How to Configure MariaDB Galera Cluster on RHEL 7

How to Configure MariaDB Galera Cluster on RHEL 7

MariaDB Galera Cluster is a synchronous multi-primary replication solution for MariaDB. Every node in a Galera cluster can accept writes simultaneously, and changes are replicated to all other nodes before a transaction is confirmed to the client. This eliminates replication lag, prevents data loss on node failure, and allows any application to read and write to any cluster node. This guide walks through installing MariaDB 10.x with Galera support on RHEL 7, configuring the Galera replication settings, bootstrapping the first node, and joining additional nodes to form a functional cluster.

Prerequisites

• Three RHEL 7 servers with static IP addresses (a minimum of 3 nodes is required for quorum)
• Root or sudo access on all nodes
• SELinux set to permissive or appropriate policies configured for Galera ports
• The following ports open between all cluster nodes:
  • 3306 — MySQL/MariaDB client connections
  • 4444 — Galera State Snapshot Transfer (SST)
  • 4567 — Galera cluster communication (TCP + UDP)
  • 4568 — Galera Incremental State Transfer (IST)
• Unique hostnames set for each node (helps with Galera logging and diagnostics)

Step 1: Add the MariaDB YUM Repository

RHEL 7’s default repositories contain an older version of MariaDB. Use the official MariaDB repository to get MariaDB 10.6 or later with Galera 4 included.

sudo tee /etc/yum.repos.d/mariadb.repo <<'EOF'
[mariadb]
name = MariaDB
baseurl = https://downloads.mariadb.com/MariaDB/mariadb-10.6/yum/rhel7-amd64
gpgkey = https://downloads.mariadb.com/MariaDB/MariaDB-Server-GPG-KEY
gpgcheck = 1
enabled = 1
EOF

sudo rpm --import https://downloads.mariadb.com/MariaDB/MariaDB-Server-GPG-KEY

Confirm the repository is recognized:

sudo yum repolist | grep mariadb

Step 2: Install MariaDB-Galera-Server on All Nodes

Install the Galera-enabled MariaDB server package on all three cluster nodes. The MariaDB-Galera-server package includes the Galera wsrep provider library.

sudo yum install -y MariaDB-Galera-server MariaDB-client galera

After installation, ensure any existing MySQL or MariaDB data directory is clean. If this is a fresh server, the directory will already be empty.

sudo ls /var/lib/mysql/

If there is existing data you want to keep, back it up before proceeding — Galera bootstrapping will reinitialize the node.

Step 3: Configure SELinux and Firewalld

Set SELinux to permissive mode for the initial setup (you can configure proper SELinux policies for production use afterward):

sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config

Open required firewall ports on all nodes:

sudo firewall-cmd --permanent --add-port=3306/tcp
sudo firewall-cmd --permanent --add-port=4444/tcp
sudo firewall-cmd --permanent --add-port=4567/tcp
sudo firewall-cmd --permanent --add-port=4567/udp
sudo firewall-cmd --permanent --add-port=4568/tcp
sudo firewall-cmd --reload

Step 4: Create the Galera Configuration File

Create a dedicated Galera configuration file on all three nodes. The MariaDB configuration directory on RHEL 7 is /etc/my.cnf.d/. Create /etc/my.cnf.d/galera.cnf on each node, adjusting only the wsrep_node_address and wsrep_node_name for each respective host.

On node 1 (192.168.1.30):

sudo tee /etc/my.cnf.d/galera.cnf <<'EOF'
[mysqld]

# --- Galera Provider ---
# Path to the Galera wsrep provider shared library
wsrep_on=ON
wsrep_provider=/usr/lib64/galera-4/libgalera_smm.so

# --- Cluster Identity ---
wsrep_cluster_name="my_galera_cluster"

# Comma-separated list of ALL cluster node IPs
# (include all nodes, even this one)
wsrep_cluster_address="gcomm://192.168.1.30,192.168.1.31,192.168.1.32"

# --- This Node's Identity ---
wsrep_node_address="192.168.1.30"
wsrep_node_name="node1"

# --- Replication Method ---
# rsync is simple; mariabackup is recommended for production (non-blocking SST)
wsrep_sst_method=rsync

# --- InnoDB Settings (required for Galera) ---
binlog_format=ROW
default_storage_engine=InnoDB
innodb_autoinc_lock_mode=2

# --- Optional: bind to specific IP ---
bind-address=192.168.1.30
EOF

On node 2 (192.168.1.31), change these two lines:

wsrep_node_address="192.168.1.31"
wsrep_node_name="node2"
bind-address=192.168.1.31

On node 3 (192.168.1.32):

wsrep_node_address="192.168.1.32"
wsrep_node_name="node3"
bind-address=192.168.1.32

The wsrep_cluster_address remains identical on all nodes and lists all cluster member IPs.

Step 5: Bootstrap the First Node

The first node must be bootstrapped to initialize a new Galera cluster. This is done with the galera_new_cluster command, which starts MariaDB with the --wsrep-new-cluster flag, creating a fresh cluster state.

Run this on node 1 only:

sudo galera_new_cluster

Verify the first node started successfully and has formed a single-node cluster:

sudo systemctl status mariadb

mysql -u root -e "SHOW STATUS LIKE 'wsrep_cluster_size';"

The output should show wsrep_cluster_size = 1.

Step 6: Secure the MariaDB Installation on Node 1

Run the security script to set a root password and remove test databases. Do this before joining additional nodes so the credentials are replicated:

sudo mysql_secure_installation

Follow the prompts to set a root password, remove anonymous users, disallow remote root login, and remove the test database.

Step 7: Join the Remaining Nodes

Once node 1 is running and healthy, start MariaDB normally on nodes 2 and 3. They will detect the existing cluster from wsrep_cluster_address and perform a State Snapshot Transfer (SST) to synchronize their data.

# On node 2
sudo systemctl enable mariadb
sudo systemctl start mariadb

# On node 3
sudo systemctl enable mariadb
sudo systemctl start mariadb

Monitor the error log on node 2 or 3 during the join process:

sudo tail -f /var/log/mariadb/mariadb.log | grep -E "wsrep|Galera|SST"

You will see messages indicating the SST transfer starting and completing. Once the transfer is done, the node will become part of the cluster.

Step 8: Verify Full Cluster Status

Connect to any node and query the wsrep status variables to confirm all three nodes are synchronized.

mysql -u root -p -e "SHOW STATUS LIKE 'wsrep%';"

The most important variables to check:

+---------------------------+--------------------------------------+
| Variable_name             | Value                                |
+---------------------------+--------------------------------------+
| wsrep_cluster_size        | 3                                    |
| wsrep_cluster_status      | Primary                              |
| wsrep_connected           | ON                                   |
| wsrep_ready               | ON                                   |
| wsrep_local_state_comment | Synced                               |
+---------------------------+--------------------------------------+

A wsrep_cluster_size of 3, wsrep_cluster_status of Primary, and wsrep_local_state_comment of Synced confirms a healthy cluster. Test that a write on one node is visible on another:

# On node 1 — create a test table
mysql -u root -p -e "CREATE DATABASE clustertest; 
  CREATE TABLE clustertest.nodes (id INT AUTO_INCREMENT PRIMARY KEY, name VARCHAR(50)); 
  INSERT INTO clustertest.nodes (name) VALUES ('node1-write');"

# On node 2 — verify replication
mysql -u root -p -e "SELECT * FROM clustertest.nodes;"

Conclusion

You have successfully configured a three-node MariaDB Galera Cluster on RHEL 7. The cluster uses the wsrep API with the Galera provider library to synchronously replicate every transaction across all nodes before acknowledging commits to the client. This means no replication lag, no data loss on single-node failure, and the ability to read and write from any node. For production deployments, consider switching the SST method from rsync to mariabackup to allow non-blocking state transfers, using a load balancer such as HAProxy or ProxySQL to distribute connections across nodes, and enabling Galera’s flow control monitoring to prevent slow nodes from degrading the entire cluster.