MySQL Router 8.0.16
Key features
- log-rotation via SIGHUP
- HTTP server plugin
- flexible support for single/multi-PRIMARY Group Replication
Logrotation via SIGHUP
Sending a SIGHUP signal to the router process will now close and reopen the logfile.
It allows the integration with the logrotate to rotate and compress the Router’s logfiles.
HTTP server plugin
Support for running a HTTP server inside the mysqlrouter has been added
Motivation
The HTTP server plugin builds the foundation for features like:
- Monitoring
- Management
which will appear in the upcoming releases of MySQL Router.
In 8.0.16 it already supports:
- encrypted connections via TLS (up to 1.3 if linked against openssl 1.1.1)
- Authentication
- sending static-files
Configuration
The plugin is disabled by default and can be enabled by:
|
1
2
|
[http_server] port=8080 |
To enable HTTPS a certificate has to be provided:
|
1
2
3
4
5
|
[http_server] port=8443 ssl=1 ssl_cert=server-cert.pem ssl_key=server-key.pem |
To serve static files the http_server plugin needs the know the base-directory:
|
1
2
3
4
5
6
|
[http_server] port=8443 ssl=1 ssl_cert=server-cert.pem ssl_key=server-key.pem static_folder=/var/www/example.com/wwwroot/ |
To enforce authentication a hashed password storage is needed that can be greated by the new mysqlrouter_passwd utility:
|
1 |
$ mysqlrouter_passwd set /tmp/router.htpasswd example_user |
The file contains salted hashed passwords which can be used as authentication backend:
|
1
2
3
|
[http_auth_backend:example_backend] backend=file filename=/tmp/router.htpasswd |
Currently passwd file supports the salted functions:
- sha256-crypt (default)
- sha512-crypt
- pbkdf2-sha256
- pbkdf2-sha512
As last setup the router’s configuration has to connect the password storage with the http-server via a auth realm:
|
1
2
3
4
5
6
7
8
|
[http_auth_realm:secure_realm] backend=example_backend method=basic name=secret area [http_server] # ... require_realm=secure_realm |
Single/Multi-PRIMARY
MySQL Router’s bootstrap command generates the configuration for the MySQL Router in MySQL InnoDB cluster setups.
It sets up two ports:
- one for read-write connections
- one for read-only connections
Before 8.0.16, when MySQL Router detected a multi-PRIMARY Group Replication setup at bootstrap it generated only the “read-write” port which meant that if one of the PRIMARYs becomes a SECONDARY there would be no way to connect to it through the router.
In 8.0.16 the bootstrap has been changed to always generate a “read-only” port and route connections that come in via the read-only port to one of the PRIMARYs in case no SECONDARY exists currently (see routing-strategy=round-robin-with-fallback)
empty state.json fixed
MySQL 8.0.15 started to write the last known address of the metadata-servers into the state.json file.
In case there was a failure to reach the metadata-server’s an empty server-list was written to theĀ state.json which meant a Router wouldn’t be able to restart anymore. This has been fixed in 8.0.16 (see Bug #94057)