maria-discuss team mailing list archive
Mailing list archive
MaxScale behaviour differs for TLs and non-TLS clients
I'm (still) testing MaxScale, set up to connect only to the master node, on
Ubuntu 16.04 fronting a Galera cluster. The cluster comprises of 2 MariaDB
10.1 instances on different servers, with a Galera Arbitrator instance
running on the MaxScale server. I'm testing this using the MariaDB client
(mysql) from a fourth machine.
My test scenario is to see what the client experiences if I stop and
restart a MariaDB node part-way through a transaction. I start with the
"slave" node, to give me a baseline for comparison, before doing it with
the master node. However, the baseline case gives me different results,
depending on whether the MySQL client is connecting via TLS or not.
If I connect to MaxScale via TLS, the connection disappears when the
"slave" node comes back (but not when it goes down). Watching it via a
network packet trace, I can see that, just after the slave comes back up,
MaxScale sends the client an encrypted packet to the mysql client, then
sends a MySQL Quit command to the master node before disconnecting. The
syslog contains the line "[galeramon] There are no cluster members".
If I connect to MaxScale without TLS, the connection remains stable
regardless of the number of times the slave node goes down and up, and the
"galeramon" line doesn't appear in the syslog. (I discovered this when I
disabled the TLS in order to see what the encrypted packet being sent to
the client was...I still don't know what it is!)
Has anyone else come across this behaviour?
MaxScale is configured as follows (the commented-out configuration is
uncommented when connecting via TLS):