The following is an incomplete list of configuration parameters. "Complete" is always behind the latest code; you may also want to look at config.go
Debug
(bool), set debug mode (similar to --debug option)ListenAddress
(string), host & port to listen on (default":3000"
). You can limit connections to local machine via"127.0.0.1:3000"
MySQLTopologyUser
(string), credentials for replication topology servers (masters & replicas)MySQLTopologyPassword
(string), credentials for replication topology servers (masters & replicas)MySQLTopologyCredentialsConfigFile
(string), as an alternative to providingMySQLTopologyUser
,MySQLTopologyPassword
, name of file inmy.cnf
-like format where credentials are stored.MySQLOrchestratorHost
(string), hostname for backend MySQL serverMySQLOrchestratorPort
(uint), port for backend MySQL serverMySQLOrchestratorDatabase
(string), name of backend MySQL server schemaMySQLOrchestratorUser
(string), credentials for backend MySQL serverMySQLOrchestratorPassword
(string), credentials for backend MySQL serverMySQLOrchestratorCredentialsConfigFile
(string), as an alternative to providingMySQLOrchestratorUser
,MySQLOrchestratorPassword
, name of file inmy.cnf
-like format where credentials are stored.MySQLConnectTimeoutSeconds
(int), Number of seconds before connection is aborted (driver-side)MySQLReadTimeoutSeconds
(int), Number of seconds to wait for a response from the MySQL server before connection is aborted (driver-side)MySQLHostnameResolveMethod
(string), Method to resolve how to reach the MySQL instance. This is more powerful thanHostnameResolveMethod
and is ideal for complex setups like multiple instances on a host with a VIP per instance. Defaults tonone
but can be set to@@report_host
DefaultInstancePort
(int), In case port was not specified on command line (default value for this default is3306
)SkipOrchestratorDatabaseUpdate
(bool), When false, orchestrator will attempt to create & update all tables in backend database; when true, this is skipped. It makes sense to skip on command-line invocations and to enable for http or occasional invocations, or just after upgradesReplicaLagQuery
(string), custom query to check on replica lg (e.g. heartbeat table). If unprovided, replica'sSeconds_Behind_Master
is used.DiscoverByShowSlaveHosts
(bool), AttemptSHOW SLAVE HOSTS
beforeSHOW PROCESSLIST
InstancePollSeconds
(uint), Number of seconds between instance readsUnseenInstanceForgetHours
(uint), Number of hours after which an unseen instance is forgottenDiscoveryQueueMaxStatisticsSize
(int), Maximum number of secondly discovery queue statistic entries to keepInstanceBulkOperationsWaitTimeoutSeconds
(uint), Time to wait on a single instance when doing bulk (many instances) operationHostnameResolveMethod
(string), Type of hostname resolve method (either"none"
or"cname"
)ExpiryHostnameResolvesMinutes
(int), Number of minute after which a hostname resolve expires (hostname resolve are cached for up to this number of minutes)RejectHostnameResolvePattern
(string), Regexp pattern for resolved hostname that will not be accepted (not cached, not written to db). This is done to avoid storing wrong resolves due to network glitches.ReasonableReplicationLagSeconds
(int), Above this value is considered a problemVerifyReplicationFilters
(bool), Include replication filters check before approving topology refactoring (e.g.orchestrator
will not allow placing a non-filteres replica under a filtered one)ReasonableMaintenanceReplicationLagSeconds
(int), Above this value move-up and move-below are blockedAuditLogFile
(string), Name of log file for audit operations. Disabled when empty.RemoveTextFromHostnameDisplay
(string), Text to strip off the hostname on cluster/clusters pages. Save pixels (e.g.mycompany.com
)ReadOnly
(bool) When"true"
, no write operations (e.g. stopping a replica, repointing replicas, discovering) are allowedAuthenticationMethod
(string), type of authentication. Either empty (no authentication, default),"basic"
,"multi"
or"proxy"
. See Security section.AuthUserHeader
(string), name of HTTP header which contains authenticated user whenAuthenticationMethod
is"proxy"
PowerAuthUsers
(string list), users considered as power users (allowed to manipulate the topology); applies on"proxy"
AuthenticationMethod
.HTTPAuthUser
(string), Username for HTTP Basic authentication (blank disables authentication)HTTPAuthPassword
(string), Password for HTTP Basic authenticationClusterNameToAlias
(string-to-string map), Map between regex matching cluster name to a human friendly alias. The human friendly alias is then presented on theClusters
menu and in theClusters Dashboard
page.DetectClusterAliasQuery
(string), Optional query (executed on topology instance) that returns the alias of a cluster. Query will only be executed on cluster master (though until the topology's master is resovled it may execute on other/all replicas). If provided, must return one row, one column. This overridesClusterNameToAlias
.DataCenterPattern
(string), Regexp pattern with one group, extracting the datacenter name from the hostnamePhysicalEnvironmentPattern
(string), Regexp pattern with one group, extracting physical environment info from hostname (e.g. combination of datacenter & prod/dev env)DenyAutoPromotionHostnamePattern
(string), Orchestrator will not auto-promote hosts with name matching patterb (via -c recovery; for example, avoid promoting dev-dedicated machines)ServeAgentsHttp
(bool), should orchestrator accept agent registrations and serve agent-related requests (see Agents)AgentsUseSSL
(bool), Whentrue
orchestrator will listen on agents port with SSL as well as connect to agents via SSL (see SSL and TLS)AgentsUseMutualTLS
(bool), Whentrue
Use mutual TLS for the server to agent communicationAgentSSLSkipVerify
(bool), When using SSL for the Agent, should we ignore SSL certification errorAgentSSLPrivateKeyFile
(string), Name of Agent SSL private key file, applies only whenAgentsUseSSL
=true
AgentSSLCertFile
(string), Name of Agent SSL certification file, applies only whenAgentsUseSSL
=true
AgentSSLCAFile
(string), Name of the Agent Certificate Authority file, applies only whenAgentsUseSSL
=true
AgentSSLValidOUs
([]string), Valid organizational units when using mutual TLS to communicate with the agentsUseSSL
(bool), Use SSL on the server web port (see SSL and TLS)UseMutualTLS
(bool), Whentrue
Use mutual TLS for the server's web and API connectionsSSLSkipVerify
(bool), When using SSL, should we ignore SSL certification errorSSLPrivateKeyFile
(string), Name of SSL private key file, applies only whenUseSSL
=true
SSLCertFile
(string), Name of SSL certification file, applies only whenUseSSL
=true
SSLCAFile
(string), Name of the Certificate Authority file, applies only whenUseSSL
=true
SSLValidOUs
([]string), Valid organizational units when using mutual TLSStatusEndpoint
(string), Override the status endpoint. Defaults to/api/status
StatusSimpleHealth
(bool), If true, calling the status endpoint will use the simplified health checkStatusOUVerify
(bool), If true, try to verify OUs when Mutual TLS is on. Defaults to falseAgentPollMinutes
(uint), interval at which orchestrator contacts agents for brief status updateUnseenAgentForgetHours
(uint), time without contact after which an agent is forgottenStaleSeedFailMinutes
(uint), time after which a seed with no state update is considered to be failedPseudoGTIDPattern
(string), Pattern to look for in binary logs that makes for a unique entry (pseudo GTID). When empty, Pseudo-GTID based refactoring is disabled.PseudoGTIDMonotonicHint
(string), Optional, subtring in Pseudo-GTID entry which indicates Pseudo-GTID entries are expected to be monotonically increasingDetectPseudoGTIDQuery
(string), Optional query which is used to authoritatively decide whether pseudo gtid is enabled on instanceBinlogEventsChunkSize
(int), Chunk size (X) forSHOW BINLOG|RELAYLOG EVENTS LIMIT ?,X
statements. Smaller means less locking and more work to be done. Recommendation: keep10000
or below, due to locking issues.RecoveryPeriodBlockSeconds
(int), The time for which an instance's recovery is kept "active", so as to avoid concurrent recoveries on smae instance as well as flappingRecoveryIgnoreHostnameFilters
([]string), Recovery analysis will completely ignore hosts matching given patternsRecoverMasterClusterFilters
([]string), Only do master recovery on clusters matching these regexp patterns (of course the.*
pattern matches everything)RecoverIntermediateMasterClusterFilters
([]string), Only do intermediate-master recovery on clusters matching these regexp patterns (of course the.*
pattern matches everything)
See sample config file in master branch.
Most of the above configuration variables have good defaults, or may otherwise not be applicable to all use cases. Here's a friendly breakdown of the stuff you have to have and may want to have.
"MySQLTopologyUser": "orchestrator",
"MySQLTopologyPassword": "orch_topology_password",
or, alternatively, use:
"MySQLTopologyCredentialsConfigFile": "/path/to/.my-orchestrator.cnf",
/path/to/.my-orchestrator.cnf
format expected to be:
[client]
user=orchestrator
password=orch_topology_password
Also, must-have credentials for backend database:
"MySQLOrchestratorHost": "backend.orchestrator.db.mycompany.com",
"MySQLOrchestratorPort": 3306,
"MySQLOrchestratorDatabase": "orchestrator",
"MySQLOrchestratorUser": "orchestrator_server",
"MySQLOrchestratorPassword": "thepassword",
or, for user & password, use:
"MySQLOrchestratorCredentialsConfigFile": "/path/to/.my-orchestrator-srv.cnf",
See security section.
Use a heartbeat mechanism (as with pt-heartbeat), and configure:
"ReplicationLagQuery": "select replication_lag_seconds from heartbeat_table",
If you have multiple instances on same host, you must configure your MySQL servers with report_host
and report_port
and add:
"DiscoverByShowSlaveHosts": true,
Audit operations to log file in addition to backend database table:
"AuditLogFile": "/var/log/orchestrator-audit.log",
If your hostnames follow a strict convention, and you are able to detect data center from FQDN, or you are able to detect enviroment settings (prod? dev?) from FQDN, use (and modify):
"DataCenterPattern": "[.]([^.]+)[.][^.]+[.]mycompany[.]com",
"PhysicalEnvironmentPattern": "[.][^.]+[.]([^.]+)[.]mycompany[.]com",
orchestrator
recognizes a cluster by its master's hostname & port. However you may also assign an alias to a cluster. This makes a couple CLI commadns simpler and some web pages nicer. If the alias can be queried via SQL, configure (and modify):
"DetectClusterAliasQuery": "SELECT SUBSTRING_INDEX(@@hostname, '-', 1)",
Most your servers' FQDN are likely to end with .mycomany.com:3306
. This wastes a lot of pixels on web pages. You may omit these via:
"RemoveTextFromHostnameDisplay": ".mycompany.com:3306",
Well, I'm suggesting you want to have Pseudo GTID. If you agree, then you must inject Pseudo GTISD queries, and must configure (and modify):
"PseudoGTIDPattern": "drop view if exists .*?`_pseudo_gtid_hint__",
See Pseudo GTID discussion.
It is best if you can also query for Pseudo-GTID existence via SQL. For this, configure (and modify):
"DetectPseudoGTIDQuery": "select count(*) as pseudo_gtid_exists from meta.pseudo_gtid_status where anchor = 1 and time_generated > now() - interval 2 day",
While you're at it, make your Pseudo-GTID entries monotonicly increasing, and provide a hint such as (modify value):
"PseudoGTIDMonotonicHint": "asc:",
When PseudoGTID is enabled, orchestrator
can do automated recovery from dead intermediate master (reconnects orphaned replicas to the topology)
or from dead masters (auto-promotes best candidate replica).
By default this is disabled. You can specify patterns of clusters for which to enable both. Of course, .*
matches everything:
"RecoverMasterClusterFilters": [
"myoltp"
],
"RecoverIntermediateMasterClusterFilters": [
"myoltp",
"myolap",
],
orchestrator
recovers the topology structure, but as a generic tool it does not understand the ouer context of your MySQL topologies
management, such as DNS, proxies etc. It allows for hooks to invoke upon failover detection, before taking action and after taking action.
You might want to configure the following:
"OnFailureDetectionProcesses": [
"echo 'Detected {failureType} on {failureCluster}. Affected replicas: {countSlaves}'
],
"PreFailoverProcesses": [
"echo 'Will recover from {failureType} on {failureCluster}'
],
"PostFailoverProcesses": [
"echo 'Recovered from {failureType} on {failureCluster}. Failed: {failedHost}:{failedPort}; Successor: {successorHost}:{successorPort}'
],
"PostUnsuccessfulFailoverProcesses": [
"echo 'There was a problem recovering from {failureType} on {failureCluster}. Failed: {failedHost}:{failedPort}'
],
"PostMasterFailoverProcesses": [
"echo 'Recovered from {failureType} on {failureCluster}. Failed: {failedHost}:{failedPort}; Promoted: {successorHost}:{successorPort}'
],
"PostIntermediateMasterFailoverProcesses": [
"echo 'Recovered from {failureType} on {failureCluster}. Failed: {failedHost}:{failedPort}; Successor: {successorHost}:{successorPort}'
]