diff options
Diffstat (limited to 'scripts/wsrep_sst_mariabackup.sh')
-rw-r--r-- | scripts/wsrep_sst_mariabackup.sh | 474 |
1 files changed, 268 insertions, 206 deletions
diff --git a/scripts/wsrep_sst_mariabackup.sh b/scripts/wsrep_sst_mariabackup.sh index 8b05217b2fa..de789dc1728 100644 --- a/scripts/wsrep_sst_mariabackup.sh +++ b/scripts/wsrep_sst_mariabackup.sh @@ -1,6 +1,6 @@ #!/bin/bash -ue -# Copyright (C) 2013 Percona Inc # Copyright (C) 2017-2021 MariaDB +# Copyright (C) 2013 Percona Inc # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -17,14 +17,15 @@ # MA 02110-1335 USA. # Documentation: -# http://www.percona.com/doc/percona-xtradb-cluster/manual/xtrabackup_sst.html +# https://mariadb.com/kb/en/mariabackup-overview/ # Make sure to read that before proceeding! -. $(dirname $0)/wsrep_sst_common +. $(dirname "$0")/wsrep_sst_common wsrep_check_datadir -OS=$(uname) +OS="$(uname)" ealgo="" +eformat="" ekey="" ekeyfile="" encrypt=0 @@ -32,7 +33,7 @@ nproc=1 ecode=0 ssyslog="" ssystag="" -XTRABACKUP_PID="" +MARIABACKUP_PID="" SST_PORT="" REMOTEIP="" tcert="" @@ -47,7 +48,7 @@ lsn="" ecmd="" rlimit="" # Initially -stagemsg="${WSREP_SST_OPT_ROLE}" +stagemsg="$WSREP_SST_OPT_ROLE" cpat="" speciald=1 ib_home_dir="" @@ -59,8 +60,8 @@ strmcmd="" tfmt="" tcmd="" payload=0 -pvformat="-F '%N => Rate:%r Avg:%a Elapsed:%t %e Bytes: %b %p' " -pvopts="-f -i 10 -N $WSREP_SST_OPT_ROLE " +pvformat="-F '%N => Rate:%r Avg:%a Elapsed:%t %e Bytes: %b %p'" +pvopts="-f -i 10 -N $WSREP_SST_OPT_ROLE" STATDIR="" uextra=0 disver="" @@ -79,23 +80,22 @@ readonly SECRET_TAG="secret" # 5.6.21 PXC and later can't donate to an older joiner sst_ver=1 -if pv --help 2>/dev/null | grep -q FORMAT;then - pvopts+=$pvformat +if [ -x "$(command -v pv)" ] && pv --help | grep -qw -- '-F'; then + pvopts="$pvopts $pvformat" fi pcmd="pv $pvopts" declare -a RC set +e MARIABACKUP_BIN="$(command -v mariabackup)" -if [ -z "$MARIABACKUP_BIN" ]; then +if [ ! -x "$MARIABACKUP_BIN" ]; then wsrep_log_error 'mariabackup binary not found in $PATH' exit 42 fi set -e MBSTREAM_BIN=mbstream -XBCRYPT_BIN=xbcrypt # Not available in MariaBackup -DATA="${WSREP_SST_OPT_DATA}" +DATA="$WSREP_SST_OPT_DATA" INFO_FILE="xtrabackup_galera_info" IST_FILE="xtrabackup_ist" MAGIC_FILE="$DATA/$INFO_FILE" @@ -112,7 +112,7 @@ timeit(){ local cmd="$@" local x1 x2 took extcode - if [[ $ttime -eq 1 ]];then + if [ $ttime -eq 1 ]; then x1=$(date +%s) wsrep_log_info "Evaluating $cmd" eval "$cmd" @@ -137,19 +137,21 @@ get_keys() fi if [ $encrypt -eq 0 ]; then - if $MY_PRINT_DEFAULTS xtrabackup | grep -q -- "--encrypt"; then - wsrep_log_error "Unexpected option combination. SST may fail. Refer to http://www.percona.com/doc/percona-xtradb-cluster/manual/xtrabackup_sst.html" + if [ -n "$ealgo" -o -n "$ekey" -o -n "$ekeyfile" ]; then + wsrep_log_error "Options for encryption are specified, " \ + "but encryption itself is disabled. SST may fail." fi return fi if [ $sfmt = 'tar' ]; then - wsrep_log_info "NOTE: Xtrabackup-based encryption - encrypt=1 - cannot be enabled with tar format" + wsrep_log_info "NOTE: key-based encryption (encrypt=1) " \ + "cannot be enabled with tar format" encrypt=-1 return fi - wsrep_log_info "Xtrabackup based encryption enabled in my.cnf - Supported only from Xtrabackup 2.1.4" + wsrep_log_info "Key based encryption enabled in my.cnf" if [ -z "$ealgo" ]; then wsrep_log_error "FATAL: Encryption algorithm empty from my.cnf, bailing out" @@ -161,17 +163,49 @@ get_keys() exit 3 fi - if [ -z "$ekey" ]; then - ecmd="$XBCRYPT_BIN --encrypt-algo='$ealgo' --encrypt-key-file='$ekeyfile'" + if [ "$eformat" = 'openssl' ]; then + get_openssl + if [ -z "$OPENSSL_BINARY" ]; then + wsrep_log_error "If encryption using the openssl is enabled, " \ + "then you need to install openssl" + exit 2 + fi + ecmd="'$OPENSSL_BINARY' enc -$ealgo" + if "$OPENSSL_BINARY" enc -help 2>&1 | grep -qw -- '-pbkdf2'; then + ecmd="$ecmd -pbkdf2" + elif "$OPENSSL_BINARY" enc -help 2>&1 | grep -qw -- '-iter'; then + ecmd="$ecmd -iter 1" + elif "$OPENSSL_BINARY" enc -help 2>&1 | grep -qw -- '-md'; then + ecmd="$ecmd -md sha256" + fi + if [ -z "$ekey" ]; then + ecmd="$ecmd -kfile '$ekeyfile'" + else + ecmd="$ecmd -k '$ekey'" + fi + elif [ "$eformat" = 'xbcrypt' ]; then + if [ ! -x "$(command -v xbcrypt)" ]; then + wsrep_log_error "If encryption using the xbcrypt is enabled, " \ + "then you need to install xbcrypt" + exit 2 + fi + wsrep_log_info "NOTE: xbcrypt-based encryption, " \ + "supported only from Xtrabackup 2.1.4" + if [ -z "$ekey" ]; then + ecmd="xbcrypt --encrypt-algo='$ealgo' --encrypt-key-file='$ekeyfile'" + else + ecmd="xbcrypt --encrypt-algo='$ealgo' --encrypt-key='$ekey'" + fi else - ecmd="$XBCRYPT_BIN --encrypt-algo='$ealgo' --encrypt-key='$ekey'" + wsrep_log_error "Unknown encryption format='$eformat'" + exit 2 fi if [ "$WSREP_SST_OPT_ROLE" = 'joiner' ]; then ecmd="$ecmd -d" fi - stagemsg+="-XB-Encrypted" + stagemsg="$stagemsg-XB-Encrypted" } get_transfer() @@ -179,27 +213,27 @@ get_transfer() TSST_PORT="$SST_PORT" if [ $tfmt = 'nc' ]; then - wsrep_check_programs nc wsrep_log_info "Using netcat as streamer" - + wsrep_check_programs nc + tcmd="nc" if [ "$WSREP_SST_OPT_ROLE" = 'joiner' ]; then - if nc -h 2>&1 | grep -q ncat; then - # Ncat - tcmd="nc -l $TSST_PORT" - elif nc -h 2>&1 | grep -qw -- '-d\>'; then - # Debian netcat + if nc -h 2>&1 | grep -q 'ncat'; then + wsrep_log_info "Using Ncat as streamer" + tcmd="$tcmd -l" + elif nc -h 2>&1 | grep -qw -- '-d'; then + wsrep_log_info "Using Debian netcat as streamer" + tcmd="$tcmd -dl" if [ $WSREP_SST_OPT_HOST_IPv6 -eq 1 ]; then # When host is not explicitly specified (when only the port # is specified) netcat can only bind to an IPv4 address if # the "-6" option is not explicitly specified: - tcmd="nc -dl -6 $TSST_PORT" - else - tcmd="nc -dl $TSST_PORT" + tcmd="$tcmd -6" fi else - # traditional netcat - tcmd="nc -l -p $TSST_PORT" + wsrep_log_info "Using traditional netcat as streamer" + tcmd="$tcmd -l -p" fi + tcmd="$tcmd $TSST_PORT" else # Check to see if netcat supports the '-N' flag. # -N Shutdown the network socket after EOF on stdin @@ -208,33 +242,28 @@ get_transfer() # transfer and cause the command to timeout. # Older versions of netcat did not need this flag and will # return an error if the flag is used. - # - tcmd_extra="" - if nc -h 2>&1 | grep -qw -- -N; then - tcmd_extra="-N" + if nc -h 2>&1 | grep -qw -- '-N'; then + tcmd="$tcmd -N" wsrep_log_info "Using nc -N" fi # netcat doesn't understand [] around IPv6 address if nc -h 2>&1 | grep -q ncat; then - # Ncat wsrep_log_info "Using Ncat as streamer" - tcmd="nc $tcmd_extra $WSREP_SST_OPT_HOST_UNESCAPED $TSST_PORT" - elif nc -h 2>&1 | grep -qw -- '-d\>'; then - # Debian netcat + elif nc -h 2>&1 | grep -qw -- '-d'; then wsrep_log_info "Using Debian netcat as streamer" - tcmd="nc $tcmd_extra $WSREP_SST_OPT_HOST_UNESCAPED $TSST_PORT" else - # traditional netcat wsrep_log_info "Using traditional netcat as streamer" - tcmd="nc -q0 $tcmd_extra $WSREP_SST_OPT_HOST_UNESCAPED $TSST_PORT" + tcmd="$tcmd -q0" fi + tcmd="$tcmd $WSREP_SST_OPT_HOST_UNESCAPED $TSST_PORT" fi else tfmt='socat' - wsrep_check_programs socat + wsrep_log_info "Using socat as streamer" + wsrep_check_programs socat - if [[ $encrypt -eq 2 || $encrypt -eq 3 ]] && ! socat -V | grep -q "WITH_OPENSSL 1";then + if [ $encrypt -eq 2 -o $encrypt -eq 3 ] && ! socat -V | grep -q -F 'WITH_OPENSSL 1'; then wsrep_log_error "Encryption requested, but socat is not OpenSSL enabled (encrypt=$encrypt)" exit 2 fi @@ -245,7 +274,7 @@ get_transfer() wsrep_log_error "Both PEM and CRT files required" exit 22 fi - stagemsg+="-OpenSSL-Encrypted-2" + stagemsg="$stagemsg-OpenSSL-Encrypted-2" if [ "$WSREP_SST_OPT_ROLE" = 'joiner' ]; then wsrep_log_info "Decrypting with cert=${tpem}, cafile=${tcert}" tcmd="socat -u openssl-listen:$TSST_PORT,reuseaddr,cert='$tpem',cafile='$tcert'$sockopt stdio" @@ -259,7 +288,7 @@ get_transfer() wsrep_log_error "Both certificate and key files required" exit 22 fi - stagemsg+="-OpenSSL-Encrypted-3" + stagemsg="$stagemsg-OpenSSL-Encrypted-3" if [ -z "$tcert" ]; then # no verification if [ "$WSREP_SST_OPT_ROLE" = 'joiner' ]; then @@ -278,6 +307,8 @@ get_transfer() CN_option="" if [ -n "$WSREP_SST_OPT_REMOTE_USER" ]; then CN_option=",commonname='$WSREP_SST_OPT_REMOTE_USER'" + elif is_local_ip "$WSREP_SST_OPT_HOST_UNESCAPED"; then + CN_option=',commonname=localhost' fi wsrep_log_info "Encrypting with cert=${tpem}, key=${tkey}, cafile=${tcert}" tcmd="socat -u stdio openssl-connect:$REMOTEIP:$TSST_PORT,cert='$tpem',key='$tkey',cafile='$tcert'$CN_option$sockopt" @@ -297,13 +328,13 @@ get_footprint() { pushd "$WSREP_SST_OPT_DATA" 1>/dev/null payload=$(find . -regex '.*\.ibd$\|.*\.MYI$\|.*\.MYD$\|.*ibdata1$' -type f -print0 | du --files0-from=- --block-size=1 -c | awk 'END { print $1 }') - if $MY_PRINT_DEFAULTS xtrabackup | grep -q -- "--compress";then + if $MY_PRINT_DEFAULTS xtrabackup | grep -q -- "--compress"; then # QuickLZ has around 50% compression ratio # When compression/compaction used, the progress is only an approximate. payload=$(( payload*1/2 )) fi popd 1>/dev/null - pcmd+=" -s $payload" + pcmd="$pcmd -s $payload" adjust_progress } @@ -320,9 +351,9 @@ adjust_progress() if [ -n "$progress" -a "$progress" != '1' ]; then if [ -e "$progress" ]; then - pcmd+=" 2>>'$progress'" + pcmd="$pcmd 2>>'$progress'" else - pcmd+=" 2>'$progress'" + pcmd="$pcmd 2>'$progress'" fi elif [ -z "$progress" -a -n "$rlimit" ]; then # When rlimit is non-zero @@ -331,25 +362,26 @@ adjust_progress() if [ -n "$rlimit" -a "$WSREP_SST_OPT_ROLE" = 'donor' ]; then wsrep_log_info "Rate-limiting SST to $rlimit" - pcmd+=" -L \$rlimit" + pcmd="$pcmd -L \$rlimit" fi } +encgroups='--mysqld|sst|xtrabackup' + check_server_ssl_config() { - local section="$1" - tcert=$(parse_cnf "$section" 'ssl-ca') - tpem=$(parse_cnf "$section" 'ssl-cert') - tkey=$(parse_cnf "$section" 'ssl-key') + tcert=$(parse_cnf "$encgroups" 'ssl-ca') + tpem=$(parse_cnf "$encgroups" 'ssl-cert') + tkey=$(parse_cnf "$encgroups" 'ssl-key') } read_cnf() { - sfmt=$(parse_cnf sst streamfmt "mbstream") - tfmt=$(parse_cnf sst transferfmt "socat") + sfmt=$(parse_cnf sst streamfmt 'mbstream') + tfmt=$(parse_cnf sst transferfmt 'socat') - encrypt=$(parse_cnf 'sst' 'encrypt' 0) - tmode=$(parse_cnf 'sst' 'ssl-mode' 'DISABLED' | tr [:lower:] [:upper:]) + encrypt=$(parse_cnf "$encgroups" 'encrypt' 0) + tmode=$(parse_cnf "$encgroups" 'ssl-mode' 'DISABLED' | tr [:lower:] [:upper:]) if [ $encrypt -eq 0 -o $encrypt -ge 2 ] then @@ -363,11 +395,7 @@ read_cnf() then # backward-incompatible behavior if [ -z "$tpem" -a -z "$tkey" -a -z "$tcert" ] then # no old-style SSL config in [sst] - check_server_ssl_config 'sst' - if [ -z "$tpem" -a -z "$tkey" -a -z "$tcert" ] - then # no new-stype SSL config in [sst], try server-wide SSL config - check_server_ssl_config '--mysqld' - fi + check_server_ssl_config fi if [ 0 -eq $encrypt -a -n "$tpem" -a -n "$tkey" ] then @@ -380,29 +408,21 @@ read_cnf() [ "${tmode#VERIFY}" != "$tmode" ] || tcert="" fi fi + elif [ $encrypt -eq 1 ]; then + ealgo=$(parse_cnf "$encgroups" 'encrypt-algo') + eformat=$(parse_cnf "$encgroups" 'encrypt-format' 'openssl') + ekey=$(parse_cnf "$encgroups" 'encrypt-key') + ekeyfile=$(parse_cnf "$encgroups" 'encrypt-key-file') fi - if [ $encrypt -eq 1 ]; then - # Refer to http://www.percona.com/doc/percona-xtradb-cluster/manual/xtrabackup_sst.html - ealgo=$(parse_cnf xtrabackup encrypt "") - if [ -z "$ealgo" ]; then - ealgo=$(parse_cnf sst encrypt-algo "") - ekey=$(parse_cnf sst encrypt-key "") - ekeyfile=$(parse_cnf sst encrypt-key-file "") - else - ekey=$(parse_cnf xtrabackup encrypt-key "") - ekeyfile=$(parse_cnf xtrabackup encrypt-key-file "") - fi - fi - - wsrep_log_info "SSL configuration: CA='"$tcert"', CERT='"$tpem"'," \ - "KEY='"$tkey"', MODE='"$tmode"', encrypt="$encrypt + wsrep_log_info "SSL configuration: CA='$tcert', CERT='$tpem'," \ + "KEY='$tkey', MODE='$tmode', encrypt='$encrypt'" sockopt=$(parse_cnf sst sockopt "") progress=$(parse_cnf sst progress "") ttime=$(parse_cnf sst time 0) cpat=$(parse_cnf sst cpat '.*galera\.cache$\|.*sst_in_progress$\|.*\.sst$\|.*gvwstate\.dat$\|.*grastate\.dat$\|.*\.err$\|.*\.log$\|.*RPM_UPGRADE_MARKER$\|.*RPM_UPGRADE_HISTORY$') - [[ $OS == "FreeBSD" ]] && cpat=$(parse_cnf sst cpat '.*galera\.cache$|.*sst_in_progress$|.*\.sst$|.*gvwstate\.dat$|.*grastate\.dat$|.*\.err$|.*\.log$|.*RPM_UPGRADE_MARKER$|.*RPM_UPGRADE_HISTORY$') + [ $OS = 'FreeBSD' ] && cpat=$(parse_cnf sst cpat '.*galera\.cache$|.*sst_in_progress$|.*\.sst$|.*gvwstate\.dat$|.*grastate\.dat$|.*\.err$|.*\.log$|.*RPM_UPGRADE_MARKER$|.*RPM_UPGRADE_HISTORY$') scomp=$(parse_cnf sst compressor "") sdecomp=$(parse_cnf sst decompressor "") @@ -415,26 +435,20 @@ read_cnf() stimeout=$(parse_cnf sst sst-initial-timeout 300) ssyslog=$(parse_cnf sst sst-syslog 0) ssystag=$(parse_cnf mysqld_safe syslog-tag "${SST_SYSLOG_TAG:-}") - ssystag+="-" + ssystag="$ssystag-" sstlogarchive=$(parse_cnf sst sst-log-archive 1) - sstlogarchivedir=$(parse_cnf sst sst-log-archive-dir "/tmp/sst_log_archive") + sstlogarchivedir=$(parse_cnf sst sst-log-archive-dir '/tmp/sst_log_archive') - if [[ $speciald -eq 0 ]];then + if [ $speciald -eq 0 ]; then wsrep_log_error "sst-special-dirs equal to 0 is not supported, falling back to 1" speciald=1 fi - if [[ $ssyslog -ne -1 ]];then - if $MY_PRINT_DEFAULTS mysqld_safe | grep -q -- "--syslog";then + if [ $ssyslog -ne -1 ]; then + if $MY_PRINT_DEFAULTS mysqld_safe | grep -q -- "--syslog"; then ssyslog=1 fi fi - - if [[ $encrypt -eq 1 ]]; then - wsrep_log_error "Xtrabackup-based encryption is currently not" \ - "supported with MariaBackup" - exit 2 - fi } get_stream() @@ -461,7 +475,7 @@ get_proc() { set +e nproc=$(grep -c processor /proc/cpuinfo) - [[ -z $nproc || $nproc -eq 0 ]] && nproc=1 + [ -z $nproc -o $nproc -eq 0 ] && nproc=1 set -e } @@ -477,7 +491,7 @@ cleanup_joiner() local estatus=$? if [ $estatus -ne 0 ]; then wsrep_log_error "Cleanup after exit with status:$estatus" - elif [ "${WSREP_SST_OPT_ROLE}" = 'joiner' ]; then + elif [ "$WSREP_SST_OPT_ROLE" = 'joiner' ]; then wsrep_log_info "Removing the sst_in_progress file" wsrep_cleanup_progress_file fi @@ -495,10 +509,10 @@ cleanup_joiner() # This means no setsid done in mysqld. # We don't want to kill mysqld here otherwise. - if [[ $$ -eq $pgid ]];then + if [ $$ -eq $pgid ]; then # This means a signal was delivered to the process. # So, more cleanup. - if [[ $estatus -ge 128 ]];then + if [ $estatus -ge 128 ]; then kill -KILL -$$ || true fi fi @@ -509,7 +523,7 @@ cleanup_joiner() check_pid() { local pid_file="$1" - [ -r "$pid_file" ] && ps -p $(cat "$pid_file") >/dev/null 2>&1 + [ -r "$pid_file" ] && ps -p $(cat "$pid_file") 2>&1 >/dev/null } cleanup_donor() @@ -520,11 +534,11 @@ cleanup_donor() wsrep_log_error "Cleanup after exit with status:$estatus" fi - if [ -n "$XTRABACKUP_PID" ]; then - if check_pid $XTRABACKUP_PID + if [ -n "$MARIABACKUP_PID" ]; then + if check_pid $MARIABACKUP_PID then - wsrep_log_error "xtrabackup process is still running. Killing..." - kill_xtrabackup + wsrep_log_error "mariabackup process is still running. Killing..." + kill_mariabackup fi fi @@ -550,10 +564,10 @@ cleanup_donor() # This means no setsid done in mysqld. # We don't want to kill mysqld here otherwise. - if [[ $$ -eq $pgid ]];then + if [ $$ -eq $pgid ]; then # This means a signal was delivered to the process. # So, more cleanup. - if [[ $estatus -ge 128 ]];then + if [ $estatus -ge 128 ]; then kill -KILL -$$ || true fi fi @@ -561,24 +575,57 @@ cleanup_donor() exit $estatus } -kill_xtrabackup() +kill_mariabackup() { - local PID=$(cat "$XTRABACKUP_PID") + local PID=$(cat "$MARIABACKUP_PID") [ -n "$PID" -a "0" != "$PID" ] && kill $PID && (kill $PID && kill -9 $PID) || : - wsrep_log_info "Removing xtrabackup pid file $XTRABACKUP_PID" - rm -f "$XTRABACKUP_PID" || true + wsrep_log_info "Removing mariabackup pid file ($MARIABACKUP_PID)" + rm -f "$MARIABACKUP_PID" || true } setup_ports() { SST_PORT="$WSREP_SST_OPT_PORT" - if [ "$WSREP_SST_OPT_ROLE" = "donor" ]; then - REMOTEIP="${WSREP_SST_OPT_HOST}" - lsn="${WSREP_SST_OPT_LSN}" - sst_ver="${WSREP_SST_OPT_SST_VER}" + if [ "$WSREP_SST_OPT_ROLE" = 'donor' ]; then + REMOTEIP="$WSREP_SST_OPT_HOST" + lsn="$WSREP_SST_OPT_LSN" + sst_ver="$WSREP_SST_OPT_SST_VER" fi } +check_port() +{ + local PORT="$1" + local UTILS="$2" + + local port_info is_util + + if [ $lsof_available -ne 0 ]; then + port_info=$(lsof -i ":$PORT" -Pn 2>/dev/null | \ + grep -F '(LISTEN)') + is_util=$(echo "$port_info" | \ + grep -E "^($UTILS)[^[:space:]]*[[:space:]]+[0-9]+[[:space:]]+") + elif [ $sockstat_available -ne 0 ]; then + port_info=$(sockstat -p "$PORT" 2>/dev/null | \ + grep -F 'LISTEN') + is_util=$(echo "$port_info" | \ + grep -E "[[:space:]]+($UTILS)[^[:space:]]*[[:space:]]+[0-9]+[[:space:]]+") + elif [ $ss_available -ne 0 ]; then + port_info=$(ss -H -p -n -l "( sport = :$PORT )" 2>/dev/null) + is_util=$(echo "$port_info" | \ + grep -E "users:\\(.*\\(\"($UTILS)[^[:space:]]*\".*\<pid=[0-9]+\>.*\\)") + else + wsrep_log_error "unknown sockets utility" + exit 2 # ENOENT + fi + + if [ -z "$is_util" ]; then + return 1 + fi + + return 0 +} + # waits ~10 seconds for nc to open the port and then reports ready # (regardless of timeout) wait_for_listen() @@ -586,16 +633,16 @@ wait_for_listen() local PORT="$1" local ADDR="$2" local MODULE="$3" + for i in {1..50} do - if [ "$OS" = "FreeBSD" ];then - sockstat -46lp $PORT | grep -qE "^[^ ]* *(socat|nc) *[^ ]* *[^ ]* *[^ ]* *[^ ]*:$PORT" && break - else - ss -p state listening "( sport = :$PORT )" | grep -qE 'socat|nc' && break + if check_port "$PORT" 'socat|nc' + then + break fi sleep 0.2 done - echo "ready ${ADDR}/${MODULE}//$sst_ver" + echo "ready $ADDR/$MODULE//$sst_ver" } check_extra() @@ -606,10 +653,10 @@ check_extra() if [ "$thread_handling" = 'pool-of-threads' ]; then local eport=$(parse_cnf '--mysqld' 'extra-port') if [ -n "$eport" ]; then - # Xtrabackup works only locally. - # Hence, setting host to 127.0.0.1 unconditionally. + # mariabackup works only locally, hence, + # setting host to 127.0.0.1 unconditionally: wsrep_log_info "SST through extra_port $eport" - INNOEXTRA+=" --host=127.0.0.1 --port=$eport" + INNOEXTRA="$INNOEXTRA --host=127.0.0.1 --port=$eport" use_socket=0 else wsrep_log_error "Extra port $eport null, failing" @@ -620,7 +667,7 @@ check_extra() fi fi if [ $use_socket -eq 1 -a -n "$WSREP_SST_OPT_SOCKET" ]; then - INNOEXTRA+=" --socket='$WSREP_SST_OPT_SOCKET'" + INNOEXTRA="$INNOEXTRA --socket='$WSREP_SST_OPT_SOCKET'" fi } @@ -630,7 +677,7 @@ recv_joiner() local msg="$2" local tmt=$3 local checkf=$4 - local ltcmd + local wait=$5 if [ ! -d "$dir" ]; then # This indicates that IST is in progress @@ -640,28 +687,34 @@ recv_joiner() pushd "$dir" 1>/dev/null set +e - if [ $tmt -gt 0 -a -x "$(command -v timeout)" ]; then - if timeout --help | grep -q -- '-k'; then - ltcmd="timeout -k $(( tmt+10 )) $tmt $tcmd" - else - ltcmd="timeout -s9 $tmt $tcmd" + local ltcmd="$tcmd" + if [ $tmt -gt 0 ]; then + if [ -x "$(command -v timeout)" ]; then + if timeout --help | grep -qw -- '-k'; then + ltcmd="timeout -k $(( tmt+10 )) $tmt $tcmd" + else + ltcmd="timeout -s9 $tmt $tcmd" + fi fi - timeit "$msg" "$ltcmd | $strmcmd; RC=( "\${PIPESTATUS[@]}" )" - else - timeit "$msg" "$tcmd | $strmcmd; RC=( "\${PIPESTATUS[@]}" )" fi + if [ $wait -ne 0 ]; then + wait_for_listen "$SST_PORT" "$ADDR" "$MODULE" & + fi + + timeit "$msg" "$ltcmd | $strmcmd; RC=( "\${PIPESTATUS[@]}" )" + set -e popd 1>/dev/null - if [[ ${RC[0]} -eq 124 ]];then + if [ ${RC[0]} -eq 124 ]; then wsrep_log_error "Possible timeout in receiving first data from " \ "donor in gtid stage: exit codes: ${RC[@]}" exit 32 fi - for ecode in "${RC[@]}";do - if [[ $ecode -ne 0 ]];then + for ecode in "${RC[@]}"; do + if [ $ecode -ne 0 ]; then wsrep_log_error "Error while getting data from donor node: " \ "exit codes: ${RC[@]}" exit 32 @@ -672,14 +725,14 @@ recv_joiner() if [ ! -r "$MAGIC_FILE" ]; then # this message should cause joiner to abort wsrep_log_error "receiving process ended without creating " \ - "'${MAGIC_FILE}'" + "'$MAGIC_FILE'" wsrep_log_info "Contents of datadir" - wsrep_log_info "$(ls -l ${dir}/*)" + wsrep_log_info $(ls -l "$dir/"*) exit 32 fi # check donor supplied secret - SECRET=$(grep "$SECRET_TAG " "$MAGIC_FILE" 2>/dev/null | cut -d ' ' -f 2) + SECRET=$(grep -- "$SECRET_TAG " "$MAGIC_FILE" 2>/dev/null | cut -d ' ' -f 2) if [ "$SECRET" != "$MY_SECRET" ]; then wsrep_log_error "Donor does not know my secret!" wsrep_log_info "Donor:'$SECRET', my:'$MY_SECRET'" @@ -687,7 +740,7 @@ recv_joiner() fi # remove secret from magic file - grep -v "$SECRET_TAG " "$MAGIC_FILE" > "$MAGIC_FILE.new" + grep -v -- "$SECRET_TAG " "$MAGIC_FILE" > "$MAGIC_FILE.new" mv "$MAGIC_FILE.new" "$MAGIC_FILE" fi } @@ -703,8 +756,8 @@ send_donor() set -e popd 1>/dev/null - for ecode in "${RC[@]}";do - if [[ $ecode -ne 0 ]];then + for ecode in "${RC[@]}"; do + if [ $ecode -ne 0 ]; then wsrep_log_error "Error while sending data to joiner node: " \ "exit codes: ${RC[@]}" exit 32 @@ -717,11 +770,11 @@ monitor_process() local sst_stream_pid=$1 while true ; do - if ! ps -p "${WSREP_SST_OPT_PARENT}" &>/dev/null; then + if ! ps -p "$WSREP_SST_OPT_PARENT" &>/dev/null; then wsrep_log_error "Parent mysqld process (PID:${WSREP_SST_OPT_PARENT}) terminated unexpectedly." exit 32 fi - if ! ps -p "${sst_stream_pid}" &>/dev/null; then + if ! ps -p "$sst_stream_pid" &>/dev/null; then break fi sleep 0.1 @@ -730,7 +783,7 @@ monitor_process() wsrep_check_programs "$MARIABACKUP_BIN" -rm -f "${MAGIC_FILE}" +rm -f "$MAGIC_FILE" if [ "$WSREP_SST_OPT_ROLE" != 'joiner' -a "$WSREP_SST_OPT_ROLE" != 'donor' ]; then wsrep_log_error "Invalid role ${WSREP_SST_OPT_ROLE}" @@ -740,15 +793,15 @@ fi read_cnf setup_ports -if "${MARIABACKUP_BIN}" --help 2>/dev/null | grep -q -- '--version-check'; then +if "$MARIABACKUP_BIN" --help 2>/dev/null | grep -qw -- '--version-check'; then disver='--no-version-check' fi -iopts+=" --databases-exclude='lost+found'" +iopts="$iopts --databases-exclude='lost+found'" if [ ${FORCE_FTWRL:-0} -eq 1 ]; then wsrep_log_info "Forcing FTWRL due to environment variable FORCE_FTWRL equal to $FORCE_FTWRL" - iopts+=' --no-backup-locks' + iopts="$iopts --no-backup-locks" fi # if no command line argument and INNODB_DATA_HOME_DIR environment variable @@ -769,11 +822,9 @@ fi cd "$OLD_PWD" -if [[ $ssyslog -eq 1 ]];then +if [ $ssyslog -eq 1 ]; then - if [ ! -x "$(command -v logger)" ]; then - wsrep_log_error "logger not in path: $PATH. Ignoring" - else + if [ -x "$(command -v logger)" ]; then wsrep_log_info "Logging all stderr of SST/mariabackup to syslog" exec 2> >(logger -p daemon.err -t ${ssystag}wsrep-sst-$WSREP_SST_OPT_ROLE) @@ -787,6 +838,8 @@ if [[ $ssyslog -eq 1 ]];then { logger -p daemon.info -t ${ssystag}wsrep-sst-$WSREP_SST_OPT_ROLE "$@" } + else + wsrep_log_error "logger not in path: $PATH. Ignoring" fi INNOAPPLY="2>&1 | logger -p daemon.err -t ${ssystag}innobackupex-apply" @@ -795,10 +848,9 @@ if [[ $ssyslog -eq 1 ]];then else -if [[ "$sstlogarchive" -eq 1 ]] +if [ $sstlogarchive -eq 1 ] then ARCHIVETIMESTAMP=$(date "+%Y.%m.%d-%H.%M.%S.%N") - newfile="" if [ -n "$sstlogarchivedir" ] then @@ -812,11 +864,12 @@ then then if [ -n "$sstlogarchivedir" ] then - newfile="$sstlogarchivedir/$(basename '$INNOAPPLYLOG').$ARCHIVETIMESTAMP" + newfile=$(basename "$INNOAPPLYLOG") + newfile="$sstlogarchivedir/$newfile.$ARCHIVETIMESTAMP" else newfile="$INNOAPPLYLOG.$ARCHIVETIMESTAMP" fi - wsrep_log_info "Moving ${INNOAPPLYLOG} to ${newfile}" + wsrep_log_info "Moving '$INNOAPPLYLOG' to '$newfile'" mv "$INNOAPPLYLOG" "$newfile" gzip "$newfile" fi @@ -825,11 +878,12 @@ then then if [ -n "$sstlogarchivedir" ] then - newfile="$sstlogarchivedir/$(basename '$INNOMOVELOG').$ARCHIVETIMESTAMP" + newfile=$(basename "$INNOMOVELOG") + newfile="$sstlogarchivedir/$newfile.$ARCHIVETIMESTAMP" else newfile="$INNOMOVELOG.$ARCHIVETIMESTAMP" fi - wsrep_log_info "Moving ${INNOMOVELOG} to ${newfile}" + wsrep_log_info "Moving '$INNOMOVELOG' to '$newfile'" mv "$INNOMOVELOG" "$newfile" gzip "$newfile" fi @@ -838,11 +892,12 @@ then then if [ -n "$sstlogarchivedir" ] then - newfile="$sstlogarchivedir/$(basename '$INNOBACKUPLOG').$ARCHIVETIMESTAMP" + newfile=$(basename "$INNOBACKUPLOG") + newfile="$sstlogarchivedir/$newfile.$ARCHIVETIMESTAMP" else newfile="$INNOBACKUPLOG.$ARCHIVETIMESTAMP" fi - wsrep_log_info "Moving ${INNOBACKUPLOG} to ${newfile}" + wsrep_log_info "Moving '$INNOBACKUPLOG' to '$newfile'" mv "$INNOBACKUPLOG" "$newfile" gzip "$newfile" fi @@ -868,7 +923,7 @@ setup_commands() get_stream get_transfer -if [ "$WSREP_SST_OPT_ROLE" = "donor" ] +if [ "$WSREP_SST_OPT_ROLE" = 'donor' ] then trap cleanup_donor EXIT @@ -881,18 +936,18 @@ then exit 93 fi - if [ -z "$(parse_cnf --mysqld tmpdir)" -a \ - -z "$(parse_cnf xtrabackup tmpdir)" ]; then - xtmpdir=$(mktemp -d) + tmpdir=$(parse_cnf "$encgroups" 'tmpdir') + if [ -z "$tmpdir" ]; then + xtmpdir="$(mktemp -d)" tmpopts="--tmpdir='$xtmpdir'" - wsrep_log_info "Using $xtmpdir as xtrabackup temporary directory" + wsrep_log_info "Using $xtmpdir as mariabackup temporary directory" fi - itmpdir=$(mktemp -d) + itmpdir="$(mktemp -d)" wsrep_log_info "Using $itmpdir as mariabackup temporary directory" if [ -n "$WSREP_SST_OPT_USER" ]; then - INNOEXTRA+=" --user='$WSREP_SST_OPT_USER'" + INNOEXTRA="$INNOEXTRA --user='$WSREP_SST_OPT_USER'" usrst=1 fi @@ -927,10 +982,11 @@ then tcmd="$ecmd | $tcmd" fi - send_donor "$DATA" "${stagemsg}-gtid" + send_donor "$DATA" "$stagemsg-gtid" tcmd="$ttcmd" + # Restore the transport commmand to its original state if [ -n "$progress" ]; then get_footprint tcmd="$pcmd | $tcmd" @@ -944,26 +1000,32 @@ then wsrep_log_info "Streaming the backup to joiner at ${REMOTEIP}:${SST_PORT}" + # Add compression to the head of the stream (if specified) if [ -n "$scomp" ]; then tcmd="$scomp | $tcmd" fi + # Add encryption to the head of the stream (if specified) + if [ $encrypt -eq 1 ]; then + tcmd="$ecmd | $tcmd" + fi + setup_commands set +e - timeit "${stagemsg}-SST" "$INNOBACKUP | $tcmd; RC=( "\${PIPESTATUS[@]}" )" + timeit "$stagemsg-SST" "$INNOBACKUP | $tcmd; RC=( "\${PIPESTATUS[@]}" )" set -e if [ ${RC[0]} -ne 0 ]; then wsrep_log_error "${MARIABACKUP_BIN} finished with error: ${RC[0]}. " \ "Check syslog or ${INNOBACKUPLOG} for details" exit 22 - elif [[ ${RC[$(( ${#RC[@]}-1 ))]} -eq 1 ]]; then + elif [ ${RC[$(( ${#RC[@]}-1 ))]} -eq 1 ]; then wsrep_log_error "$tcmd finished with error: ${RC[1]}" exit 22 fi # mariabackup implicitly writes PID to fixed location in $xtmpdir - XTRABACKUP_PID="$xtmpdir/xtrabackup_pid" + MARIABACKUP_PID="$xtmpdir/xtrabackup_pid" else # BYPASS FOR IST @@ -984,19 +1046,19 @@ then tcmd="$ecmd | $tcmd" fi - strmcmd+=" '$IST_FILE'" + strmcmd="$strmcmd '$IST_FILE'" - send_donor "$DATA" "${stagemsg}-IST" + send_donor "$DATA" "$stagemsg-IST" fi - echo "done ${WSREP_SST_OPT_GTID}" + echo "done $WSREP_SST_OPT_GTID" wsrep_log_info "Total time on donor: $totime seconds" -elif [ "${WSREP_SST_OPT_ROLE}" = "joiner" ] +elif [ "$WSREP_SST_OPT_ROLE" = 'joiner' ] then - [[ -e "$SST_PROGRESS_FILE" ]] && wsrep_log_info "Stale sst_in_progress file: $SST_PROGRESS_FILE" - [[ -n "$SST_PROGRESS_FILE" ]] && touch "$SST_PROGRESS_FILE" + [ -e "$SST_PROGRESS_FILE" ] && wsrep_log_info "Stale sst_in_progress file: $SST_PROGRESS_FILE" + [ -n "$SST_PROGRESS_FILE" ] && touch "$SST_PROGRESS_FILE" ib_home_dir="$INNODB_DATA_HOME_DIR" @@ -1015,7 +1077,7 @@ then ib_undo_dir="$INNODB_UNDO_DIR" - stagemsg="Joiner-Recv" + stagemsg='Joiner-Recv' sencrypted=1 nthreads=1 @@ -1041,42 +1103,41 @@ then exit 42 fi CN=$("$OPENSSL_BINARY" x509 -noout -subject -in "$tpem" | \ - tr "," "\n" | grep "CN =" | cut -d= -f2 | sed s/^\ // | \ + tr "," "\n" | grep -F 'CN =' | cut -d= -f2 | sed s/^\ // | \ sed s/\ %//) fi - MY_SECRET=$(wsrep_gen_secret) + MY_SECRET="$(wsrep_gen_secret)" # Add authentication data to address ADDR="$CN:$MY_SECRET@$ADDR" else MY_SECRET="" # for check down in recv_joiner() fi - wait_for_listen "$SST_PORT" "$ADDR" "$MODULE" & - trap sig_joiner_cleanup HUP PIPE INT TERM trap cleanup_joiner EXIT if [ -n "$progress" ]; then adjust_progress - tcmd+=" | $pcmd" + tcmd="$tcmd | $pcmd" fi get_keys if [ $encrypt -eq 1 -a $sencrypted -eq 1 ]; then - if [ -n "$sdecomp" ]; then - strmcmd="$sdecomp | $ecmd | $strmcmd" - else - strmcmd="$ecmd | $strmcmd" - fi - elif [ -n "$sdecomp" ]; then - strmcmd="$sdecomp | $strmcmd" + strmcmd="$ecmd | $strmcmd" + fi + + if [ -n "$sdecomp" ]; then + strmcmd="$sdecomp | $strmcmd" fi - STATDIR=$(mktemp -d) + check_sockets_utils + + STATDIR="$(mktemp -d)" MAGIC_FILE="$STATDIR/$INFO_FILE" - recv_joiner "$STATDIR" "${stagemsg}-gtid" $stimeout 1 - if ! ps -p ${WSREP_SST_OPT_PARENT} &>/dev/null + recv_joiner "$STATDIR" "$stagemsg-gtid" $stimeout 1 1 + + if ! ps -p "$WSREP_SST_OPT_PARENT" &>/dev/null then wsrep_log_error "Parent mysqld process (PID:${WSREP_SST_OPT_PARENT}) terminated unexpectedly." exit 32 @@ -1090,12 +1151,12 @@ then rm -rf "$DATA/.sst" fi mkdir -p "$DATA/.sst" - (recv_joiner "$DATA/.sst" "${stagemsg}-SST" 0 0) & + (recv_joiner "$DATA/.sst" "$stagemsg-SST" 0 0 0) & jpid=$! wsrep_log_info "Proceeding with SST" wsrep_log_info "Cleaning the existing datadir and innodb-data/log directories" - if [ "${OS}" = "FreeBSD" ]; then + if [ "$OS" = 'FreeBSD' ]; then find -E ${ib_home_dir:+"$ib_home_dir"} \ ${ib_undo_dir:+"$ib_undo_dir"} \ ${ib_log_dir:+"$ib_log_dir"} \ @@ -1128,13 +1189,13 @@ then get_proc - if [[ ! -s "$DATA/xtrabackup_checkpoints" ]];then + if [ ! -s "$DATA/xtrabackup_checkpoints" ]; then wsrep_log_error "xtrabackup_checkpoints missing, failed mariabackup/SST on donor" exit 2 fi # Compact backups are not supported by mariabackup - if grep -q 'compact = 1' "$DATA/xtrabackup_checkpoints"; then + if grep -q -F 'compact = 1' "$DATA/xtrabackup_checkpoints"; then wsrep_log_info "Index compaction detected" wsrel_log_error "Compact backups are not supported by mariabackup" exit 2 @@ -1149,13 +1210,12 @@ then exit 22 fi - if [[ -n "$progress" ]] && pv --help | grep -q 'line-mode';then + if [ -n "$progress" ] && pv --help | grep -qw -- '--line-mode'; then count=$(find "$DATA" -type f -name '*.qp' | wc -l) count=$(( count*2 )) - if pv --help | grep -q FORMAT;then - pvopts="-f -s $count -l -N Decompression -F '%N => Rate:%r Elapsed:%t %e Progress: [%b/$count]'" - else - pvopts="-f -s $count -l -N Decompression" + pvopts="-f -s $count -l -N Decompression" + if pv --help | grep -qw -- '-F'; then + pvopts="$pvopts -F '%N => Rate:%r Elapsed:%t %e Progress: [%b/$count]'" fi pcmd="pv $pvopts" adjust_progress @@ -1169,10 +1229,10 @@ then timeit "Joiner-Decompression" "find '$DATA' -type f -name '*.qp' -printf '%p\n%h\n' | $dcmd" extcode=$? - if [[ $extcode -eq 0 ]];then + if [ $extcode -eq 0 ]; then wsrep_log_info "Removing qpress files after decompression" find "$DATA" -type f -name '*.qp' -delete - if [[ $? -ne 0 ]];then + if [ $? -ne 0 ]; then wsrep_log_error "Something went wrong with deletion of qpress files. Investigate" fi else @@ -1199,7 +1259,7 @@ then wsrep_log_info "Preparing the backup at ${DATA}" setup_commands - timeit "Xtrabackup prepare stage" "$INNOAPPLY" + timeit "mariabackup prepare stage" "$INNOAPPLY" if [ $? -ne 0 ]; then wsrep_log_error "${MARIABACKUP_BIN} apply finished with errors. Check syslog or ${INNOAPPLYLOG} for details" @@ -1208,8 +1268,8 @@ then MAGIC_FILE="$TDATA/$INFO_FILE" wsrep_log_info "Moving the backup to ${TDATA}" - timeit "Xtrabackup move stage" "$INNOMOVE" - if [[ $? -eq 0 ]];then + timeit "mariabackup move stage" "$INNOMOVE" + if [ $? -eq 0 ]; then wsrep_log_info "Move successful, removing ${DATA}" rm -rf "$DATA" DATA="$TDATA" @@ -1229,7 +1289,9 @@ then wsrep_log_error "SST magic file ${MAGIC_FILE} not found/readable" exit 2 fi - wsrep_log_info "Galera co-ords from recovery: $(cat '${MAGIC_FILE}')" + + coords=$(cat "$MAGIC_FILE") + wsrep_log_info "Galera co-ords from recovery: $coords" cat "$MAGIC_FILE" # Output : UUID:seqno wsrep_gtid_domain_id wsrep_log_info "Total time on joiner: $totime seconds" |