Strange ssl messages in error log
Hello, I'm getting these odd messages appearing in my error log since enabling SSL for replication in MariaDB Galera Cluster using the 5.5.29 release with 3 nodes using WAN clustering on AWS, 2 nodes are in us-east, 1 node in us-west-1. The host defined in the log (10.112.50.145) isn't even one of the local ips of the hosts in the cluster or my severalnines cluster control ip. It keeps incrementing 2 ports and retrying every 5-6 seconds. It's showing the same thing on two nodes in us-east, but nothing in the error log on the us-west-1 node.
Apr 26 21:51:45 ip-x-x-x-x mysqld: 130426 21:51:45 [ERROR] WSREP: handshake with remote endpoint ssl:10.112.50.145:6347 failed: 1: 'End of file.' ( )
Apr 26 21:51:51 ip-x-x-x-x mysqld: 130426 21:51:51 [ERROR] WSREP: handshake with remote endpoint ssl:10.112.50.145:6349 failed: 1: 'End of file.' ( )
Everything else is working fine.
Apr 26 17:57:17 ip-x-x-x-x mysqld: 130426 17:57:17 [Note] WSREP: SSL handshake successful, remote endpoint ssl:node3-public-ip:49900 local endpoint ssl:node2-local-ip:4567 cipher: AES128-SHA compression: zlib compression
Apr 26 17:57:17 ip-x-x-x-x mysqld: 130426 17:57:17 [Note] WSREP: (bbbd2230-ae9a-11e2-0800-e4917d5483c5, 'ssl:0.0.0.0:4567') turning message relay requesting off
Apr 26 17:57:18 ip-x-x-x-x mysqld: 130426 17:57:18 [Note] WSREP: SSL handshake successful, remote endpoint ssl:node1-local-ip:4567 local endpoint ssl:node2-localip:46046 cipher: AES128-SHA compression: zlib compression
It seems that everything is replicating to all 3 nodes, however, my log is just getting filled with an useless error message.
Answer Answered by Peter McLarty in this comment.
This could be a problem with your network setup you might have blocked traffic from the US-east servers to the west, however not the other way, I know it sounds silly, however it is possible to ping from one server to another and not the other way around this is to do with how your security groups are setup on your network connections. I am not sure if Gallera will cope with that being the case however its a good place to start and eliminate.
Can you access any db server as a mysql user from any other server?