江哥架构师笔记简介
Atlas是360团队开发的一套基于MySQL-Proxy基础之上的代理,修改了MySQL-Proxy的一些BUG,并且优化了很多东西。而且安装方便。配置的注释写的蛮详细的,都是中文。
Atlas官方链接: https://github.com/Qihoo360/Atlas/blob/master/README_ZH.md
Atlas下载链接: https://github.com/Qihoo360/Atlas/releases
使用的版本:https://github.com/Qihoo360/Atlas/releases/download/2.2.1/Atlas-2.2.1.el6.x86_64.rpm
还有一个中间件mycat,后面有机会再说
测试环境
环境描述: mysql使用的是:yum自带的msyql-server Centos6.9版本 mysql-master:192.168.170.12 mysql-slave:192.168.170.13 mysql-proxy:192.168.170.14 mysql-client:192.168.170.10
原理框图
此测试分为两步分,一部分是先配置好mysql主从模式,一部分配置atlas中间件
主从复制部分
此处只给出配置文件,以及关键步骤,详细过程查看前面的博文
192.168.170.12的配置文件
[root@master ~]#cat /etc/my.cnf [client] port = 3306 socket = /data/mysql/mysql.sock default-character-set = utf8 [mysqld] port = 3306 datadir=/data/mysql socket=/data/mysql/mysql.sock user=mysql symbolic-links=0 character-set-server = utf8 server-id = 12 skip-name-resolve slave-skip-errors = all log-bin=/data/mysql_binlog/mysql-bin binlog-ignore-db = mysql,information_schema binlog_format=mixed [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid
192.168.170.13的配置文件,需设置只读,以免出错
[root@master ~]#cat /etc/my.cnf [client] port = 3306 socket = /data/mysql/mysql.sock default-character-set = utf8 [mysqld] port = 3306 datadir=/data/mysql socket=/data/mysql/mysql.sock user=mysql symbolic-links=0 character-set-server = utf8 server-id = 13 skip-name-resolve slave-skip-errors = all read_only = 1 log-bin=/data/mysql_binlog/mysql-bin binlog-ignore-db = mysql,information_schema binlog_format=mixed relay_log=/data/mysql_binlog/mysql-relay [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid
192.168.170.12授权
[root@master ~]#mysql mysql> grant replication slave, replication client on *.* to 'rep_user'@'192.168.170.13' identified by '456789'; Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> flush tables with read lock; Query OK, 0 rows affected (0.00 sec) mysql> show master status; +------------------+----------+--------------+--------------------------+ | File | Position | Binlog_Do_DB | Binlog_Ignore_DB | +------------------+----------+--------------+--------------------------+ | mysql-bin.000004 | 360 | | mysql,information_schema | +------------------+----------+--------------+--------------------------+ 1 row in set (0.00 sec)
192.168.170.13授权
mysql> change master to master_host='192.168.170.12', master_user='rep_user', master_password='456789', master_log_file='mysql-bin.000004', master_log_pos=360; Query OK, 0 rows affected (0.04 sec) mysql> start slave; Query OK, 0 rows affected (0.00 sec) mysql> show slave status\G; *************************** 1. row *************************** Slave_IO_State: Waiting for master to send event Master_Host: 192.168.170.12 Master_User: rep_user Master_Port: 3306 Connect_Retry: 60 Master_Log_File: mysql-bin.000004 Read_Master_Log_Pos: 360 Relay_Log_File: mysql-relay.000002 Relay_Log_Pos: 251 Relay_Master_Log_File: mysql-bin.000004 Slave_IO_Running: Yes Slave_SQL_Running: Yes
192.168.170.12主从测试
mysql> create database abc;
Query OK, 1 row affected (0.00 sec)
mysql> use abc;
Database changed
mysql> create table if not exists hello (id int(10) primary key auto_increment, name varchar(50) not null);
Query OK, 0 rows affected (0.00 sec)
mysql> insert into hello (name) values ('andy');
Query OK, 1 row affected (0.00 sec)
mysql> select * from hello;
+----+------+
| id | name |
+----+------+
| 1 | andy |
+----+------+
1 row in set (0.00 sec)
#授权中间件所在的机器可以访问数据库。此命令会自动在从节点执行,中间件所在机器可以从从节点读取
mysql> grant all on *.* to 'root'@'192.168.170.14' identified by '2345';
Query OK, 0 rows affected (0.00 sec)
可以正常工作
注意:此处的ip地址为中间件所在机器的ip,中间件类似于nginx代理一样。中间件作为客户端去后端服务器操作,然后再返回给用户,因此只用授权中间件即可
限制用户ip的配置在中间件配置里面配置,或者中间件机器的防火墙里面限制
此处的密码是客户机要用的
atlas中间件配置
192.168.170.14安装配置
[root@master ~]#wget https://github.com/Qihoo360/Atlas/releases/download/2.2.1/Atlas-2.2.1.el6.x86_64.rpm [root@master ~]#yi ./Atlas-2.2.1.el6.x86_64.rpm #生成文件目录 [root@master /usr/local/mysql-proxy]#ll total 16 drwxr-xr-x 2 root root 4096 Dec 3 11:24 bin drwxr-xr-x 2 root root 4096 Dec 3 11:34 conf drwxr-xr-x 3 root root 4096 Dec 3 11:24 lib drwxr-xr-x 2 root root 4096 Dec 3 11:31 log bin目录下放的都是可执行文件 1. “encrypt”是用来生成MySQL密码加密的,在配置的时候会用到 2. “mysql-proxy”是MySQL自己的读写分离代理 3. “mysql-proxyd”是360二次开发的,后面有个“d”,服务的启动、重启、停止。都是用他来执行的 conf目录下放的是配置文件 1. “test.cnf”只有一个文件,用来配置代理的,可以使用vim来编辑 lib目录下放的是一些包,以及Atlas的依赖 log目录下放的是日志,如报错等错误信息的记录 生成密码文件 [root@master /usr/local/mysql-proxy/bin]#./encrypt 2345 AMzSG+x34Lw=
修改配置,360写的中文注释都很详细,根据注释来配置信息,其中比较重要,需要说明的配置如下:
[root@master /usr/local/mysql-proxy/conf]#cat test.cnf 这是用来登录到Atlas的管理员的账号与密码,与之对应的是“#Atlas监听的管理接口IP和端口”,也就是说需要设置管理员登录的端口, 默认端口是2345,也可以指定IP登录,指定IP后,其他的IP无法访问。可以通过mysql命令进入操作,方便测试,我这里没有指定IP和端口登录。 #管理接口的用户名 admin-username = user #管理接口的密码 admin-password = pwd #Atlas后端连接的MySQL主库的IP和端口,可设置多项,用逗号分隔 proxy-backend-addresses = 192.168.170.12:3306 #Atlas后端连接的MySQL从库的IP和端口,@后面的数字代表权重,用来作负载均衡,若省略则默认为1,可设置多项,用逗号分隔 proxy-read-only-backend-addresses = 192.168.170.13:3306@1 #用户名与其对应的加密过的MySQL密码,密码使用PREFIX/bin目录下的加密程序encrypt加密,下行的user1和user2为示例,将其替换为你的MySQL的用户名和加密密码! pwds = root:AMzSG+x34Lw= 这是设置工作接口与管理接口的,如果ip设置的”0.0.0.0”就是说任意IP都可以访问这个接口,当然也可以指定IP和端口,方便测试我这边没有指定, 工作接口的用户名密码与MySQL的账户对应的,管理员的用户密码与上面配置的管理员的用户密码对应。 #Atlas监听的工作接口IP和端口 proxy-address = 0.0.0.0:1234 #Atlas监听的管理接口IP和端口 admin-address = 0.0.0.0:2345
启动服务
[root@master /usr/local/mysql-proxy/bin]#./mysql-proxyd test start OK: MySQL-Proxy of test is started [root@master /usr/local/mysql-proxy/bin]#ps auxf | grep proxy root | \_ grep --color=auto proxy root /usr/local/mysql-proxy/bin/mysql-proxy --defaults-file=/usr/local/mysql-proxy/conf/test.cnf root \_ /usr/local/mysql-proxy/bin/mysql-proxy --defaults-file=/usr/local/mysql-proxy/conf/test.cnf tcp的1234和2345端口监听成功
防火墙修改
192.168.170.12防火墙设置,让从机器和代理机器进来即可 -A INPUT -s 192.168.170.13/32 -p tcp -m tcp --dport 3306 -j ACCEPT -A INPUT -s 192.168.170.14/32 -p tcp -m tcp --dport 3306 -j ACCEPT 192.168.170.13防火墙设置,只让代理机进来即可 -A INPUT -s 192.168.170.14/32 -p tcp -m tcp --dport 3306 -j ACCEPT 192.168.170.14防火墙设置,可以限制不同ip进来 -A INPUT -p tcp -m tcp --dport 2345 -j ACCEPT -A INPUT -p tcp -m tcp --dport 1234 -j ACCEPT
用客户机测试管理接口
[root@master ~]#mysql -h192.168.170.14 -P1234 -uroot -p2345
用客户机:192.168.170.10测试读写,同时在:192.168.170.12和192.168.170.13机器抓包
[root@master ~]#mysql -h192.168.170.14 -P1234 -uroot -p2345
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| abc |
| mysql |
| test |
+--------------------+
4 rows in set (0.00 sec)
mysql> use abc;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> select * from hello;
+----+------+
| id | name |
+----+------+
| 1 | andy |
+----+------+
1 row in set (0.01 sec)
mysql> insert hello (name) values ('bob');
Query OK, 1 row affected (0.02 sec)
mysql> select * from hello;
+----+------+
| id | name |
+----+------+
| 1 | andy |
| 2 | bob |
+----+------+
2 rows in set (0.00 sec)
抓包结果,读写分离成功,证明中间件机器是作为客户机代理到后端,而不是dnat方式。
192.168.170.14.43954 > 192.168.170.13.3306
.....,vq........"......
.....-.^.....show databases
11:39:44.389221 IP (tos 0x8, ttl 64, id 48508, offset 0, flags [DF], proto TCP (6), length 178)
192.168.170.13.3306 > 192.168.170.14.43954
.............,v............
.-...........1....def..SCHEMATA..Database.SCHEMA_NAME...@................"......information_schema.....abc.....mysql.....test.......".
11:39:44.389448 IP (tos 0x8, ttl 64, id 34771, offset 0, flags [DF], proto TCP (6), length 52)
192.168.170.14.34162 > 192.168.170.12.3306
E..[AJ@.@.#..........r....)..D.M....i......
..h../.[#....insert hello (name) values ('bob')
192.168.170.12.3306 > 192.168.170.14.34162
E..?t.@.@..............r.D.M..*#...........
./.^..h............
11:41:45.144805 IP (tos 0x8, ttl 64, id 16715, offset 0, flags [DF], proto TCP (6), length 52)
还可以进行压测等,具体看github
–
–
–
评论前必须登录!
注册