Should MySQL Replication Slave Be Set to Read Only?

MySQLmysql-5.5perconareplication

I've got replication running on Percona Server 5.5 by following this guide and wondered if I should add read-only=1 to my slave's my.cnf to make it read only?

The guide sets up replication for the mysql table so users are replicated but I am primarily using the slave to take mysqldumps, an in an emergency reconfiguring it to be master, so I don't believe we need (or should have) write enabled on it constantly?

Best Answer

When a Slave is read-only, it is not 100% shielded from the world.

According to MySQL Documentation on read-only

This variable is off by default. When it is enabled, the server permits no updates except from users that have the SUPER privilege or (on a slave server) from updates performed by slave threads. In replication setups, it can be useful to enable read_only on slave servers to ensure that slaves accept updates only from the master server and not from clients.

Thus, anyone with SUPER privilege can read and write at will to such a Slave...

Make sure all non-privileged users do not have the SUPER Privilege.

If you want to revoke all SUPER privileges in one shot, please run this on Master and Slave:

UPDATE mysql.user SET super_priv='N' WHERE user<>'root';
FLUSH PRIVILEGES;

With reference to the Slave, this will reserve SUPER privilege to just root and prevent non-privileged from doing writes they would otherwise be restricted from.

UPDATE 2015-08-28 17:39 EDT

I just learned recently that MySQL 5.7 will introduce super_read_only.

This will stop SUPER users in their tracks because the 5.7 Docs say

If the read_only system variable is enabled, the server permits client updates only from users who have the SUPER privilege. If the super_read_only system variable is also enabled, the server prohibits client updates even from users who have SUPER. See the description of the read_only system variable for a description of read-only mode and information about how read_only and super_read_only interact.

Changes to super_read_only on a master server are not replicated to slave servers. The value can be set on a slave server independent of the setting on the master.

super_read_only was added in MySQL 5.7.8.

Related Solutions

Thesql replication for certain dababases

I would avoid the replicate-do-db option due to the restriction on cross-database replication and users not fully qualifying a database name or not specifying "use dbname;" (it will execute on master but not replicate to slave).

Use this option instead (put it in my.cnf):

replicate-wild-do-table=dbname1.%

replicate-wild-do-table=dbname2.%

Or you can specify the tables, replace % with table name, one on each line. http://dev.mysql.com/doc/refman/5.0/en/replication-options-slave.html#option_mysqld_replicate-wild-do-table

This link should help get you started: http://dev.mysql.com/doc/refman/5.0/en/replication-solutions-partitioning.html

Mysql – Using non-replicated read/write databases on a MySQL slave server

You can safely write to a schema on the slave if that schema does not exist on the master or if you correctly use replication filters to prevent its replication to the slave.

"Correctly" is the important word in that sentence. Refer to this page:

https://dev.mysql.com/doc/refman/5.7/en/replication-options-slave.html

Check the --replicate-do-db and other filter settings, and note that the behavior changes based on whether binlog events are formatted as rows or as statements. When statement-based replication is being used, replication filters only apply to the database in use as the current database. When row-based replication is used, the filters are applied regardless of current database.

Be sure you get this right, otherwise, you could have a situation like this:

replicate-ignore-db=monkey
binlog_format=STATEMENT

Then you do this:

USE zebra;
TRUNCATE monkey.tablex;

Guess what? tablex just got truncated on both master and slave. However, if you had this instead:

replicate-ignore-db=monkey
binlog_format=ROW

and did the same TRUNCATE on the master, monkey.tablex would not be truncated on the slave.

Note that this all applies according the binlog_format in use at the time the event is logged, and since binlog_format can be changed on a per-session basis, you can get some surprises unless you know exactly what's going on.

Having said all that, if the schema you're writing to does not even exist on the master, then you have nothing to worry about, other than the fact that you can't have read_only or super_read_only set on the slave if you plan on writing to it, so you can't count on it preventing write activity.

Best Answer

UPDATE 2015-08-28 17:39 EDT

Related Solutions

Thesql replication for certain dababases

Mysql – Using non-replicated read/write databases on a MySQL slave server

Related Question