Enable SSL on mariadb - mysql

im trying to enable SSL on a mariadb in a docker container
i have made following changes in /etc/mysql/my.cnf file
ssl-ca=/etc/certs/client-cert.pem
ssl-cert=/etc/certs/server-cert.pem
ssl-key=/etc/certs/server-key.pem
ssl_ca=/etc/certs/client-cert.pem
ssl_cert=/etc/certs/server-cert.pem
ssl_key=/etc/certs/server-key.pem
Note: i have used variables names with - and _ because i am not sure which scheme is uses
also i have provided certificates in the above mentioned path
here is the result of "show variables like '%ssl%';"
MariaDB [(none)]> show variables like '%ssl%';
+---------------------+----------------------------+
| Variable_name | Value |
+---------------------+----------------------------+
| have_openssl | YES |
| have_ssl | YES |
| ssl_ca | /etc/certs/client-cert.pem |
| ssl_capath | |
| ssl_cert | /etc/certs/server-cert.pem |
| ssl_cipher | |
| ssl_crl | |
| ssl_crlpath | |
| ssl_key | /etc/certs/server-key.pem |
| version_ssl_library | OpenSSL 1.1.0g 2 Nov 2017 |
+---------------------+----------------------------+
10 rows in set (0.001 sec)
but this is what i get when i run "status" command on mysql command line
MariaDB [(none)]> status
--------------
mysql Ver 15.1 Distrib 10.3.9-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
Connection id: 42
Current database:
Current user: root#localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server: MariaDB
Server version: 10.3.9-MariaDB-1:10.3.9+maria~bionic mariadb.org binary distribution
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: latin1
Db characterset: latin1
Client characterset: latin1
Conn. characterset: latin1
UNIX socket: /var/run/mysqld/mysqld.sock
Uptime: 5 min 52 sec
it says SSL not in use, now im not sure if SSL is enabled or not, or am i missing any flag? also how can i find out if its enabled or not?
here is the complete my.cnf file
# MariaDB database server configuration file.
#
# You can copy this file to one of:
# - "/etc/mysql/my.cnf" to set global options,
# - "~/.my.cnf" to set user-specific options.
#
# One can use all long options that the program supports.
# Run program with --help to get a list of available options and with
# --print-defaults to see which it would actually understand and use.
#
# For explanations see
# http://dev.mysql.com/doc/mysql/en/server-system-variables.html
# This will be passed to all mysql clients
# It has been reported that passwords should be enclosed with ticks/quotes
# escpecially if they contain "#" chars...
# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
# Here is entries for some specific programs
# The following values assume you have at least 32M ram
# This was formally known as [safe_mysqld]. Both versions are currently parsed.
[mysqld_safe]
socket = /var/run/mysqld/mysqld.sock
nice = 0
[mysqld]
#
# * Basic Settings
#
#user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc_messages_dir = /usr/share/mysql
lc_messages = en_US
skip-external-locking
#
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address = 127.0.0.1
#
# * Fine Tuning
#
max_connections = 100
connect_timeout = 5
wait_timeout = 600
max_allowed_packet = 16M
thread_cache_size = 128
sort_buffer_size = 4M
bulk_insert_buffer_size = 16M
tmp_table_size = 32M
max_heap_table_size = 32M
#
# * MyISAM
#
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched. On error, make copy and try a repair.
myisam_recover_options = BACKUP
key_buffer_size = 128M
#open-files-limit = 2000
table_open_cache = 400
myisam_sort_buffer_size = 512M
concurrent_insert = 2
read_buffer_size = 2M
read_rnd_buffer_size = 1M
#
# * Query Cache Configuration
#
# Cache only tiny result sets, so we can fit more in the query cache.
query_cache_limit = 128K
query_cache_size = 64M
# for more write intensive setups, set to DEMAND or OFF
#query_cache_type = DEMAND
#
# * Logging and Replication
#
# Both location gets rotated by the cronjob.
# Be aware that this log type is a performance killer.
# As of 5.1 you can enable the log at runtime!
#general_log_file = /var/log/mysql/mysql.log
#general_log = 1
#
# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf.
#
# we do want to know about network errors and such
#log_warnings = 2
#
# Enable the slow query log to see queries with especially long duration
#slow_query_log[={0|1}]
slow_query_log_file = /var/log/mysql/mariadb-slow.log
long_query_time = 10
#log_slow_rate_limit = 1000
#log_slow_verbosity = query_plan
#log-queries-not-using-indexes
#log_slow_admin_statements
#
# The following can be used as easy to replay backup logs or for replication.
# note: if you are setting up a replication slave, see README.Debian about
# other settings you may need to change.
#server-id = 1
#report_host = master1
#auto_increment_increment = 2
#auto_increment_offset = 1
#log_bin = /var/log/mysql/mariadb-bin
#log_bin_index = /var/log/mysql/mariadb-bin.index
# not fab for performance, but safer
#sync_binlog = 1
expire_logs_days = 10
max_binlog_size = 100M
# slaves
#relay_log = /var/log/mysql/relay-bin
#relay_log_index = /var/log/mysql/relay-bin.index
#relay_log_info_file = /var/log/mysql/relay-bin.info
#log_slave_updates
#read_only
#
# If applications support it, this stricter sql_mode prevents some
# mistakes like inserting invalid dates etc.
#sql_mode = NO_ENGINE_SUBSTITUTION,TRADITIONAL
#
# * InnoDB
#
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
# Read the manual for more InnoDB related options. There are many!
default_storage_engine = InnoDB
# you can't just change log file size, requires special procedure
#innodb_log_file_size = 50M
innodb_buffer_pool_size = 256M
innodb_log_buffer_size = 8M
innodb_file_per_table = 1
innodb_open_files = 400
innodb_io_capacity = 400
innodb_flush_method = O_DIRECT
#
# * Security Features
#
# Read the manual, too, if you want chroot!
# chroot = /var/lib/mysql/
#
# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
#
ssl-ca=/etc/certs/client-cert.pem
ssl-cert=/etc/certs/server-cert.pem
ssl-key=/etc/certs/server-key.pem
ssl_ca=/etc/certs/client-cert.pem
ssl_cert=/etc/certs/server-cert.pem
ssl_key=/etc/certs/server-key.pem
#
# * Galera-related settings
#
[galera]
# Mandatory settings
#wsrep_on=ON
#wsrep_provider=
#wsrep_cluster_address=
#binlog_format=row
#default_storage_engine=InnoDB
#innodb_autoinc_lock_mode=2
#
# Allow server to accept connections on all interfaces.
#
#bind-address=0.0.0.0
#
# Optional setting
#wsrep_slave_threads=1
#innodb_flush_log_at_trx_commit=0
[mysqldump]
quick
quote-names
max_allowed_packet = 16M
[mysql]
#no-auto-rehash # faster start of mysql but no tab completion
[isamchk]
key_buffer = 16M
#
# * IMPORTANT: Additional settings that can override those from this file!
# The files must end with '.cnf', otherwise they'll be ignored.
#
!include /etc/mysql/mariadb.cnf
!includedir /etc/mysql/conf.d/

I can't reproduce the problem:
$ mysql -u user -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 1
Server version: 10.3.9-MariaDB-1:10.3.9+maria~bionic-log mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> \! ls -alF /path/to/MariaDB/ssl/
total 20
drwxr-xr-x 2 user user 140 Jan 01 00:01 ./
drwxr-xr-x 5 user user 240 Jan 01 00:01 ../
-r-----r-- 1 user user 1273 Jan 01 00:01 ca.pem
-r-----r-- 1 user user 1143 Jan 01 00:01 client-cert.pem
-r-----r-- 1 user user 1679 Jan 01 00:01 client-key.pem
-r-----r-- 1 user user 1147 Jan 01 00:01 server-cert.pem
-r-----r-- 1 user user 1679 Jan 01 00:01 server-key.pem
MariaDB [(none)]> \! cat /path/to/MariaDB/my.cnf
...
[client]
...
## MariaDB Client Configuration ##
ssl-ca=/path/to/MariaDB/ssl/ca.pem
ssl-cert=/path/to/MariaDB/ssl/client-cert.pem
ssl-key=/path/to/MariaDB/ssl/client-key.pem
### This option is disabled by default ###
ssl-verify-server-cert
...
...
[mysqld]
...
#
# * Security Features
#
ssl
ssl-ca=/path/to/MariaDB/ssl/ca.pem
ssl-cert=/path/to/MariaDB/ssl/server-cert.pem
ssl-key=/path/to/MariaDB/ssl/server-key.pem
ssl-cipher=TLSv1.2
...
MariaDB [(none)]> \s
--------------
mysql Ver 15.1 Distrib 10.3.9-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
Connection id: 1
Current database:
Current user: user#localhost
SSL: Cipher in use is ECDHE-RSA-AES256-GCM-SHA384
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server: MariaDB
Server version: 10.3.9-MariaDB-1:10.3.9+maria~bionic-log mariadb.org binary distribution
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: utf8
Db characterset: utf8
Client characterset: utf8
Conn. characterset: utf8
UNIX socket: /var/run/mysqld/mysqld.sock
Uptime: 11 sec
Threads: 8 Questions: 61 Slow queries: 0 Opens: 32 Flush tables: 1 Open tables: 26 Queries per second avg: 5.545
--------------
MariaDB [(none)]> SHOW VARIABLES LIKE '%ssl%';
+---------------------+--------------------------------------+
| Variable_name | Value |
+---------------------+--------------------------------------+
| have_openssl | YES |
| have_ssl | YES |
| ssl_ca | /path/to/MariaDB/ssl/ca.pem |
| ssl_capath | |
| ssl_cert | /path/to/MariaDB/ssl/server-cert.pem |
| ssl_cipher | TLSv1.2 |
| ssl_crl | |
| ssl_crlpath | |
| ssl_key | /path/to/MariaDB/ssl/server-key.pem |
| version_ssl_library | OpenSSL 1.1.0g 2 Nov 2017 |
+---------------------+--------------------------------------+
10 rows in set (0.001 sec)

Related

MYSQL 5.7 Note Got an error reading communication packets

134359 [Note] Got an error reading communication packets
Appears in logs every 5 minutes, I have seen a few similar posts on here however none actually match the error I'm seeing here.
MySQL 5.7 - configuration:
[mysqld]
##skip-name-resolve=1
#bind-address=localhost
default-storage-engine=InnoDB
innodb_file_per_table=1
performance-schema=1
server-id=2
auto_increment_offset = 2
auto_increment_increment= 5
report-host=2
log-slave-updates
##
replicate-ignore-db=mysql
replicate-ignore-db=cphulkd
replicate-ignore-db=information_schema
replicate-ignore-db=performance_schema
replicate-ignore-db=sys
##
max_connections=1000
table_open_cache=2000
wait_timeout=86400
interactive_timeout=86400
net_read_timeout=28800
net_write_timeout=28800
table_definition_cache=2000
thread_cache_size=100
long_query_time=10000
log_queries_not_using_indexes=0
innodb_page_cleaners=128
sql_mode=""
max_allowed_packet=512M
local-infile=0
[mysql]
# CLIENT #
port = 3306
socket = /var/lib/mysql/mysql.sock
[mysqld]
# GENERAL #
user = mysql
default-storage-engine = InnoDB
socket = /var/lib/mysql/mysql.sock
pid-file = /var/lib/mysql/mysql.pid
# MyISAM #
key-buffer-size = 10M
##myisam-recover = FORCE,BACKUP
# SAFETY #
max-allowed-packet = 10000M
max-connect-errors = 1000000
# DATA STORAGE #
datadir = /var/lib/mysql/
# BINARY LOGGING #
log-bin = /var/lib/mysql/mysql-bin
expire-logs-days = 14
sync-binlog = 0
# CACHES AND LIMITS #
tmp-table-size = 100M
max-heap-table-size = 100M
query-cache-type = 0
query-cache-size = 0
#max-connections = 1000
thread-cache-size = 50
open-files-limit = 1024
table-definition-cache = 4096
table_open_cache = 2024
# INNODB #
innodb-flush-method = O_DIRECT
innodb-log-files-in-group = 2
innodb-log-file-size = 10G
innodb_log_buffer_size = 5G
innodb-flush-log-at-trx-commit = 1
innodb-file-per-table = 1
innodb-buffer-pool-size = 80G
innodb_buffer_pool_instances = 64
innodb_write_io_threads = 64
innodb_read_io_threads = 64
innodb_max_dirty_pages_pct = 90
innodb_io_capacity = 1000
innodb_stats_on_metadata = 0
innodb_adaptive_flushing = 1
innodb_lru_scan_depth = 1024
# LOGGING #
log-error = /var/lib/mysql/mysql-error.log
log-queries-not-using-indexes = 0
slow-query-log = 0
slow-query-log-file = /var/lib/mysql/mysql-slow.log
join_buffer_size = 55M
binlog_cache_size = 16M
key_buffer_size = 50M
The thread ID 134359 doesn't correspond to any actual threads if I enable General MySQL Logging, nor does anything appear in a tcpdump during the events occuring.
At a loss? I do feel it's something CPanel or WHM related

Why does Master think it's a Slave on Reboot?

In a simple MySQL replication Master-Slave configuration I have a problem where Master tries to connect to itself as a slave on reboot.
So when I restart MySQL on Master, I see errors related to the same server trying to replicate to itself and I have to manually run mysql -e "STOP SLAVE;" every time I restart MySQL.
How can I disable slave on master for good?
Here's the relevant portion of my.cnf:
## Logging
binlog_format = mixed
log_bin = /var/log/mysql/mysql-bin.log
sync_binlog = 1
pid_file = /var/run/mysqld/mysqld.pid
log_error = /var/log/mysql/error.log
#general_log = 0
#general_log_file = /var/log/mysql/general.log
slow_query_log = 1
slow_query_log_file = /var/log/mysql/slow.log
long_query_time = 3
expire_logs_days = 14
sql_mode = STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
# sql_mode = ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
## Replication
server_id = 200
## Master Configuration
binlog-do-db = my_db_1
binlog-do-db = my_db_2
binlog-do-db = my_db_3
binlog-do-db = my_db_4
binlog-do-db = my_db_5
binlog-do-db = my_db_6
Also, when I run SELECT * FROM mysql.user; I don't see the repl user that's allegedly a "slave" on Master.
BUT, I do see that localhost has replication grants:
mysql> select Host, User, grant_priv, Repl_slave_priv, Repl_client_priv from mysql.user;
+-----------------+---------------+------------+-----------------+------------------+
| Host | User | grant_priv | Repl_slave_priv | Repl_client_priv |
+-----------------+---------------+------------+-----------------+------------------+
| localhost | root | Y | Y | Y |
| localhost | mysql.sys | N | N | N |
Here's an example of the errors I see on Reboot (before I run STOP SLAVE; on Master):
2016-09-01T15:22:23.845505Z 384 [Note] Access denied for user 'repl'#'192.168.100.200' (using password: YES)
2016-09-01T15:22:23.845761Z 1 [ERROR] Slave I/O for channel '': error connecting to master 'repl#192.168.100.200:3306' - retry-time: 30 retries: 8, Error_code: 1045
2016-09-01T15:22:50.191636Z 0 [Note] InnoDB: page_cleaner: 1000ms intended loop took 6843ms. The settings might not be optimal. (flushed=15210 and evicted=0, during the time.)
Apart from this, replication is running fine. Writes to Master show up flawlessly on the real, read-only, Slave.
Full my.cnf:
[mysql]
default_character_set = utf8
[mysqld]
datadir = /var/lib/mysql
socket = /var/lib/mysql/mysql.sock
symbolic-links = 0
## Custom Configuration
skip_external_locking = 1
skip_name_resolve
open_files_limit = 20000
## Cache
thread_cache_size = 16
query_cache_type = 1
query_cache_size = 256M
query_cache_limit = 4M
## Per-thread Buffers
sort_buffer_size = 32M
read_buffer_size = 4M
read_rnd_buffer_size = 8M
join_buffer_size = 2M
## Temp Tables
tmp_table_size = 1024M
max_heap_table_size = 1024M
## Networking
back_log = 250
max_connections = 512
max_connect_errors = 100000
max_allowed_packet = 128M
interactive_timeout = 1800
wait_timeout = 1800
character_set_client_handshake = FALSE
character_set_server = utf8mb4
collation_server = utf8mb4_unicode_ci
### Storage Engines
default_storage_engine = InnoDB
innodb = FORCE
## MyISAM
key_buffer_size = 128M
myisam_sort_buffer_size = 16M
## InnoDB
innodb_buffer_pool_size = 46G
innodb_buffer_pool_instances = 64
innodb_log_files_in_group = 2
innodb_log_buffer_size = 32M
innodb_log_file_size = 64M
innodb_file_per_table = 1
innodb_thread_concurrency = 0
innodb_flush_log_at_trx_commit = 1
## Logging
binlog_format = mixed
log_bin = /var/log/mysql/mysql-bin.log
sync_binlog = 1
pid_file = /var/run/mysqld/mysqld.pid
log_error = /var/log/mysql/error.log
#general_log = 0
#general_log_file = /var/log/mysql/general.log
slow_query_log = 1
slow_query_log_file = /var/log/mysql/slow.log
long_query_time = 3
expire_logs_days = 14
sql_mode = STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
# sql_mode = ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
## Replication
# Master Server ID:
server_id = 200
# Slave Server ID:
# server_id = 300
## Master Configuration
# Comment out on Slave
binlog-do-db = db_1
binlog-do-db = db_2
binlog-do-db = db_3
binlog-do-db = db_4
binlog-do-db = db_5
binlog-do-db = db_6
## Slave Configuration
# Uncomment the following on Slave
# relay-log = /var/log/mysql/mysql-relay-bin.log
# binlog-do-db = db_1
# binlog-do-db = db_2
# binlog-do-db = db_3
# binlog-do-db = db_4
# binlog-do-db = db_5
# binlog-do-db = db_6
# log_slave_updates = 1
# read_only = 1
# slave_skip_errors = 1062
[mysqld_safe]
datadir = /var/lib/mysql
socket = /var/lib/mysql/mysql.sock
symbolic-links = 0
pid_file = /var/run/mysqld/mysqld.pid
log_error = /var/log/mysql/error.log
Also:
mysql> SHOW GLOBAL VARIABLES LIKE '%master_info_repository%';
+------------------------+-------+
| Variable_name | Value |
+------------------------+-------+
| master_info_repository | FILE |
+------------------------+-------+
For managing this kind of setups I recommend to use MHA manager. For this specific situation you may want to clean up the master_info_repository (located by default in master.info). Also, you can use --skip-slave-start on the master host to avoid this situations after failover.
I think that you must have set the master information on the master server (maybe this was a slave at some point or refreshed from one). Run
SHOW SLAVE STATUS
on the master. If the entries are not all empty then this is the cause and on reboot (without skip-slave-start being set) MySQL will try to start the slave.
To fix this, on the master, stop the slave if you did not already and run
RESET SLAVE ALL
to clear the master settings - assuming that you are using 5.5.16 or higher otherwise leave off the ALL.
This can be confirmed with another SHOW SLAVE STATUS which should show all the entries as empty.
When you reboot now the slave will not try to start.
If you prefer for some reason to leave the master settings in place, add skip-slave-start to your my.cnf under [mysqld] and the settings will then be ignored on start-up.

MySQL TokuDB engine using too much CPU

I have converted tables of a database from InnoDB to TokuDB and i noticed that with TokuDB, reads are using way too much CPU. Why is this?
To be more specific, the server with TokuDB tables is a slave of a server with InnoDB which is part of the PXC. The slave just used regular percona server and not PXC. But the slave seems to be using way too much CPU and i do not know why?
Below is my my.cnf config:
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysqld_safe]
thp-setting=never
socket = /var/run/mysqld/mysqld.sock
nice = 0
flush_caches
numa_interleave
core-file-size = unlimited
open_files_limit = 1024
[mysqld]
back_log = 65535
bind-address = 0.0.0.0
binlog_format = ROW
character_set_server = utf8
collation_server = utf8_general_ci
core_file
basedir = /usr
datadir = /var/lib/mysql
#default_storage_engine = InnoDB
enforce-gtid-consistency = 1
expand_fast_index_creation = 1
expire_logs_days = 7
gtid_mode = ON
innodb_autoinc_lock_mode = 2
innodb_buffer_pool_instances = 1
innodb_buffer_pool_populate = 1
innodb_buffer_pool_size = 512M
innodb_data_file_path = ibdata1:64M;ibdata2:64M:autoextend
innodb_file_format = Barracuda
innodb_file_per_table
innodb_force_recovery = 1
innodb_flush_log_at_trx_commit = 2
innodb_flush_method = O_DIRECT
innodb_io_capacity = 1600
innodb_large_prefix
innodb_locks_unsafe_for_binlog = 1
innodb_log_file_size = 64M
innodb_print_all_deadlocks = 1
innodb_read_io_threads = 64
innodb_stats_on_metadata = FALSE
innodb_support_xa = FALSE
innodb_write_io_threads = 64
lc-messages-dir = /usr/share/mysql
log-bin = mysqld-bin
log-queries-not-using-indexes
log-slave-updates
long_query_time = 1
master_info_repository = TABLE
max_allowed_packet = 64M
max_connect_errors = 4294967295
max_connections = 2500
max_user_connections = 2550
min_examined_row_limit = 1000
open_files_limit = 1024
port = 3306
relay_log_info_repository = TABLE
relay-log-recovery = TRUE
relay-log-recovery = 1
skip-external-locking
skip-name-resolve
slave_parallel_workers = 8
slow_query_log = 1
slow_query_log_timestamp_always = 1
socket = /var/run/mysqld/mysqld.sock
table_open_cache = 4096
thread_cache = 1024
tmpdir = /srv/tmp
transaction_isolation = REPEATABLE-READ
updatable_views_with_limit = 0
user = mysql
wait_timeout = 60
server-id = 2
# TokuDB fine tuning
default_storage_engine = TokuDB
tokudb_analyze_time = 5
#tokudb_cache_size = 6G
tokudb_directio = 1
tokudb_commit_sync = 0
tokudb_fsync_log_period = 1000
tokudb_load_save_space =1
tokudb_alter_print_error=0
tokudb_block_size = 4MB
tokudb_bulk_fetch = 1
tokudb_disable_slow_alter = 1
tokudb_last_lock_timeout = empty
tokudb_row_format = tokudb_quicklz
#tokudb_data_dir = /var/lib/tokudb
[mysqldump]
quick
quote-names
max_allowed_packet = 16M
[mysql]
#no-auto-rehash # faster start of mysql but no tab completition
[isamchk]
key_buffer = 16M
!includedir /etc/mysql/conf.d/
The following replication message was being reported by our monitoring system xymon when tokudb_cache_size when initially set to 80% of total RAM.
2016-02-25 16:42:04 9604 [Warning] Neither --relay-log nor --relay-log-index were used; so replication may break when this MySQL server acts as a slave and has his hostname changed!! Please use '--relay-log=db-kdb-slave-6-relay-bin' to avoid this problem.
2016-02-25 16:42:05 9604 [Warning] Recovery from master pos 552554502 and file mysqld-bin.001163. Previous relay log pos and relay log file had been set to 552554714, ./db-kdb-slave-6-relay-bin.002933 respectively.
2016-02-25 16:42:05 9604 [Warning] Storing MySQL user name or password information in the master info repository is not secure and is therefore not recommended. Please consider using the USER and PASSWORD connection options for START SLAVE; see the 'START SLAVE Syntax' in the MySQL Manual for more information.
------More info about the Master server running InnoDB and part of PXC-----------
## Results from top
top - 10:05:12 up 14 days, 7:56, 2 users, load average: 2.16, 2.31, 2.39
Tasks: 413 total, 1 running, 412 sleeping, 0 stopped, 0 zombie
%Cpu(s): 8.9 us, 0.6 sy, 0.0 ni, 89.9 id, 0.3 wa, 0.0 hi, 0.2 si, 0.0 st
KiB Mem: 65704012 total, 63553216 used, 2150796 free, 169832 buffers
KiB Swap: 975868 total, 809892 used, 165976 free. 16304268 cached Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
2485 mysql 20 0 60.146g 0.045t 2.612g S 314.9 73.3 27762:43 mysqld
## disk info
george#db-erp-3:~$ df -h
Filesystem Size Used Avail Use% Mounted on
udev 32G 8.0K 32G 1% /dev
tmpfs 6.3G 1.2M 6.3G 1% /run
/dev/sda2 274G 2.1G 258G 1% /
none 4.0K 0 4.0K 0% /sys/fs/cgroup
none 5.0M 0 5.0M 0% /run/lock
none 32G 0 32G 0% /run/shm
none 100M 0 100M 0% /run/user
/dev/nvme0n1p1 1.1T 542G 503G 52% /srv
na1:/vol/yphome 4.5T 3.7T 875G 82% /net/account
## Memory info
george#db-erp-3:~$ free -g
total used free shared buffers cached
Mem: 62 60 2 0 0 15
-/+ buffers/cache: 44 17
Swap: 0 0 0
george#db-erp-3:~$
## Database info
+--------------------+----------------------+
| Data Base Name | Data Base Size in MB |
+--------------------+----------------------+
| information_schema | 0.00976563 |
| dberp | 347143.32031250 |
| mysql | 2.11562061 |
| performance_schema | 0.00000000 |
+--------------------+----------------------+
4 rows in set (0.13 sec)
+--------------------+----------------------+------------------+
| Data Base Name | Data Base Size in MB | Free Space in MB |
+--------------------+----------------------+------------------+
| information_schema | 0.00976563 | 0.00000000 |
| dberp | 347143.32031250 | 6270.00000000 |
| mysql | 2.11562061 | 4.00199127 |
| performance_schema | 0.00000000 | 0.00000000 |
+--------------------+----------------------+------------------+
4 rows in set (0.03 sec)
Your CPU will be higher for reads because TokuDB data needs to be decompressed to be used. Also, if this slave is processing any activity from the master than it's also doing compression for the insert/update/delete activity.
Couple of ideas.
1. Reduce the value of tokudb_block_size. While 4MB is great for compression it means that your point queries need to decompress a lot more data than they have to. Try using 256KB and see how CPU and performance changes. You might have to rebuild your slave to accomplish this easily (I'm now over a year away from working at TokuDB).
2. Look at your tokudb_cache_size. It defaults to 50% of RAM, but if nothing else is on this server you should up it to somewhere between 75% and 80%. This will mean less reads and decompression since more data will be in your cache.

(2006) MySQL server has gone away

I've read so many threads as well as the MySQL documentation about this issue and nothing suggested seems to work.
Here's my.cnf
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysqld_safe]
socket = /var/run/mysqld/mysqld.sock
nice = 0
[mysqld]
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
lc-messages-dir = /usr/share/mysql
skip-external-locking
default-storage-engine=INNODB
character-set-server=utf8
collation-server=utf8_bin
interactive_timeout = 2880000
wait_timeout = 2880000
net_write_timeout = 6000
net_read_timeout = 6000
delayed_insert_timeout = 6000
key_buffer = 256M
key-buffer-size = 32M
max_allowed_packet = 600M
thread_stack = 256K
thread_cache_size = 8
max-connections = 500
thread-cache-size = 50
open-files-limit = 65535
table-definition-cache = 4096
table-open-cache = 10240
query-cache-type = 0
query_cache_limit = 2M
query_cache_size = 32M
myisam-recover = BACKUP
innodb_buffer_pool_size = 384M
innodb_additional_mem_pool_size = 20M
innodb_log_file_size = 10M
innodb_log_buffer_size = 64M
innodb_flush_log_at_trx_commit = 1
innodb_lock_wait_timeout = 180
log_error = /var/log/mysql/error.log
expire_logs_days = 10
max_binlog_size = 100M
[mysqldump]
quick
quote-names
max_allowed_packet = 64M
[isamchk]
key_buffer = 32M
In addition I ran queries in the MySQL CLI to make sure my settings were sticking, and they appear to be:
mysql> select ##global.wait_timeout, ##session.wait_timeout;
+-----------------------+------------------------+
| ##global.wait_timeout | ##session.wait_timeout |
+-----------------------+------------------------+
| 2880000 | 2880000 |
+-----------------------+------------------------+
mysql> select ##global.max_allowed_packet, ##session.max_allowed_packet;
+-----------------------------+------------------------------+
| ##global.max_allowed_packet | ##session.max_allowed_packet |
+-----------------------------+------------------------------+
| 629145600 | 629145600 |
+-----------------------------+------------------------------+
Server environment: Ubuntu Server 14.04LTS
MySQL version: 5.6
This is a dedicated MySQL server, it has no other apps on it.
I am not running out of memory:
MemTotal: 32948824 kB
MemFree: 31494136 kB
Cached: 281624 kB
SwapCached: 0 kB
SwapTotal: 33550332 kB
SwapFree: 33550332 kB
I was finally able to fix this issue but bypassing the MySQL Workbench Migration Tool and using mysqldup to generate the database .sql file used to restore to the server. Here's what I did:
Deleted all databases from the MySQL server that was timing out
Exported all the data from our backup database via mysqldump
Restored that dump file to the new MySQL server (the one that was
timing out)
Ran mysql_upgrade, all tables OK Executed the query: everything now
works
Here's the strange thing: mysqlcheck and mysql_upgrade, when run on the database that was somehow timing out, were returning status OK and not finding any errors. I do not know why, but I see this is a pretty strange and annoying problem, considering that's exactly what mysqlcheck is for.
Anyway if you're having this problem try to restore the database from an older backup (if you have one) and see if that works.

How can wait_timeout/interactive_timeout be ignored?

My mySQL server is not respecting wait_timeout or interactive_timeout of 15 seconds. Queries just keep going and going past the respective 15 seconds. Below is the my.cnf -
[mysqld]
# Settings user and group are ignored when systemd is used (fedora >= 15).
# If you need to run mysqld under different user or group,
# customize your systemd unit file for mysqld according to the
# instructions in http://fedoraproject.org/wiki/Systemd
user=mysql
#skip-innodb
#ignore-builtin-innodb
#default-storage-engine = myisam
#log-queries-not-using-indexes
#key_buffer = 6M
key_buffer_size = 1024M
max_allowed_packet = 64M
thread_stack = 256K
thread_cache_size = 200
max_connections = 200
table_cache = 128K
tmp_table_size = 24M
max_heap_table_size = 24M
join_buffer_size = 1M
query_cache_limit = 32M
query_cache_size = 8M
read_buffer_size = 1M
# concurrent_insert = ALWAYS
general_log = 0
general_log_file = /var/log/mysql/general.log
low_priority_updates=1
log_warnings=2
#log_error=/var/log/mysql/mysql_error.log
slow-query-log = 1
slow-query-log-file = /var/log/mysql/mysql-slow.log
long_query_time=1
wait_timeout=15
interactive_timeout=15
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# InnoDB Settings
innodb_buffer_pool_size = 768M
innodb_log_file_size = 100M
innodb-file-per-table = 1
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# Semisynchronous Replication
# http://dev.mysql.com/doc/refman/5.5/en/replication-semisync.html
# uncomment next line on MASTER
#;plugin-load=rpl_semi_sync_master=semisync_master.so
# uncomment next line on SLAVE
#;plugin-load=rpl_semi_sync_slave=semisync_slave.so
# Others options for Semisynchronous Replication
#;rpl_semi_sync_master_enabled=1
#;rpl_semi_sync_master_timeout=10
#;rpl_semi_sync_slave_enabled=1
# http://dev.mysql.com/doc/refman/5.5/en/performance-schema.html
#;performance_schema
#log-queries-not-using-indexes
default-storage-engine=MyISAM
#log-queries-not-using-indexes
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
I ran the command on the server, but when I do mytop - there are queries that are more then 15 seconds.
mysql> select ##global.wait_timeout, ##session.wait_timeout;
+-----------------------+------------------------+
| ##global.wait_timeout | ##session.wait_timeout |
+-----------------------+------------------------+
| 15 | 15 |
+-----------------------+------------------------+
1 row in set (0.00 sec)
Any ideas what I am doing wrong?
wait_timeout is documented as follows:
The number of seconds the server waits for activity on a
noninteractive connection before closing it. This timeout applies only
to TCP/IP and Unix socket file connections, not to connections made
using named pipes, or shared memory.
From your question it sounds like you're trying to use it and interactive_timeout abruptly to abandon long-running queries. But that's not what it's for.