This is the fifth in a series of posts reviewing methods for MySQL master discovery: the means by which an application connects to the master of a replication tree. Moreover, the means by which, upon master failover, it identifies and connects to the newly promoted master.<\/p>\n
These posts are not concerned with the manner by which the replication failure detection and recovery take place. I will share We discuss asynchronous (or semi-synchronous) replication, a classic single-master-multiple-replicas setup. A later post will briefly discuss synchronous replication (Galera\/XtraDB Cluster\/InnoDB Cluster).<\/p>\n Part 4<\/a> presented with an anti-pattern setup, where a proxy would infer the identify of the master by drawing conclusions from backend server checks. This led to split brains and undesired scenarios. The problem was the loss of context.<\/p>\n We re-introduce a service discovery component (illustrated in part 3<\/a>), such that:<\/p>\n In a failover\/service discovery\/proxy setup, there is clear ownership of duties:<\/p>\n Depending on the technologies used, we can further achieve:<\/p>\n We explain the setup using the following assumptions and scenarios:<\/p>\n <\/p>\n Master The proxy:<\/p>\n The app:<\/p>\n Master Everything is as before.<\/p>\n If the proxy kills existing connections to We wish to replace the master, for maintenance reasons. We successfully and gracefully promote This is a setup we use at GitHub in production. Our components are:<\/p>\n As mentioned earlier, the apps need not change anything. They connect to a name that is always resolved to proxy boxes. There is never a DNS change.<\/p>\n At the time of failover, the service discovery component must be up and available, to catch the change. Otherwise we do not strictly require it to be up at all times.<\/p>\n For high availability we will have multiple proxies. Each of whom must listen on changes to K\/V. Ideally the name ( See also:<\/p>\n An In the above:<\/p>\n See orchestrator configuration<\/a> documentation.<\/p>\n This is the fifth in a series of posts reviewing methods for MySQL master discovery: the means by which an application connects to the master of a replication tree. Moreover, the means by which, upon master failover, it identifies and connects to the newly promoted master. These posts are not concerned with the manner by […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"enabled":false},"version":2}},"categories":[5],"tags":[62,108,8],"class_list":["post-7869","post","type-post","status-publish","format-standard","hentry","category-mysql","tag-high-availability","tag-orchestrator","tag-replication"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p2bZZp-22V","_links":{"self":[{"href":"https:\/\/code.openark.org\/blog\/wp-json\/wp\/v2\/posts\/7869","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/code.openark.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/code.openark.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/code.openark.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/code.openark.org\/blog\/wp-json\/wp\/v2\/comments?post=7869"}],"version-history":[{"count":7,"href":"https:\/\/code.openark.org\/blog\/wp-json\/wp\/v2\/posts\/7869\/revisions"}],"predecessor-version":[{"id":7909,"href":"https:\/\/code.openark.org\/blog\/wp-json\/wp\/v2\/posts\/7869\/revisions\/7909"}],"wp:attachment":[{"href":"https:\/\/code.openark.org\/blog\/wp-json\/wp\/v2\/media?parent=7869"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/code.openark.org\/blog\/wp-json\/wp\/v2\/categories?post=7869"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/code.openark.org\/blog\/wp-json\/wp\/v2\/tags?post=7869"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}orchestrator<\/code> specific configuration\/advice, and point out where cross DC orchestrator\/raft<\/code> setup plays part in discovery itself, but for the most part any recovery tool such as MHA<\/code>, replication-manager<\/code>, severalnines<\/code> or other, is applicable.<\/p>\nMaster discovery via Service discovery and Proxy<\/h3>\n
\n
\n
\n
M<\/code>.<\/li>\n\n
cluster1-writer.example.net<\/code>, which resolves to a proxy box.<\/li>\nM<\/code> to promoted replica R<\/code>.<\/li>\n<\/ul>\nA non planned failover illustration #1<\/h3>\n
M<\/code> has died, the box had a power failure. R<\/code> gets promoted in its place. Our recovery tool:<\/p>\n\n
R<\/code> is the new master for cluster1<\/code>.<\/li>\n<\/ul>\n\n
R<\/code> is the new master, rewires all writes to go to R<\/code>.<\/li>\nM<\/code>.<\/li>\n<\/ul>\n\n
M<\/code> fail, it reconnects and gets through to R<\/code>.<\/li>\n<\/ul>\nA non planned failover illustration #2<\/h3>\n
M<\/code> gets network isolated for 10<\/code> seconds, during which time we failover. R<\/code> gets promoted.<\/p>\nM<\/code>, then the fact M<\/code> is back alive turns meaningless. No one gets through to M<\/code>. Clients were never aware of its identity anyhow, just as they are unaware of R<\/code>‘s identity.<\/p>\nPlanned failover illustration<\/h3>\n
R<\/code>.<\/p>\n\n
M<\/code> turned read-only.<\/li>\nR<\/code>.<\/li>\n<\/ul>\nDiscussion<\/h3>\n
\n
orchestrator<\/code> for failover tool.<\/li>\n\n
haproxy.cfg<\/code> configuration file<\/li>\nreload<\/code> haproxy<\/li>\n<\/ul>\n<\/li>\n<\/ul>\ncluster1-writer.example.net<\/code> in our example) resolves to any available proxy box.<\/p>\n\n
\n
Sample orchestrator configuration<\/h3>\n
orchestrator<\/code> configuration would look like this:<\/p>\n \"ApplyMySQLPromotionAfterMasterFailover\": true,\n \"KVClusterMasterPrefix\": \"mysql\/master\",\n \"ConsulAddress\": \"127.0.0.1:8500\",\n \"ZkAddress\": \"srv-a,srv-b:12181,srv-c\",\n \"PostMasterFailoverProcesses\": [\n \u201c\/just\/let\/me\/know about failover on {failureCluster}\u201c,\n ],\n<\/code><\/pre>\n\n
ConsulAddress<\/code> is specified, orchestrator<\/code> will update given Consul<\/em> setup with K\/V changes.<\/li>\n3.0.10<\/code>, ZooKeeper<\/em>, via ZkAddress<\/code>, is still not supported by orchestrator<\/code>.<\/li>\nPostMasterFailoverProcesses<\/code> is here just to point out hooks are not strictly required for the operation to run.<\/li>\n<\/ul>\nAll posts in this series<\/h3>\n
\n