To use SSL for encrypting the transfer of the binary log required during replication, both the master and the slave must support SSL network connections. If either host does not support SSL connections (because it has not been compiled or configured for SSL), replication through an SSL connection is not possible.
Setting up replication using an SSL connection is similar to setting up a server and client using SSL. You must obtain (or create) a suitable security certificate that you can use on the master, and a similar certificate (from the same certificate authority) on each slave.
For more information on setting up a server and client for SSL connectivity refer this link
Please follow the steps mentioned here:
http://dev.mysql.com/doc/refman/5.1/en/replication-solutions-ssl.html
I was searching in bugs.mysql.com related to MySQL 5.5 but there is nothing reported w.r.t "replication with SSL" for v5.5.
You can mention exact error message here for analysis.
Step 01
On ServerB, run the following commands
STOP SLAVE;
SET GLOBAL innodb_max_dirty_pages_pct = 0;
FLUSH TABLES;
Step 02
On ServerC, run SHOW SLAVE STATUS\G
Repeat running SHOW SLAVE STATUS\G
until Seconds_Behind_Master
is 0
Then, run SET GLOBAL innodb_max_dirty_pages_pct = 0;
Step 03
On ServerB, run SHOW SLAVE STATUS\G
For the sake of example, let say SHOW SLAVE STATUS\G
looks like this:
mysql> show slave status\G
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_Host: 10.64.68.253
Master_User: replusername
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.003202
Read_Master_Log_Pos: 577991837
Relay_Log_File: relay-bin.010449
Relay_Log_Pos: 306229695
Relay_Master_Log_File: mysql-bin.003202
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
Replicate_Do_DB:
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
Last_Errno: 0
Last_Error:
Skip_Counter: 0
Exec_Master_Log_Pos: 577991837
Relay_Log_Space: 306229695
Until_Condition: None
Until_Log_File:
Until_Log_Pos: 0
Master_SSL_Allowed: No
Master_SSL_CA_File:
Master_SSL_CA_Path:
Master_SSL_Cert:
Master_SSL_Cipher:
Master_SSL_Key:
Seconds_Behind_Master: 0
Please note the following:
Master_Host
(10.64.68.253
)
Master_User
(replusername
)
Relay_Master_Log_File
(mysql-bin.003202
)
Exec_Master_Log_Pos
(577991837
)
Step 04
On ServerC, run the following:
STOP SLAVE;
SET GLOBAL innodb_max_dirty_pages = 0;
FLUSH TABLES;
CHANGE MASTER TO
MASTER_HOST='10.64.68.253',
MASTER_PORT=3306,
MASTER_USER='replusername',
MASTER_PASSWORD='replpassword',
MASTER_LOG_FILE='mysql-bin.003202',
MASTER_LOG_POS=577991837;
START SLAVE;
Step 05
On ServerC, run SHOW SLAVE STATUS\G
If Seconds_Behind_Master
is a Number, CONGRATULATIONS !!!
Step 06
On ServerB, run SET GLOBAL innodb_max_dirty_pages_pct = 90
;
On ServerC, run SET GLOBAL innodb_max_dirty_pages_pct = 90
;
Give it a Try !!!
CAVEAT
If the majority of your data is MyISAM, ignore all commands that change innodb_max_dirty_pages_pct
.
Best Answer
This is completely possible. The only type of import you can use with RDS is a logical restore, so
mysqldump
. You will want to use the --dump-slave=2 option :This will add the
CHANGE MASTER
statement as a SQL comment to the dump.sql file. Take the binary log file and log position from that statement and set the RDS up accordingly:[src]
I would caution you that your replication events are going to be sent as plain text, since ssl_encryption is not implemented for RDS MySQL. If your existing master is not in AWS, to be secure you would need to have your RDS instance in a VPC and set up to communicate with a VPN in your existing infrastructure. Read more about this in the docs: https://aws.amazon.com/vpc/