MySQL Clustering and GRANT Permissions

Question

&nbsp; Hello all, 
&nbsp;  
&nbsp; I am trying to figure out how to cluster a collection of read-only MySQL databases behind an F5, and at the same time to ensure that the MySQL servers see the originating client IP address in order to work with the MySQL permissions structure. 
&nbsp;  
&nbsp; It seems SNAT is needed, but without an x-forwarded for type of option for the MySQL client protocol, I have no idea how to keep the client IP visible to the backend servers. 
&nbsp;  
&nbsp; All insight would be appreciated. 
&nbsp;  
&nbsp; Thank you, 
&nbsp; Joshua

dennypayne · Answer

If you can design the network such that the MySQL servers use the LTM as their default gateway, then you don't need to SNAT.   Not sure how difficult that would be without more detail of your current configuration. 
&nbsp;    
&nbsp; Denny

jrahm · Answer

If the other systems are local to the subnet, there shouldn't be a need for a route, layer 2 discovery will take care of that.  If the others systems are available through another layer 3 gateway (besides the LTM), you can simply add persistent routes for those destinations to your server's routing table, pointed at the appropriate gateway.

Forum Discussion

MySQL Clustering and GRANT Permissions

2 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Insufficient permissions BIG-IQ login error

F5 BIG-IP per application Red Hat OpenShift cluster migrations

F5 BIG-IP deployment with OpenShift - multi-cluster architectures

Integrating with your IPv6 Kubernetes Cluster

Multiple Kubernetes Clusters and Path-Based Routing with F5 Distributed Cloud