File: gr_ssl_on_admin_interface.result

package info (click to toggle)
mysql-8.0 8.0.43-3
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,273,924 kB
  • sloc: cpp: 4,684,605; ansic: 412,450; pascal: 108,398; java: 83,641; perl: 30,221; cs: 27,067; sql: 26,594; sh: 24,181; python: 21,816; yacc: 17,169; php: 11,522; xml: 7,388; javascript: 7,076; makefile: 2,194; lex: 1,075; awk: 670; asm: 520; objc: 183; ruby: 97; lisp: 86
file content (50 lines) | stat: -rw-r--r-- 2,348 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
 
include/group_replication.inc
Warnings:
Note	####	Sending passwords in plain text without SSL/TLS is extremely insecure.
Note	####	Storing MySQL user name or password information in the connection metadata repository is not secure and is therefore not recommended. Please consider using the USER and PASSWORD connection options for START REPLICA; see the 'START REPLICA Syntax' in the MySQL Manual for more information.
[connection server1]
#
# Setup the first member with a recovery user that requires SSL.
# The memmber has the admin interface configured and is exporting
# the admin-port as the donor port.
#
[connection server1]
# restart:--group_replication_local_address=GROUP_REPLICATION_LOCAL_ADDRESS --group_replication_group_seeds=GROUP_REPLICATION_GROUP_SEEDS --report_port=ADMIN_PORT
include/rpl_reconnect.inc
set session sql_log_bin=0;
CREATE USER 'rec_ssl_user'@'%' REQUIRE SSL;
GRANT replication slave ON *.* TO 'rec_ssl_user'@'%';
GRANT SERVICE_CONNECTION_ADMIN ON *.* TO 'rec_ssl_user'@'%';
set session sql_log_bin=1;
#
# Add some data and start the member
#
CREATE TABLE t1 (c1 INT NOT NULL PRIMARY KEY) ENGINE=InnoDB;
INSERT INTO t1 VALUES (1);
include/start_and_bootstrap_group_replication.inc
include/assert.inc [server1 is exporting admin-port for others members recovery]
#
# Configure a joining member to use SSL options on recovery and start it
#
[connection server2]
CHANGE REPLICATION SOURCE TO SOURCE_USER="rec_ssl_user" FOR CHANNEL "group_replication_recovery";
SET GLOBAL group_replication_recovery_use_ssl=1;
SET GLOBAL group_replication_recovery_ssl_ca= 'MYSQL_TEST_DIR/std_data/ca-cert-verify-san.pem';
SET GLOBAL group_replication_recovery_ssl_cert= 'MYSQL_TEST_DIR/std_data/client-cert-verify-san.pem';
SET GLOBAL group_replication_recovery_ssl_key= 'MYSQL_TEST_DIR/std_data/client-key-verify-san.pem';
include/start_group_replication.inc
#
# Check the data is there
#
include/assert.inc [On the recovered member, the table should exist and have 1 elements;]
#
# Clean up
#
[connection server1]
set session sql_log_bin=0;
DROP USER 'rec_ssl_user';
set session sql_log_bin=1;
DROP TABLE t1;
# restart:--group_replication_local_address=GROUP_REPLICATION_LOCAL_ADDRESS --group_replication_group_seeds=GROUP_REPLICATION_GROUP_SEEDS --report_port=ADMIN_PORT
include/rpl_reconnect.inc
include/group_replication_end.inc