Resolving the MySQL Active-Active Replication Dilemma
No, your replication isn't broken after all.
Join the DZone community and get the full member experience.Join For Free
Multi-writer replication has been a challenge in the MySQL ecosystem for years before truly dedicated solutions were introduced – first Galera (and so Percona XtradDB Cluster (PXC)) replication (around 2011), and then Group Replication (first GA in 2016).
Now, with both multi-writer technologies available, do we still need traditional asynchronous replication, set up in active-active topology? Apparently yes, there are still valid use cases. And you may need it not only when for some reason Galera/PXC or GR are not suitable, but also when you actually use them. Of course, the most typical case is to have a second cluster in a different geographic location, as Disaster Recovery. If you still wonder why you would need it, just read how a whole data center can disappear in the news a few weeks ago, about the OVH incident.
So, a DR site needs to replicate online from the primary cluster and be able to take over the workload very fast if needed. But also it is expected to be able to switch back effortlessly, hence very often the async replication channels are set up in both directions.
A very good writeup about this can be found here: How Not to do MySQL High Availability: Geographic Node Distribution with Galera-Based Replication Misuse.
Now, after seeing repeating problems with active-active setups falling over and over for years, I thought there are still too few warnings out there about the risks, so I decided to add one more little stone to the stack.
Before I continue, I have to mention this great webinar made last year by my colleague Sveta. You should definitely watch if you are interested in the subject: How Safe is Asynchronous Master-Master Setup in MySQL?
So, let me demonstrate a simple test case, which may be an eye-opener to some.
First, let’s use the great dbdeployer tool to launch two MySQL instances with active-active replication in just one command:
Now, create a very simple table with one example data row:
So, at this point both nodes have the same data:
In the next step, let’s simulate some little replication lag by introducing a delay of one second, as it will allow reproducing the problem at will:
OK, so what if we send an update, very close in time, to both nodes, where the same row gets a different value:
As a result, both nodes have different column values!
Is Replication Broken?
You may think replication is now broken and some error will alert you about the situation? Not at all!
Or, did you hope enabling the GTID feature would prevent inconsistency from happening? Well, see the Executed_Gtid_Set on both nodes – it is identical, yet the nodes have different data.
What happens next? Well, it depends, maybe replication will eventually fail someday with an error if the same row is modified again, but also it is possible the inconsistency will spread further without you even notice it!
I hope this simple example emphasized the need for extra care when dealing with multi-primary replication topologies. The remedy though is usually quite simple:
1 – Make sure to allow only one node at a time for writes (super_read_only is here to help you).
2 – Check the data consistency regularly with appropriate tools (MySQL replication primer with pt-table-checksum and pt-table-sync).
Published at DZone with permission of Przemyslaw Malkowski, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.