Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
21.06, 22.08, 23.02
-
None
-
Builds>
Xpand = transylvania-18710
Maxscale test build =
https://mdbe-ci-repo.mariadb.net/public/Maxscale/MXS-4506_1707b/centos/7/x86_64/maxscale-99.99.99-1.rhel.7.x86_64.rpm
Description
SSL parameters specified on the bootstrap server are not copied down to the volatile ones. This is causing SSL setup between MaxScale and XPAND not working properly.
Repro
------
1. setup xpand cluster with ssl
3-node Xpand cluster
2. Configure maxscale with one xpand node as a server
- cat /etc/maxscale.cnf
[maxscale]
log_info=1
logdir=/data/clustrix/log
threads=auto
[xpand1]
type=server
address=oak012white.colo.sproutsys.com
port=3306
protocol=mariadbbackend
ssl=true
ssl_cert=/etc/ssl/maxscale/server-cert.pem
ssl_key=/etc/ssl/maxscale/server-key.pem
ssl_ca=/etc/ssl/maxscale/ca-cert.pem
- Backend specific monitor and router:
[Backend-Monitor]
type=monitor
module=xpandmon
servers=xpand1
user=maxscale
password=maxscale_pw
cluster_monitor_interval=10000ms
[Read-Only-Service]
type=service
router=readconnroute
user=maxscale
password=maxscale_pw
router_options=running
cluster=Backend-Monitor
[Read-Only-Listener]
type=listener
service=Read-Only-Service
protocol=MariaDBClient
address=0.0.0.0
port=3307
authenticator=pamauth
authenticator_options=pam_backend_mapping=mariadb_passthrough
ssl=true
ssl_cert=/etc/ssl/maxscale/client-cert.pem
ssl_key=/etc/ssl/maxscale/client-key.pem
ssl_ca=/etc/ssl/maxscale/ca-cert.pem
3. start maxscale
4. show server shows ssl=true only for one xpand node, for the remaining it's ssl=false
Attachments
Issue Links
- relates to
-
-
- Closed
-