Skip to main content

MariaDB Galera Cluster @OracleLinux9.5 using ClusterControl install-cc script with limited Internet connection (via repository proxy aka satellite server).

Download Oracle Linux distro and connect it to Repository Server, as described here.:

  • (2025-02-12 -- ClusterControl is only compatible with x86_64 systems)

Install OS in minimal mode, !without GUI.

https://yum.oracle.com/oracle-linux-isos.html
For example, OracleLinux-R9-U5-x86_64-dvd.iso

HLD (High-Level Design)

(one VM is connected to Internet)
lt58ncp1sat1 - Repository satellite 

(others are NOT connected to Internet):
lt58ncp1dbm1 - Monitoring, ClusterControl

lt58ncp1dbn1 - Node 1, MariaDB Galera Cluster
lt58ncp1dbn2 - Node 2, MariaDB Galera Cluster
lt58ncp1dbn3 - Node 3, MariaDB Galera Cluster

Preparations:

  • ensure NO cockpit service running, it occupies port 9090, same as Prometheus uses. Or, if required, change its listening port.
systemctl status cockpit
systemctl stop cockpit
dnf remove cockpit*

Install utlis

dnf install \
    tmux \
    wget

Firewall with firewalld on ClusterControl

systemctl enable firewalld
systemctl start  firewalld
systemctl status firewalld
firewall-cmd --add-service=http       --permanent
firewall-cmd --add-service=https      --permanent
firewall-cmd --add-service=prometheus --permanent
firewall-cmd --add-port=9500/tcp      --permanent  # for licence activation
firewall-cmd --reload
firewall-cmd --list-all

Temporary disable SElinux for installation, it will be enabled later

sed -i 's|SELINUX=enforcing|SELINUX=disabled|g' /etc/selinux/config
setenforce 0
getenforce

Configuring repositories

Add repositories to all VMs which point to repository satellite. Configure DNS for the host locally, if needed.

ping lt58ncp1sat1
vi /etc/hosts

192.168.56.109  lt58ncp1sat1

ping lt58ncp1sat1
curl http://lt58ncp1sat1/hello
rm /etc/yum.repos.d/*
vi /etc/yum.repos.d/lt58ncp1sat1.repo

Refer to config file on another page.

Check, update and reboot.

dnf repolist
dnf update
shutdown -r now

Login

tmux
sudo su

On the day of writing, there is transition period in caused by renamed commands in the scritps (mysql and mariadb). To rsolve it, additional tricks needed to make the script work (and keep installations script integrity).

ln -s /usr/bin/mariadb            /usr/bin/mysql
ln -s /usr/sbin/mariadbd          /usr/bin/mysqld
ln -s /usr/bin/mariadb-admin      /usr/bin/mysqladmin
ln -s /usr/bin/mariadb-install-db /usr/bin/mysql_install_db

Offline installation

Download and transfer installation script to the destination machine.

wget http://www.severalnines.com/downloads/cmon/install-cc
chmod +x ./install-cc 
OFFLINE=true ./install-cc

Note down password in KeepAss, as usual.

Send telemetry [N]
MariDB root pass?
MariDB cmon pass?
Open your web browser to https://192.168.56.107 and create a default Admin User.

Check that firewall is stopped or rules a specified for activation. Enable after activation:

firewall-cmd --add-port=9500/tcp
firewall-cmd --add-port=9501/tcp
firewall-cmd --add-port=9510/tcp
firewall-cmd --reload
firewall-cmd --list-all
systemctl stop firewalld
systemctl status firewalld

Check from CLI that API is accessible

curl http://127.0.0.1:9500

<!DOCTYPE html>
<html lang="en">
    <head>

Open in the browser

firefox https://192.168.56.107

Create admin user, note down pass in password manager.

Choose 'Community', unless license owned.

There os a trial license activated

Before cluster will be created, nodes need to be prepared. Stop here.

Prepare databse storage

export host="$(hostname)"
mkdir -p /mnt/${host}-data/data/mariadb/clusters/ncp/
# ? TODO: permissions
# ? TODO: selinux context

Post-installation is necessary to give permissions to ClusterControl to login into nodes to peform actions (deploy the cluster). Root user as per documentation, but any other user with enough privileges can do.

sudo su
cd
ssh-keygen -t ed25519
ssh 0
ls -la .ssh
cat .ssh/known_hosts

Copy public key to the nodes and itself (replace hostnames)

ssh-copy-id root@lt58ncp1dbm1
ssh-copy-id root@lt58ncp1dbn1
ssh-copy-id root@lt58ncp1dbn2
ssh-copy-id root@lt58ncp1dbn3

Deploy new cluster from ClusterControl dashboard

Give cluster a name

Provide SSH credentials, disable 'Install software', as script will enable repositories on remote hosts to fetch packages from Internet. Disable SELinux/AppArmor for installation time. It will be enabled later in security hardening.

Provide node configuration details. Ensure, that database storage location is specified correctly.

Add nodes, all should be green

Review config and [Finish]

Cluster creation status can be followed from Acitivty Center

Cluster is deployed successfully

Node configuration

Perform repositories addition as for cluster node in the beginning.

sudo su

Firewall with firewalld on the cluster nodes

systemctl enable firewalld
systemctl start  firewalld
systemctl status firewalld
firewall-cmd --add-service=mysql --permanent
firewall-cmd --reload

Manually install MariaDB server to the node and let ClusterControl configure it. Otherwise, ClusterControl will automatically add repositories to nodes (that we want to avoid and use only specified ones).

dnf install \
    MariaDB-server \
    MariaDB-client \
    MariaDB-common \
    MariaDB-backup \
    galera-4

systemctl enable mariadb
systemctl start mariadb
systemctl status mariadb

ref.

https://docs.severalnines.com/docs/clustercontrol/installation/offline-installation/

In case needed, to remove MariaDB:

dnf remove maria*
rm -rf /var/lib/mysql/
Back to top