How to build PrivacyIdea HA with MySQL with master and master replication
1. Install PrivacyIdea on 1st Privacyidea
Refer: https://www.youtube.com/watch?v=YzQPA3fQuYQ
3. Setup Mysql master to master replication
Refer: https://www.digitalocean.com/community/tutorials/how-to-set-up-mysql-master-master-replication
*********************************************
Primary my.cnf
bind-address = xxx.xxx.xxx.xxx
server-id = 1
log_bin = /var/log/mysql/mysql-bin.log
expire_logs_days = 10
max_binlog_size = 100M
binlog_do_db = pi
replicate-do-db = pi
relay_log = mysqld-relay-bin
log-slave-updates = ON
binlog_format = mixed
read-only = 0
expire_logs_days = 3
slave-skip-errors = all
auto-increment-increment= 2
auto-increment-offset = 1
bind-address = yyy.yyy.yyy.yyy
server-id = 2
log_bin = /var/log/mysql/mysql-bin.log
expire_logs_days = 10
max_binlog_size = 100M
binlog_do_db = pi
replicate-do-db = pi
binlog_format = mixed
relay_log = mysqld-relay-bin
log-slave-updates = ON
read-only = 0
expire_logs_days = 3
slave-skip-errors = all
auto-increment-increment= 2
auto-increment-offset = 2
4. Dump database "pi" and import to 2nd Privacyidea
mysqldump -u root -p --databases pi --lock-all-tables --events > pi.sql
Refer: https://www.server-world.info/en/note?os=Ubuntu_14.04&p=mysql&f=3
5. Rename enckey, pi.cfg, private.pem, public.pem to enckey.org, pi.cfg.org, private.pem.org, public.pem.org on 2nd privacyidea /etc/privacyidea
6. copy enckey, pi.cfg, private.pem, public.pem from 1st privacyidea to 2nd privacyidea
7. Copy SQLALCHEMY_DATABASE_URI = 'mysql://xxx:xxxxx@localhost/pi' from pi.cfg.org and replace it in pi.cfg on 2nd privacyidea
8. Refer: https://www.zybuluo.com/ruoli/note/888790#3记录b服务器数据库初态
9. Reboot 2nd PrivacyIdea
Refer: https://www.youtube.com/watch?v=YzQPA3fQuYQ
- Add repository on Ubuntu
- #add-apt-repository ppa:privacyidea/privacyidea
- Update apt
- #apt-get update
- Check apt cache has privacyidea
- #apt-cache search privacyidea
- Install 2FA system. This is a meta package to install privacyidea with apache2 + MySql
- #apt-get install privacyidea-apache2
- Create admin account and set password
- #pi-manage admin add admin admin@localhost
- Install 2FA FreeRadius
- #apt-get install privacyidea-radius
- Install 2FA everything
- #apt-get install privacyidea-all
3. Setup Mysql master to master replication
Refer: https://www.digitalocean.com/community/tutorials/how-to-set-up-mysql-master-master-replication
*********************************************
Primary my.cnf
bind-address = xxx.xxx.xxx.xxx
server-id = 1
log_bin = /var/log/mysql/mysql-bin.log
expire_logs_days = 10
max_binlog_size = 100M
binlog_do_db = pi
replicate-do-db = pi
relay_log = mysqld-relay-bin
log-slave-updates = ON
binlog_format = mixed
read-only = 0
expire_logs_days = 3
slave-skip-errors = all
auto-increment-increment= 2
auto-increment-offset = 1
*********************************************
*********************************************
Secondary my.cnfbind-address = yyy.yyy.yyy.yyy
server-id = 2
log_bin = /var/log/mysql/mysql-bin.log
expire_logs_days = 10
max_binlog_size = 100M
binlog_do_db = pi
replicate-do-db = pi
binlog_format = mixed
relay_log = mysqld-relay-bin
log-slave-updates = ON
read-only = 0
expire_logs_days = 3
slave-skip-errors = all
auto-increment-increment= 2
auto-increment-offset = 2
*********************************************
4. Dump database "pi" and import to 2nd Privacyidea
mysqldump -u root -p --databases pi --lock-all-tables --events > pi.sql
Refer: https://www.server-world.info/en/note?os=Ubuntu_14.04&p=mysql&f=3
5. Rename enckey, pi.cfg, private.pem, public.pem to enckey.org, pi.cfg.org, private.pem.org, public.pem.org on 2nd privacyidea /etc/privacyidea
6. copy enckey, pi.cfg, private.pem, public.pem from 1st privacyidea to 2nd privacyidea
7. Copy SQLALCHEMY_DATABASE_URI = 'mysql://xxx:xxxxx@localhost/pi' from pi.cfg.org and replace it in pi.cfg on 2nd privacyidea
8. Refer: https://www.zybuluo.com/ruoli/note/888790#3记录b服务器数据库初态
9. Reboot 2nd PrivacyIdea
留言