Cluster Replication Configuration

The following sections cover configuration of Cluster Replication.

Replication Configuration on Node 1

Designate the node to start with. This will be the node that is used to cluster its data to the other nodes. When accessing the databases on the nodes for the first time use their instance ID as the password. Once the data is replicated to the remaining nodes in the cluster from Node 1, they will all use the same password as Node 1.

The MySQL configuration file is located at /etc/my.cnf.d/server.cnf. This file already has much of the configuration needed to get a cluster working. Change the cluster name as required by editing the wsrep_cluster_name="galera" value to the desired value. In this example, "signserver_cluster" is used. This value should be the same on all nodes in the cluster.

1. Create a backup of the system by running:
   

   # /opt/PrimeKey/support/system_backup.sh 

   CODE
   For more information on backing up SignServer Enterprise Cloud instances, refer to the SignServer Cloud Backup Guide.
2. Run the following commands to ensure that the remote systems and localhost can write to the database. Change<PASSWORD> to the desired password and the "172.16.0.%" to be valid for the VPC subnet used. The "%" character is a wildcard and can be used if desired. For example, if the internal address space is "10.10.1.0/24" then "10.10.1.%" could be used.
   NOTE If this configuration is being done in more than one VPC, change the subnet space or IP address for each subnet with the commands below. Three separate statements for each of the specific IP addresses for each node in the cluster can be created for tighter security if desired.
   

   # mysql -u root --password=<PASSWORD> -e "GRANT RELOAD, LOCK TABLES, REPLICATION CLIENT on *.* to 'repl_user'@'172.16.0.%' identified by '<PASSWORD>';"
   
   NEXT LINE ONLY NEEDED WHEN USING ADDITIONAL VPCS:
    # mysql -u root --password=<PASSWORD> -e "GRANT RELOAD, LOCK TABLES, REPLICATION CLIENT on *.* to 'repl_user'@'172.31.0.%' identified by '<PASSWORD>';"

   CODE
3. Edit the /etc/my.cnf.d/server.cnf file and look for the [galera] section, under the comment “# Galera Cluster Configuration”. Add the following lines to the section, changing the two “wsrep_cluster_address” IP addresses to the Node 2 and Node 3 IP addresses in the cluster, the value for “wsrep_node_name” for Node 1 and the “wsrep_node_address” to be the IP address for Node 1 if not already set:
   

   wsrep_cluster_name=signserver_cluster
   wsrep_cluster_address="gcomm://172.16.0.188,172.31.0.115"
   wsrep_node_name=SignServerNode1
   wsrep_node_address="172.16.0.202"

   CODE

Replication Configuration on Node 2

1. SSH into Node 2 and perform a backup:
   

   # /opt/PrimeKey/support/system_backup.sh

   CODE
2. Stop mysql on this node:
   

   # service mysql stop

   CODE

3. Edit the /etc/my.cnf.d/server.cnf file and look for the [galera] section, under the comment “# Galera Cluster Configuration”. Add the following lines to the section, changing the two “wsrep_cluster_address” IP addresses to the Node 1 and Node 3 IP addresses in the cluster, the value for “wsrep_node_name” for Node 2, and the “wsrep_node_address” to be the IP address for Node 2 if not already set. Also change the wsrep_sst_auth to be the password from node 1:

   [mysql]
    wsrep_cluster_name=signserver_cluster
    wsrep_cluster_address="gcomm://172.16.0.202,172.31.0.115"
    wsrep_node_name=SignServerNode2
    wsrep_node_address="172.16.0.188"
    wsrep_sst_auth=repl_user:<PASSWORD>

   CODE

WildFly Configuration for Node 2

• Edit the Wildfly datasource.properties file and update the password to the password used in the database:
  

  # vim /opt/PrimeKey/wildfly_config/datasource.properties 

  CODE

  NOTE Change DATABASE_PASSWORD= <PASSWORD> to the password of the main node that replicated the data. In this case this is the password from Node 1.

Replication Configuration on Node 3

1. SSH into Node 3 and perform a backup:
   

   # /opt/PrimeKey/support/system_backup.sh

   CODE
2. Stop mysql on this node:
   

   # service mysql stop

   CODE
3. Edit the /etc/my.cnf.d/server.cnf file and look for the [galera] section, under the comment “# Galera Cluster Configuration”. Add the following lines to the section, changing the two “wsrep_cluster_address” IP addresses to the Node 1 and Node 2 IP addresses in the cluster, the value for “wsrep_node_name” for Node 3 and the “wsrep_node_address” to be the IP address for Node 3 if not already set:
   

   [mysqld]
    wsrep_cluster_name=signserver_cluster
    wsrep_cluster_address="gcomm://172.16.0.202,172.16.0.188"
    wsrep_node_name=SignServerNode3
    wsrep_node_address="172.31.0.115"
    wsrep_sst_auth=repl_user:<PASSWORD>

   CODE

WildFly Configuration for Node 3

• Edit the Wildfly datasource.properties file and update the password to the password used in the database:

# vim /opt/PrimeKey/wildfly_config/datasource.properties

NOTE Change DATABASE_PASSWORD= <PASSWORD> to the password of the main node that replicated the data. In this case this is the password from Node 1.