Skip to main content
Skip table of contents

Example Configuration

The following displays a sample server.cnf configuration:

CODE
#
# These groups are read by MariaDB server.
# Use it for options that only the server (but not clients) should see
#
# See the examples of server my.cnf files in /usr/share/mysql/
#

# this is read by the standalone daemon and embedded servers
#
# For explanations see
# http://dev.mysql.com/doc/mysql/en/server-system-variables.html

# This will be passed to all mysql clients
# It has been reported that passwords should be enclosed with ticks/quotes
# escpecially if they contain "#" chars...
# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
[client]
port      = 3306
socket     = /var/run/mysqld/mysqld.sock

# Here is entries for some specific programs
# The following values assume you have at least 32M ram

# This was formally known as [safe_mysqld]. Both versions are currently parsed.
[mysqld_safe]
socket     = /var/run/mysqld/mysqld.sock
nice      = 0
syslog

[mysqld]
#
# * Basic Settings
#
user      = mysql
pid-file    = /var/run/mysqld/mysqld.pid
socket     = /var/run/mysqld/mysqld.sock
port      = 3306
basedir     = /usr
datadir     = /var/lib/mysql

# Configure the tmp directory to reside on the data partion where we have enough space for SSTs.
# (Xtrabackup will use this variable.)
tmpdir = /var/lib/mysql/tmp

character_set_server=utf8
collation_server=utf8_unicode_ci

lc_messages_dir = /usr/share/mysql
lc_messages   = en_US
skip-external-locking

wsrep_on=ON

# gcache.size is how much data we will cache and use for IST.
# If more data has been produced since the node was disconnected an SST will be triggered.
# By setting it to 16G a customer can issue about 0.5M certs before connecting a second node without SST.
# (Nothing wrong with SSTs, but during IST it easer to follow the sync progress and it looks more user friendly.)
# pc.npvo=true: Recent primary component overrides older ones in case of conflicting prims.
# ## Can only be set in URL due to a bug: pc.wait_prim=false: The node waits for primary component forever
# pc.weight=2: Default weight for the node that can be overridden by parameters in the gcomm URL

#Uncomment this and you are setting up Galera recommendations with the default paths in the SignServer Cloud Galera Clustering Guide otherwise add your own
#wsrep_provider_options="socket.ssl_key=/etc/mysql/localhost-Key.pem;socket.ssl_cert=/etc/mysql/localhost.pem;socket.ssl_ca=/etc/mysql/localhost-CA.pem;gcache.size=6G;gcache.page_size=512M; pc.npvo=true;"

# Galera Cluster Configuration
wsrep_cluster_name=signserver_cluster
#wsrep_cluster_address="gcomm://"
wsrep_cluster_address="gcomm://172.16.0.103"
wsrep_node_name=SignServerNode1
wsrep_node_address="172.16.0.36"

# Galera Synchronization Configuration
wsrep_sst_auth=repl_user:i-04811bfcfa454383e
wsrep_sst_method=mariabackup
#
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address      = 127.0.0.1
bind-address      = 0.0.0.0
#
# * Fine Tuning
#
max_connections     = 200
connect_timeout     = 5
# The number of seconds the server waits for activity on a noninteractive connection before closing it. (Default 28800s)
wait_timeout      = 3600
max_allowed_packet   = 256M
thread_cache_size    = 128
sort_buffer_size    = 4M
bulk_insert_buffer_size = 16M
tmp_table_size     = 32M
max_heap_table_size   = 32M

# Turn off reverse DNS lookup of clients
skip-name-resolve

#
# * MyISAM
#
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched. On error, make copy and try a repair.
myisam_recover     = BACKUP
key_buffer_size     = 32M
#open-files-limit    = 2000
table_open_cache    = 400
myisam_sort_buffer_size = 128M
concurrent_insert    = 2
read_buffer_size    = 2M
read_rnd_buffer_size  = 1M

#
# * Query Cache Configuration
#

# Disable to query cache to avoid locking
query_cache_limit=0
query_cache_type=0
query_cache_size=0

# * Logging and Replication
#
# Both location gets rotated by the cronjob.
# Be aware that this log type is a performance killer.
# As of 5.1 you can enable the log at runtime!
general_log_file    = /var/log/mysql/mysql.log
general_log       = 0
#
#
# Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf.
#
# we do want to know about network errors and such
log_warnings      = 2
#
# Disable slow log
slow_query_log=0
#slow_query_log_file  = /var/log/mysql/mariadb-slow.log
#long_query_time = 10
#log_slow_rate_limit  = 1000
#log_slow_verbosity   = query_plan
#log-queries-not-using-indexes
#log_slow_admin_statements

# Disable bin-logging, since we don't use regular replication
sync_binlog      = 0
#log_bin            = /var/lib/mysql/mariadb-bin
#log_bin_index     = /var/lib/mysql/mariadb-bin.index
#expire_logs_days    = 10
#max_binlog_size     = 100M

# ROW is required by Galera (intercepts binlogs, but binlogs does not have to be written to disk)
binlog_format=ROW

# * InnoDB
default_storage_engine = InnoDB

innodb_buffer_pool_size=2G

# Use one pool per GiB of 'innodb_buffer_pool_size'
innodb_buffer_pool_instances = 2

# If SHOW GLOBAL STATUS LIKE 'innodb_log_waits'; starts returning a non-zero value
# transactions are to large to fit in the innodb_log_buffer_size and uses disk IO.
innodb_log_buffer_size = 32M

# Recommended to be 25% of innodb_buffer_pool_size. Larger file however means slower recovery.
# Changing this value requires a delete of the old files while shutdown.
# (sudo rm /var/lib/mysql/ibdata1 /var/lib/mysql/ib_logfile0 /var/lib/mysql/ib_logfile1)
innodb_log_file_size=512M
innodb_file_per_table  = 1
innodb_open_files    = 400
innodb_io_capacity   = 400
innodb_flush_method   = O_DIRECT

# Always flush it to Galera
innodb_flush_log_at_trx_commit=1

# Parallel slave thread processing requires the following settings:
innodb_autoinc_lock_mode=2
innodb_locks_unsafe_for_binlog=1

# Galera Provider Configuration
wsrep_provider=/usr/lib64/galera/libgalera_smm.so

# Number of threads on the "slave" side applying incoming data.
# wsrep_slave_threads = 4*number of cores
wsrep_slave_threads=16

# In case of conflict during the full state transfer, overwrite the slave
slave_exec_mode=IDEMPOTENT

[mysqldump]
quick
quote-names
max_allowed_packet = 256M

[mysql]
#no-auto-rehash # faster start of mysql but no tab completition

[isamchk]
key_buffer       = 16M

# this is only for embedded server
[embedded]

# This group is only read by MariaDB servers, not by MySQL.
# If you use the same .cnf file for MySQL and MariaDB,
# you can put MariaDB-only options here
[mariadb]

# This group is only read by MariaDB-10.1 servers.
# If you use the same .cnf file for MariaDB of different versions,
# use this group for options that older servers don't understand
[mariadb-10.1]


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.