The following article shows what are the minimal privileges required for monitoring only. The follow functionality WILL NOT WORK with the minimal privileges:
- add node (granting is needed)
- create users from UI
- setup replication slave
Replace ADDRESS_OF_THE_CONTROLLER,CMON_PASSWORD, and ADDRESS_OF_THE_DATA_NODE.
mysql -ucmon -p -h<ADDRESS_OF_THE_DATA_NODE>
DELETE FROM mysql.user WHERE user='cmon' AND host='ADDRESS OF CONTROLLER';
FLUSH PRIVILEGES;
GRANT SUPER, SHOW DATABASES, REPLICATION CLIENT, PROCESS, SELECT, RELOAD ON *.* TO 'cmon'@'ADDRESS_OF_THE_CONTROLLER' IDENTIFIED BY 'CMON_PASSWORD';
#Restart cmon
service cmon restart
Comments
4 comments
Thanks for Sharing a wonderful content. It was very interesting. post regular updates.
Yeah, i think the same
_____________________
moto x3m
For MySQL-based clusters like Galera, Replication, and NDB/MySQL Cluster, minimal GRANTs should include privileges for replication, such as REPLICATION SLAVE and REPLICATION CLIENT. Additionally, grant permissions for cluster-specific operations, like NODE GROUP management in Galera or management of NDB Cluster data nodes. Ensure to limit privileges to necessary actions for security and efficient cluster operation. Click Here For More Details
When configuring minimal GRANTs for MySQL-based clusters such as Galera, Replication, or NDB/MySQL Cluster, several issues can arise:
Replication Breakage: Insufficient privileges can prevent proper replication between master and slave servers, leading to synchronization issues and data inconsistencies.
Cluster Maintenance: Limited GRANTs can restrict necessary maintenance operations such as backups, restores, and schema changes, complicating routine administrative tasks.
Node Communication: For clusters like Galera, inadequate permissions can hinder communication and synchronization between nodes, causing cluster instability and potential data loss.
Monitoring and Diagnostics: Minimal GRANTs may prevent access to vital performance metrics and diagnostic information roofing company Bloomington, impeding the ability to troubleshoot and optimize the cluster effectively.
Please sign in to leave a comment.