing of arguments; 2) There is parse_cnf() function which is often called by other scripts for the "mysqld" or "--mysqld" group, but it does not take into account the default group suffix, which leads to reading values only from the default group, which then leads to errors due to reading the default values instead of the values for a specific group; 3) Some options such as --user, --innodb-data-home-dir or --datadir are not removed from the --mysqld-args list, although they are processed inside scripts (and passing of these options funther may cause problems for mariabackup); 4) If an argument that the script understands is present in the --mysqld-args list twice, then this causes SST to fail, instead of reading the most recent value; 5) The "--host" parameter is technically still supported among the arguments of the SST scripts, but in reality scripts do not work with it as expected, especially if it has an IPv6 address; 6) If the port number is absent in the --address parameter value, but the port number is explicitly passed through the --port argument, then the scripts for mariabackup and xtrabackup-v2 fail; 7) If a new address interface is used (with the --address parameter), then automatic default port substitution is not performed, although it is supported for the legacy --host/--port interface. 8) If there are spaces in the parameter values after --mysqld_args, then their further transfer does not occur correctly, which causes mariabackup to fail during SST - the space splits the argument in such a way that it breaks the parsing of the following parameters; 9) If most of the parameters that are names or paths to the files or directories contain spaces, then SST scripts fail in an unpredictable way due to incorrect variable substitutions; 10) If the --log-bin option is passed among the arguments of myqlds (--mysqld-args) without a parameter, and the --binlog option is not specified, then the script cannot substitute the default name for binlog and cannot construct binlog name using the --log-basename argument (which is against server specifications); 11) Tail slashes are not removed from the directory names, which, upon further substitution, leads to the appearance of a double slash in the file paths; 12) The explicit --binlog parameter (which is now always transmitted from the server side) and the "hidden" --log-bin parameter in the list of arguments after --mysqld-args are perceived as two different parameters in different parts of the scripts, and if they are do not match for some reason, this will lead to failures during SST; Also, all new changes from the 10.6 branch have been migrated here, including the latest pull requests for authentication (only the part that concerns SST scripts). It also fixes dozens of other bugs in all SST scripts.
2021-04-28 01:39:31 +02:00
cd "$OLD_PWD"
fi
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
fi
wsrep sst scripts: removing extra blank lines and spaces Removed numerous extra blank lines and spaces that interfere with reading and understanding program code, making it more difficult to find errors in scripts. I also removed all extra trailing spaces at the ends of lines, which lead to marking extra lines as changes (in subsequent changes). The amount of indentation in some parts of the code has also been normalized.
2021-04-15 13:53:28 +02:00
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
# Remove special tags from the magic file, and from the output:
MDEV-28656: Inability to roll upgrade without stopping the Galera cluster
2022-06-08 15:36:28 +02:00
coords=$(head -n1 "$MAGIC_FILE")
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
wsrep_log_info "Galera co-ords from recovery: $coords"
echo "$coords" # Output : UUID:seqno wsrep_gtid_domain_id
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
fi
MDEV-28583: Galera: binlogs disappear after rsync IST This commit sends a flag indicating the presence of the "--bypass" option from the donor node to the joiner nodes during rsync IST, because without such a flag it is impossible to distinguish IST from the SST on the joiner nodes (in IST/SST scripts, because the "--bypass" option is still not passed to scripts from server code). Specifically, this fixes an issue with binary logs disappearing after IST (via rsync). There are also changes to diagnostic messages here that will make it easier to diagnose script-related problems in the future when debugging and when checking the logs. This commit also adds more robust signal handlers - to handle exceptions during script execution. These handlers won't mask some crashes and it also unifies exit codes between different scripts. These changes have already been helpful to debugging "bypass" flag handling.
2022-05-17 11:04:04 +02:00
wsrep_log_info "$WSREP_METHOD $WSREP_TRANSFER_TYPE completed on $WSREP_SST_OPT_ROLE"
MDEV-6247: Merge 10.0-galera to 10.1. Merged lp:maria/maria-10.0-galera up to revision 3879. Added a new functions to handler API to forcefully abort_transaction, producing fake_trx_id, get_checkpoint and set_checkpoint for XA. These were added for future possiblity to add more storage engines that could use galera replication.
2014-08-06 14:39:15 +02:00
exit 0
Reference in a new issue Copy permalink