MHA + non-root user SSH equivalent configuration, mha non-rootssh

MHA + non-root user SSH equivalent configuration, mha non-rootssh

Environment: CentOS5.8

MySQL5.5.17

Experiment: Set up the MHA high-availability architecture (non-root user SSH equivalent configuration) SSH equivalent user configuration: concert port: 1314

MHA configuration file

[Concert @ mhamanager mha] $ more/etc/masterha_default.cnf
[Server default]
User = root
Password = mysql_admin
Ssh_user = concert
Ssh_port = 1314
Repl_user = repl
Repl_password = repl_pwd
Ping_interval = 3
Ping_type = select

 

[Concert @ mhamanager mha] $ more/etc/appl. cnf
[Server default]
Manager_workdir =/mha/appl
Manager_log =/mha/appl/manager. log
Remote_workdir =/mha/appl

[Server1]
Hostname = 192.168.66.88
Master_binlog_dir =/data/lib/mysql
Candidate_master = 1

[Server2]
Hostname = 192.168.66.89
Master_binlog_dir =/data/lib/mysql
Candidate_master = 1

[Server3]
Hostname = 192.168.66.120
No_master = 1
Port = 3307

 

Problem: After the non-root user SSH equivalence is configured, The masterha_check_ssh check is successful.

[Concert @ mhamanager ~] $/Usr/bin/masterha_check_ssh -- conf =/etc/appl. cnf
Tue Sep 2 15:06:01 2014-[info] Reading default extends atoins from/etc/masterha_default.cnf ..
Tue Sep 2 15:06:01 2014-[info] Reading application default deployments from/etc/appl. cnf ..
Tue Sep 2 15:06:01 2014-[info] Reading server deployments from/etc/appl. cnf ..
Tue Sep 2 15:06:01 2014-[info] Starting SSH connection tests ..
Tue Sep 2 15:06:01 2014-[debug]
Tue Sep 2 15:06:01 2014-[debug] Connecting via SSH from concert@192.168.66.88 (192.168.66.88: 1314) to concert@192.168.66.89 (192.168.66.89: 1314 )..
Tue Sep 2 15:06:01 2014-[debug] OK.
Tue Sep 2 15:06:01 2014-[debug] Connecting via SSH from concert@192.168.66.88 (192.168.66.88: 1314) to concert@192.168.66.120 (192.168.66.120: 1314 )..
Tue Sep 2 15:06:01 2014-[debug] OK.
Tue Sep 2 15:06:02 2014-[debug]
Tue Sep 2 15:06:01 2014-[debug] Connecting via SSH from concert@192.168.66.89 (192.168.66.89: 1314) to concert@192.168.66.88 (192.168.66.88: 1314 )..
Tue Sep 2 15:06:01 2014-[debug] OK.
Tue Sep 2 15:06:01 2014-[debug] Connecting via SSH from concert@192.168.66.89 (192.168.66.89: 1314) to concert@192.168.66.120 (192.168.66.120: 1314 )..
Tue Sep 2 15:06:02 2014-[debug] OK.
Tue Sep 2 15:06:02 2014-[debug]
Tue Sep 2 15:06:02 2014-[debug] Connecting via SSH from concert@192.168.66.120 (192.168.66.120: 1314) to concert@192.168.66.88 (192.168.66.88: 1314 )..
Tue Sep 2 15:06:02 2014-[debug] OK.
Tue Sep 2 15:06:02 2014-[debug] Connecting via SSH from concert@192.168.66.120 (192.168.66.120: 1314) to concert@192.168.66.89 (192.168.66.89: 1314 )..
Tue Sep 2 15:06:02 2014-[debug] OK.
Tue Sep 2 15:06:02 2014-[info] All SSH connection tests passed successfully.

However, the masterha_check_repl check fails.

[Concert @ mhamanager ~] $/Usr/bin/masterha_check_repl -- conf =/etc/appl. cnf
Tue Sep 2 17:10:08 2014-[info] Reading default extends atoins from/etc/masterha_default.cnf ..
Tue Sep 2 17:10:08 2014-[info] Reading application default deployments from/etc/appl. cnf ..
Tue Sep 2 17:10:08 2014-[info] Reading server deployments from/etc/appl. cnf ..
Tue Sep 2 17:10:08 2014-[info] MHA: MasterMonitor version 0.55.
Tue Sep 2 17:10:08 2014-[info] Dead Servers:
Tue Sep 2 17:10:08 2014-[info] Alive Servers:
Tue Sep 2 17:10:08 2014-[info] 192.168.66.88 (192.168.66.88: 3306)
Tue Sep 2 17:10:08 2014-[info] 192.168.66.89 (192.168.66.89: 3306)
Tue Sep 2 17:10:08 2014-[info] 192.168.66.120 (192.168.66.120: 3307)
Tue Sep 2 17:10:08 2014-[info] Alive Slaves:
Tue Sep 2 17:10:08 2014-[info] 192.168.66.89 (192.168.66.89: 3306) Version = 5.5.17-log (oldest major version between slaves) log-bin: enabled
Tue Sep 2 17:10:08 2014-[info] Replicating from 192.168.66.88 (192.168.66.88: 3306)
Tue Sep 2 17:10:08 2014-[info] Primary candidate for the new Master (candidate_master is set)
Tue Sep 2 17:10:08 2014-[info] 192.168.66.120 (192.168.66.120: 3307) Version = 5.5.17-log (oldest major version between slaves) log-bin: enabled
Tue Sep 2 17:10:08 2014-[info] Replicating from 192.168.66.88 (192.168.66.88: 3306)
Tue Sep 2 17:10:08 2014-[info] Not candidate for the new Master (no_master is set)
Tue Sep 2 17:10:08 2014-[info] Current Alive Master: 192.168.66.88 (192.168.66.88: 3306)
Tue Sep 2 17:10:08 2014-[info] Checking slave invocations ..
Tue Sep 2 17:10:08 2014-[info] Checking replication filtering settings ..
Tue Sep 2 17:10:08 2014-[info] binlog_do_db =, binlog_ignore_db =
Tue Sep 2 17:10:08 2014-[info] Replication filtering check OK.
Tue Sep 2 17:10:08 2014-[info] Starting SSH connection tests ..
Tue Sep 2 17:10:10 2014-[error] [/usr/lib/perl5/vendor_perl/MHA/MasterMonitor. pm, ln386] Error happend on checking events. SSH Configuration Check Failed!
At/usr/lib/perl5/vendor_perl/MHA/MasterMonitor. pm line 341
Tue Sep 2 17:10:10 2014-[error] [/usr/lib/perl5/vendor_perl/MHA/MasterMonitor. pm, ln482] Error happened on monitoring servers.
Tue Sep 2 17:10:10 2014-[info] Got exit code 1 (Not master dead ).

MySQL Replication Health is not OK!

Solution:

1. added the working directory permission of remote_workdir (the server running the MySQL instance). A log file is generated, and the directory owner is set to concert.

[Root @ master88 ~] # Chown-R concert: concert/mha/

2. Add the concert as a MySQL user group so that it has the permission to read the MySQL binary/relay log file and relay_log.info file, and write the log directory.

[Root @ bakmaster ~] # Usermod-g mysql concert

Check again

[Concert @ mhamanager mha] $/usr/bin/masterha_check_repl -- conf =/etc/appl. cnf
Wed Sep 3 22:27:41 2014-[info] Reading default export atoins from/etc/masterha_default.cnf ..
Wed Sep 3 22:27:41 2014-[info] Reading application default deployments from/etc/appl. cnf ..
Wed Sep 3 22:27:41 2014-[info] Reading server deployments from/etc/appl. cnf ..
Wed Sep 3 22:27:41 2014-[info] MHA: MasterMonitor version 0.55.
Wed Sep 3 22:27:41 2014-[info] Dead Servers:
Wed Sep 3 22:27:41 2014-[info] Alive Servers:
Wed Sep 3 22:27:41 2014-[info] 192.168.66.88 (192.168.66.88: 3306)
Wed Sep 3 22:27:41 2014-[info] 192.168.66.89 (192.168.66.89: 3306)
Wed Sep 3 22:27:41 2014-[info] 192.168.66.120 (192.168.66.120: 3307)
Wed Sep 3 22:27:41 2014-[info] Alive Slaves:
Wed Sep 3 22:27:41 2014-[info] 192.168.66.89 (192.168.66.89: 3306) Version = 5.5.17-log (oldest major version between slaves) log-bin: enabled
Wed Sep 3 22:27:41 2014-[info] Replicating from 192.168.66.88 (192.168.66.88: 3306)
Wed Sep 3 22:27:41 2014-[info] Primary candidate for the new Master (candidate_master is set)
Wed Sep 3 22:27:41 2014-[info] 192.168.66.120 (192.168.66.120: 3307) Version = 5.5.17-log (oldest major version between slaves) log-bin: enabled
Wed Sep 3 22:27:41 2014-[info] Replicating from 192.168.66.88 (192.168.66.88: 3306)
Wed Sep 3 22:27:41 2014-[info] Not candidate for the new Master (no_master is set)
Wed Sep 3 22:27:41 2014-[info] Current Alive Master: 192.168.66.88 (192.168.66.88: 3306)
Wed Sep 3 22:27:41 2014-[info] Checking slave invocations ..
Wed Sep 3 22:27:41 2014-[info] Checking replication filtering settings ..
Wed Sep 3 22:27:41 2014-[info] binlog_do_db =, binlog_ignore_db =
Wed Sep 3 22:27:41 2014-[info] Replication filtering check OK.
Wed Sep 3 22:27:41 2014-[info] Starting SSH connection tests ..
Wed Sep 3 22:27:42 2014-[info] All SSH connection tests passed successfully.
Wed Sep 3 22:27:42 2014-[info] Checking MHA Node version ..
Wed Sep 3 22:27:43 2014-[info] Version check OK.
Wed Sep 3 22:27:43 2014-[info] Checking SSH publickey authentication settings on the current master ..
Wed Sep 3 22:27:43 2014-[info] HealthCheck: SSH to 192.168.66.88 is reachable.
Wed Sep 3 22:27:43 2014-[info] Master MHA Node version is 0.54.
Wed Sep 3 22:27:43 2014-[info] Checking recovery script deployments on the current master ..
Wed Sep 3 22:27:43 2014-[info] Executing command: save_binary_logs -- command = test -- start_pos = 4 -- binlog_dir =/data/lib/mysql -- output_file =/mha/appl/save_binary_logs_test -- manager_version = 0.55 -- start_file = mysql-bin.000004
Wed Sep 3 22:27:43 2014-[info] Connecting to concert@192.168.66.88 (192.168.66.88 )..
Creating/mha/appl if not exists... OK.
Checking output directory is accessible or not ..
OK.
Binlog found at/data/lib/mysql, up to mysql-bin.000004
Wed Sep 3 22:27:43 2014-[info] Master setting check done.
Wed Sep 3 22:27:43 2014-[info] Checking SSH publickey authentication and checking recovery script deployments on all alive slave servers ..
Wed Sep 3 22:27:43 2014-[info] Executing command: export -- command = test -- slave_user = 'root' -- slave_host = 192.168.66.89 -- slave_ip = 192.168.66.89 -- slave_port = 3306 -- workdir =/mha/appl -- target_version = 5.5.17-log -- manager_version = 0.55 -- relay_log_info =/data/lib/mysql/relay-log.info -- relay_dir =/data/lib/mysql/-- slave_pass = xxx
Wed Sep 3 22:27:43 2014-[info] Connecting to concert@192.168.66.89 (192.168.66.89: 1314 )..
Checking slave recovery environment settings ..
Opening/data/lib/mysql/relay-log.info... OK.
Relay log found at/data/lib/mysql, up to mysql-relay-bin.000006
Temporary relay log file is/data/lib/mysql/mysql-relay-bin.000006
Testing mysql connection and privileges... done.
Testing mysqlbinlog output... done.
Cleaning up test file (s)... done.
Wed Sep 3 22:27:43 2014-[info] Executing command: export -- command = test -- slave_user = 'root' -- slave_host = 192.168.66.120 -- slave_ip = 192.168.66.120 -- slave_port = 3307 -- workdir =/mha/appl -- target_version = 5.5.17-log -- manager_version = 0.55 -- relay_log_info =/data/lib/mysqlb/relay-log.info -- relay_dir =/data/lib/mysqlb/-- slave_pass = xxx
Wed Sep 3 22:27:43 2014-[info] Connecting to concert@192.168.66.120 (192.168.66.120: 1314 )..
Checking slave recovery environment settings ..
Opening/data/lib/mysqlb/relay-log.info... OK.
Relay log found at/data/lib/mysqlb, up to mysql-relay-bin.000005
Temporary relay log file is/data/lib/mysqlb/mysql-relay-bin.000005
Testing mysql connection and privileges... done.
Testing mysqlbinlog output... done.
Cleaning up test file (s)... done.
Wed Sep 3 22:27:44 2014-[info] Slaves settings check done.
Wed Sep 3 22:27:44 2014-[info]
192.168.66.88 (current master)
+ -- 192.168.66.89
+ -- 192.168.66.120

Wed Sep 3 22:27:44 2014-[info] Checking replication health on 192.168.66.89 ..
Wed Sep 3 22:27:44 2014-[info] OK.
Wed Sep 3 22:27:44 2014-[info] Checking replication health on 192.168.66.120 ..
Wed Sep 3 22:27:44 2014-[info] OK.
Wed Sep 3 22:27:44 2014-[warning] master_ip_failover_script is not defined.
Wed Sep 3 22:27:44 2014-[warning] shutdown_script is not defined.
Wed Sep 3 22:27:44 2014-[info] Got exit code 0 (Not master dead ).

MySQL Replication Health is OK.

 

OK! Solve the problem.

 

To enable the SSH server to allow remote logon by the root user, which of the following parameters must be set in the configuration file?

Edit vi/etc/ssh/sshd_configPermitRootLogin yes restart service sshd restart
 
How to Set the ROOT user in linux to log on to the ROOT user through SSH instead of logging on to the ROOT user?

Modify/etc/ssh/sshd_config (sshd_config is not necessarily in this path, but you can find it in/etc)

Change PermitRootLogin yes to PermitRootLogin no
Related Security Options:
PermitEmptyPasswords: whether to allow Empty Password Logon. PermitEmptyPasswords yes. If your root account is empty, you can use a blank password to log in.
PasswordAuthentication is configured to verify the password.
/Etc/init. d/ssh stop &/etc/init. d/ssh start