Related issue: https://github.com/github/gh-ost/issues/521
- Add --ssl-cert and --ssl-key options to specify SSL public/private
key files
- Allow combining --ssl-allow-insecure with other --ssl* flags.
`mysql.RegisterTLSConfig` allows combining the corresponding
parameters in the `tls.Config` it receives, so gh-ost should
allow this. I found being able to pass --ssl-allow-insecure along
with --ssl-ca, --ssl-cert, and --ssl-key useful in testing.
- Use the same TLS config everywhere. Since the CLI only supports
a single set of --ssl* configuration parameters, this should be
fine -- `mysql.RegisterTLSConfig` documentation indicates the
TLS config given will not be modified, so it can safely be used
in many goroutines provided we also do not modify it. The previous
implementation did not work when the TLS config was duplicated,
which happens when gh-ost walks up the replication chain trying
to find the master. This is because, when the config is duplicated,
we must call `RegisterTLSConfig` again with the new config. This
config is exactly the same, so it's easiest to side-step the issue
by registering the TLS config once and using it everywhere.
- Adding a command line option for users to enforce tls/ssl connections
for the applier, inspector, and binlog reader.
- The user can optionally request server certificate verification through
a command line option to specify the ca cert via a file path.
- Fixes an existing bug appending the timeout option to the singleton
applier connection.
Both Percona and Maria allow MySQL to be configured to listen on an extra port when their thread pool is enable.
* https://www.percona.com/doc/percona-server/5.7/performance/threadpool.html
* https://mariadb.com/kb/en/the-mariadb-library/thread-pool-in-mariadb-51-53/
This is valuable because if the table has a lot of traffic (read or write load), gh-ost can end up starving the thread pool as incomming connections are immediately blocked.
By using gh-ost on the extra port, MySQL locking will still behave the same, but MySQL will keep a dedicated thread for each gh-ost connection.
When doing this, it's important to inspect the extra-max-connections variable. Both Percona and Maria default to 1, so gh-ost may easily exceed with its threads.
An example local run using this
```
$ mysql -S /tmp/mysql_sandbox20393.sock -e "select @@global.port, @@global.extra_port"
+---------------+---------------------+
| @@global.port | @@global.extra_port |
+---------------+---------------------+
| 20393 | 30393 |
+---------------+---------------------+
./bin/gh-ost \
--initially-drop-ghost-table \
--initially-drop-old-table \
--assume-rbr \
--port="20395" \
--assume-master-host="127.0.0.1:30393" \
--max-load=Threads_running=25 \
--critical-load=Threads_running=1000 \
--chunk-size=1000 \
--max-lag-millis=1500 \
--user="gh-ost" \
--password="gh-ost" \
--database="test" \
--table="mytable" \
--verbose \
--alter="ADD mynewcol decimal(11,2) DEFAULT 0.0 NOT NULL" \
--exact-rowcount \
--concurrent-rowcount \
--default-retries=120 \
--panic-flag-file=/tmp/ghost.panic.flag \
--postpone-cut-over-flag-file=/tmp/ghost.postpone.flag \
--execute
```
usage example:
```
gh-ost ... --force-table-names=migration_tbl
```
The force-table-names flag will receive a table name and use that name
when creating the _del, _gho, _ghc tables.
For instance for that example above, the tables would be:
_migration_tbl_del
_migration_tbl_gho
_migration_tbl_ghc
[fixes#399]
