General Options

Routing Options

Destination Status Options

Metadata Cache Options

Logging Options

HTTP Server Options

MySQL Router Configuration File Option Descriptions

access_mode

Defines how MySQL Router treats read-only and read-write queries. If enabled, read-only queries are directed to read-only servers, and read-write queries are directed to read-write servers. See Section 3.5, “Read/Write Splitting”.

wait_for_my_writes

Read-only queries wait for the last written transaction.

See Section 3.5, “Read/Write Splitting”.

wait_for_my_writes_timeout

Maximum time in seconds to wait for a read_only destination to apply the written transaction, before falling back to a read_write destination.

See Section 3.5, “Read/Write Splitting”.

router_require_enforce

If enabled, MySQL Router retrieves the values defined in the user's router_requires attribute in the USER_ATTRIBUTES table.

The attribute must take the following format:

        {router_require: {value}}
      

The following are the possible values:

event_source_name

Microsoft Windows platforms only. Defines the service name used by MySQL Router when it is run as a service on Microsoft Windows. This enables you to differentiate between services when running multiple instances of MySQL Router and between their messages in the Event Log.

For example:

[DEFAULT]
event_source_name = MySQLRouterService

logging_folder

Path to the MySQL Router log file directory. The log file is named mysqlrouter.log, and it is either generated or appended to if this file already exists.

Setting logging_folder to an empty value sends the messages to the console (stdout).

An example that sends logs to /var/log/mysqlrouter/mysqlrouter.log:

[DEFAULT]
logging_folder = /var/log/mysqlrouter

When the --directory bootstrap option is used, the generated configuration file sets it to $directory/log/.

plugin_folder

Path to the MySQL Router plugins. This folder must match the MySQL Router installation directory. You should only set this if you have a custom installation where the plugins are not in the standard installation location.

Default value: /usr/local/lib/mysqlrouter

runtime_folder

Path to the MySQL Router runtime files.

Default value: /run/mysqlrouter

master-key-writer

Script that reads the master key from STDIN. Set using the --master-key-writer command-line bootstrap option.

master-key-reader

Script that returns the master key to STDOUT. Set using the --master-key-reader command-line bootstrap option.

config_folder

Path to the MySQL Router configuration files.

Default value: /usr/local/etc/mysqlrouter

sinks

The sink(s) (different logging methods) that a defined log level are sent to.

Supported sink values are: consolelog, filelog, eventlog (on Windows), and syslog (on Unix-based systems). Use a comma-separated list to define multiple values.

Default value: filelog if the logging_folder option is not empty in the "[DEFAULT]" section, otherwise consolelog.

For example, to configure logger to use the file, console and the event log each using the debug log level configured in the [logger] section:

[logger]
level=debug
sinks=consolelog,eventlog,filelog

keyring_path

Points to the keyring file's location.

A system-wide bootstrap does not add this option to the generated configuration file, and assumes the keyring file is located in the system-wide runtime state directory. If --directory is also used, then the keyring file is stored under the runtime state directory of that instance, under run/ in the specified directory.

System-wide default paths are used if this option is not defined.

Example usage:

keyring_path = /opt/myrouter/data/keyring
master_key_path = /opt/myrouter/mysqlrouter.key

master_key_path

The master key file's location. This option allows unattended decryption, as otherwise its location is requested at startup.

System-wide default paths are used if this option is not specified.

Example usage:

keyring_path = /opt/myrouter/data/keyring
master_key_path = /opt/myrouter/mysqlrouter.key

unknown_config_option

Determines MySQL Router behavior for handling unknown configuration options, such as typos.

A warning is default behavior, and bootstrapping defines it as error in the generated configuration file. Warning logs a warning message but does not halt, whereas an error means MySQL Router fails to initialize and exits.

[DEFAULT]
unknown_config_option=warning

user (system)

Run mysqlrouter as the user having the name user_name or the numeric user ID user_id. “User” in this context refers to a system login account, not a MySQL user listed in the grant tables. This can also be assigned at runtime using the --user command line option.

On Linux, installing Router with official DEB or RPM packages creates a local system user and group named "mysqlrouter" on the host, and MySQL Router runs as this user by default. This account does not have shell access and its home directory points to the directory where the default configuration file is stored.

The purpose of this option is to run MySQL Router as a user with restricted system privileges. If the user does not exist on the system, or if an attempt to start Router as root is made, an error is emitted and Router exits.

MySQL Router can be bootstrapped and executed under any Operating System user and does not require special privileges other than read and write access to its own files. The files it accesses include plugins (read/execute), configuration file, logs, UNIX domain socket files (if enabled), and more.

By default, the configuration and log files are written to a system-wide location such as /etc and /var/log. Alternatively, Router can be bootstrapped to a self-contained directory of its own by using the --directory option. For example:

$> sudo mysqlrouter --bootstrap localhost:3310 --directory /a/path/myrouter --user snoopy

In this example, Router creates /a/path/myrouter and adds all of the generated files and directories here, and these are only writable by the system user snoopy. Additionally, user is defined in the generated configuration file /a/path/myrouter/mysqlrouter.conf:

[DEFAULT]
user=snoopy

ssl_ca

Path to the SSL CA file to verify server's certificate against when connecting to the metadata servers.

Can optionally be set with the --ssl-ca bootstrap option.

ssl_capath

Path to directory containing SSL CA files to verify server's certificate against when connecting to the metadata servers.

Can optionally be set with the --ssl-capath bootstrap option.

ssl_crl

Path to SSL CRL file to use when connecting to metadata servers and verifying their SSL certificate.

Can optionally be set with the --ssl-crl bootstrap option.

ssl_crlpath

Path to directory containing SSL CRL files to use when connecting to metadata servers and verifying their SSL certificate.

Can optionally be set with the --ssl-crlpath bootstrap option.

tls_version

Comma-separated list of TLS versions to request, such as 'TLSv1.2,TLSv1.3', if SSL is enabled.

Can optionally be set with the --tls-version bootstrap option.

bind_address

Information related to the optional bind_address option:

Example usage:

bind_address = 127.0.0.1:7001

bind_port

Optionally, you can define a default port for bind_address using bind_port. If a port is not configured in bind_address, then bind_port is required and used.

Optionally set these values by using the --conf-base-port bootstrap option.

The three examples below all result in bind_address = 127.0.0.1:7001

[routing:example_1]
bind_port = 7001

[routing:example_2]
bind_port = 7001
bind_address = 127.0.0.1

[routing:example_3]
bind_address = 127.0.0.1:7001

socket

Sockets are enabled using the socket option, which can be specified with or without the TCP bind_port and bind_address options. An example:

[routing]
socket = /tmp/mysqlrouter.sock
destinations = a.example.com:3306,b.example.com:3307

When launching MySQL Router, Router will refuse to run if either the socket file already exists or it cannot be written to.

Relative paths are acceptable and based on the current working directory where Router is launched.

Router can listen to both TCP sockets and Unix sockets simultaneously. For example, the following [routing] configuration example is valid and configures Router to listen for connections on both localhost:1234 and /tmp/mysqlrouter.sock:

[routing:my_redirect]
bind_address = localhost:1234
socket = /tmp/mysqlrouter.sock
destinations = localhost:57121, localhost:57122, localhost:57123

protocol

Used by the routing plugin when connecting to the destination MySQL server, and can be set to either "classic" (default), or "x" (X Protocol).

Example usage:

[routing:basic_failover]
bind_port = 7001
destinations = 10.20.200.1:33060, 10.20.200.2:33060
protocol = x

The protocol option also affects the default port used by each destination. If a destination port is not configured, then the default port is 3306 for "classic" (default), 33060 for "x" (X Protocol).

pid_file

Sets location of the PID file. This can be set in three different ways (in order of precedence): the --pid-file command-line option, setting this pid_file option in Router's configuration file, or defining the ROUTER_PID environment variable.

If --bootstrap is specified, then the pid_file and ROUTER_PID definitions are ignored. This is unlike the --pid-file command-line option which causes Router to fail.

If --bootstrap is not specified, then the following cause Router to fail: the --pid-file already exists, pid_file or ROUTER_PID are set but empty, or if Router can't write the PID file.

connect_timeout

Timeout value used by the MySQL Router when connecting to the destination MySQL server. The value cannot be unlimited, and an invalid value results in a configuration error. The valid range is between 1 and 65536. You should keep this value low.

Example usage:

[routing]
connect_timeout = 5

Can be set at bootstrap using --conf-set-option=routing.connect_timeout.

connect_timeout

Timeout value used by the MySQL Router when connecting to the MySQL metadata server.

Example usage:

[DEFAULT]
connect_timeout = 5

Can be set at bootstrap using either --connect-timeout or --conf-set-option=DEFAULT.connect_timeout.

read_timeout

Timeout value used by the MySQL Router when reading from the MySQL metadata server. The default value is 30 seconds.

Example usage:

[DEFAULT]
read_timeout = 30

destinations

Provides host information for establishing connections. It accepts either a comma-separated list of destination addresses or a metadata-cache link to an InnoDB cluster. The destination addresses can be a mix of hostname[:port], ip-address[:port], or local: URIs for Unix sockets.

Example usage with specific hosts (static routing):

destinations = a.example.com,b.example.com,c.example.com

Example usage with a Unix socket:

destinations=local:/tmp/mysql.sock

The Unix socket support specifics are:

Example usage with InnoDB cluster metadata cache:

destinations=metadata-cache://mycluster/default?role=PRIMARY

The metadata-cache URI options are:

dynamic_state

This option tracks and stores active MySQL InnoDB Cluster Metadata server addresses and loads them if Router is restarted. This functionality is activated by --bootstrap.

Bootstrapping defines the dynamic_state option in mysqlrouter.conf file under the [DEFAULT] section. The value is a path to a JSON file named state.json, which is created when Router has been bootstrapped. The state.json is initialized with InnoDB Cluster Metadata server addresses and the Group Replication ID (the group_replication_name returned by the InnoDB Cluster ); additional information is added and updated while Router is running.

Example mysqlrouter.conf entry:

[DEFAULT]
dynamic_state=/opt/myrouter/data/state.json

Example state.json generated by --bootstrap:

{
    "metadata-cache": {
        "group-replication-id": "4b9e817a-0254-11e9-9cc0-080027bb5030",
        "cluster-metadata-servers": [
            "mysql://localhost:3310",
            "mysql://localhost:3320",
            "mysql://localhost:3330"
        ]
    },
    "version": "1.0.0"
}

routing_strategy

The routing strategy defines how MySQL Router chooses MySQL servers to connect to.

Available strategies:

Unreachable destinations are quarantined and skipped, and are probed for availability every error_quarantine_interval seconds. All routing strategies except for next-available utilize this behavior.

The role defaults and available combinations:

max_connections

Each routing can limit the number of routes or connections. One possible use is to help prevent possible Denial-Of-Service (DOS) attacks. The default value is 512, and the valid range is between 1 and 65536.

This is similar to MySQL Server's max_connections server system variable.

[routing:mycluster_default_rw]
max_connections = 512

Alternatively, use the newer max_total_connections configuration option that sets one value for all Router sections combined.

The maximum depends both on the system's poll (or linux_epoll) limitations and the number of available CPU cores/threads. See also the [IO] backend and threads configuration options.

Optionally setting max_connections in the [DEFAULT] section sets the default value for each routing destination.

max_total_connections

The maximum number of client connections handled by Router, to help prevent running out of the file descriptors.

This is similar to MySQL Server's max_connections server system variable.

[DEFAULT]
max_total_connections = 512

The default value is 512, and it's set under the [DEFAULT] section.

thread_stack_size

The stack size allocated for each thread. It is measured in kilobytes, and defaults to 64.

[DEFAULT]
thread_stack_size=128

net_buffer_length

Sets the net_buffer_length MySQL server option.

max_connect_errors

The default value is 100, and the valid range is between 1 and 2^32 (4294967295, an unsigned int).

This is similar to MySQL Server's max_connect_errors server system variable.

This can cause a slight performance penalty if an application performs frequent reconnections, because MySQL Router attempts to discover if connection-related errors are present.

A successful connection resets the error counter.

Each routing has its own list of blocked hosts. Blocked clients receive the MySQL Server error 1129 code with a slightly different error message: "1129: Too many connection errors from fail.example.com". The Router logs contain extra information for blocked clients, such as: INFO [...] 1 authentication errors for fail.example.com (max 100) WARNING [...] blocking client host fail.example.com

max_connect_errors = 100

client_connect_timeout

This is similar to MySQL Server's connect_timeout server system variable.

The default value is 9, which is one less than the MySQL 5.7 default. The valid range is between 2 and 31536000.

client_connect_timeout = 9

auth_cache_refresh_interval

Time (in seconds) between the auth-cache refresh attempts. Defaults to 2. The value must be smaller than auth_cache_ttl and larger than ttl else Router won't start.

This option is applied if the http_auth_backend section's backend option is set to metadata_cache; which is a Router REST API feature.

auth_cache_ttl

Time (in seconds) until the cache becomes invalid if not refreshed. Defaults to -1 (infinite). The value must be larger than auth_cache_refresh_interval and ttl else Router won't start.

This option is applied if the http_auth_backend section's backend option is set to metadata_cache; which is a Router REST API feature.

close_connection_after_refresh

Determines whether a metadata_cache connection to a MySQL server should be closed after the metadata is refreshed. Defaults to 0.

If close_connection_after_refresh=0, the metadata_cache keeps the connection established after a metadata refresh if it knows that the next refresh goes to the same server and the refresh succeeded.

If close_connection_after_refresh=0 and either the metadata_cache knows that the next connection will go to another server or that the refresh failed, then the connection is closed after the refresh. A maximum of one connection is kept open even if connections to multiple servers is needed, like with a cluster set.

If close_connection_after_refresh=1, the metadata_cache connection is closed after a metadata refresh. The related ttl option controls the frequency that the metadata cache is checked.

[metadata_cache]
close_connection_after_refresh=0

router_id

The MySQL Router ID.

server_ssl_cert

The path name of the SSL public key certificate file in PEM format. This is used to facilitate server-side authentication during the bootstrap process.

server_ssl_key

The path name of the SSL private key file in PEM format used to encrypt router-to-server connections. See also Section 4.4, “TLS Configuration” .

server_ssl_curves

Defaults to a secure list of SSL curves. Format this string as a colon separated list of curve names.

server_ssl_cipher

Defaults to a secure list of SSL ciphers. Format this string as a colon separated list of cipher names.

server_ssl_verify

Verification of the SSL certificates presented to the router by the server.

server_ssl_mode

SSL connection mode to use when connecting between MySQL Router and server. See also Section 4.4, “TLS Configuration” .

server_ssl_ca

The path name of the Certificate Authority (CA) certificate file in PEM format. The file contains a list of trusted SSL Certificate Authorities. See also Section 4.4, “TLS Configuration” .

server_ssl_capath

The path name of the directory that contains trusted SSL Certificate Authority (CA) certificate files in PEM format. See also Section 4.4, “TLS Configuration” .

client_ssl_cert

The path name of the SSL public key certificate file in PEM format. This is used to facilitate client-side authentication during the bootstrap process.

Like -client_ssl_key, this option is only used during bootstrap that uses a root account. It is useful when the root account was created with REQUIRE X509, and therefore logging in as root requires the client to authenticate itself.

server_ssl_crlpath

The path of the directory that contains certificate revocation-list files in PEM format. See also Section 4.4, “TLS Configuration” .

server_ssl_crl

The path name of the file containing certificate revocation lists in PEM format. See also Section 4.4, “TLS Configuration” .

client_ssl_key

The path name of the SSL private key file in PEM format used to encrypt client-to-router connections. See also Section 4.4, “TLS Configuration” .

client_ssl_dh_params

Filename of the DH parameter file. If specified and not empty, the DH parameters from this file are used instead of internal default DH parameters. Format the DH param file in PEM format.

client_ssl_curves

Which curves are allowed between the client and MySQL Router, defaults to a secure list of SSL curves. Format this string as a colon separated list of curve names.

client_ssl_cipher

Which ciphers are allowed between client and MySQL Router, defaults to a secure list of SSL ciphers. Format this string as a colon separated list of cipher names.

client_ssl_mode

Controls if connections from the client to MySQL Router must be encrypted. See also Section 4.4, “TLS Configuration” .

ssl_mode

SSL mode for connecting to the MySQL metadata server. It defaults to PREFERRED if not set.

When set to PREFERRED (the default), bootstrapping will warn when SSL is not used and connection to the metadata server is unencrypted.

Available values are DISABLED, PREFERRED, REQUIRED, VERIFY_CA, and VERIFY_IDENTITY. As with the mysql client, this value is case-insensitive.

There is also a runtime option for bootstrapping; see --ssl-mode.

user (MySQL)

A generated MySQL user with privileges to access the MySQL server's metadata schema. This user's password is auto-generated and stored in an encrypted keyring. By default, the encryption key for this keyring is stored in a read protected master key store file, which is defined in the configuration file. Most commonly, this user and associated password are automatically generated during bootstrap. Related command line options are --force-password-validation and --password-retries. By default, the generated password passes the STRONG validate_password strength.

The password is entirely managed by Router and never exposed, and is stored in a local keyring system using the operating system's account that MySQL Router is running as. It can then be used by Router to connect to InnoDB Cluster and retrieve current topology information. Sessions between Router and metadata server are encrypted with SSL by default.

Where the generated keyring files are stored depends on how bootstrap is configured. For self-contained installations (when --directory is used), it is stored under run/ in the self-contained directory. For system-wide installations, it is stored in the system-wide runtime state directory, and that path is platform specific. For additional information, see master_key_path and keyring_path

This user is assigned (and requires) the following privileges:

Privileges needed by the Router account:

	On Metadata Server:

		SELECT ON mysql_innodb_cluster_metadata.*

	On Target Replica Sets:

		SELECT ON performance_schema.replication_group_members
		SELECT ON performance_schema.replication_group_member_stats

The generated username follows this pattern: mysql_router_{router_id}_[0-9a-z]{7}, where {router_id} is the numeric router id and [0-9a-z]{7} is 7 random lowercase alphanumeric characters. The router id is reused if already present in mysqlrouter.conf and its value can not exceed 4294967295 (2^32-1).

metadata_cluster

Name of the InnoDB Cluster.

use_gr_notifications

Enables Group Replication notifications. When enabled, Router is asynchronously notified about most cluster changes. It can be enabled manually in mysqlrouter.conf or enabled there using the --conf-use-gr-notifications command-line option during bootstrap.

When Router receives any of the following notifications from Group Replication, it refreshes the cluster metadata:

When enabled, the Group Replication notification feature allows a higher ttl value because the metadata refreshes carried out at ttl intervals become an additional safeguard, rather than the primary means of keeping the information about the cluster state up to date. When disabled, a low ttl value (such as 0.5s, the default) is recommended to avoid the overhead of reconnecting to the instances and querying them for metadata changes often.

ttl

Time to live (in seconds) of information in the metadata cache.

Accepts either an integer or a floating point value. The granularity is limited to milliseconds, where 0.001 equates to one millisecond. Precision is truncated to the supported range; for example TTL=0.0119 is treated as 11 milliseconds. The value 0 means that the metadata cache module queries the metadata continuously in a tight loop.

The related close_connection_after_refresh option controls whether the metadata_cache connection to a MySQL server should close or remain open after a successful metadata refresh.

The value must be smaller than auth_cache_refresh_interval and auth_cache_ttl else Router won't start.

The only supported decimal separator is '.' (a period) regardless of locale, and scientific notation, such as TTL=1.6E-2, is supported.

destination

Direct console log output to this device destination; set under the [consolelog] section. Defaults to /dev/stderr and an empty value uses the default.

Available values are: /dev/stdout, /dev/stderr, and /dev/null; or CON and NUL on Windows.

[DEFAULT]
logging_folder=

[consolelog]
destination=/dev/null

filename

Redirect log output to a specific file named filename that resides in the logging_folder directory. It must be defined as a file name and not a file path, and works with both the [logger] and [filelog] sections.

Using filename with [logger] to define the default value for the [filelog] section, and it also changes Router's log file from mysqlrouter.log to this new value.

[DEFAULT]
logging_folder=/path/to/logs/

[logger]
filename = router_error.log

Router does not report an error if filename is set under [logger] but no file-based logger is used.

Using filename with [filelog]:

[DEFAULT]
logging_folder=/path/to/logs/

[filelog:a]
filename = a_router_error.log

[filelog:b]
filename = b_router_error.log

If filename is empty or not set under [filelog] then the filename definition under [logger] is used; and the default log file is used (mysqlrouter.log) if filename is not set under [logger] either.

Related, directing console output to /dev/null:

[DEFAULT]
logging_folder=

[consolelog]
destination=/dev/null

level

Use the logger plugin to log notices, errors, and debugging information. The available log levels are DEBUG, NOTE, INFO (default), WARNING, ERROR, SYSTEM, and FATAL. These values are case-insensitive.

The INFO level displays all informational messages, warnings, and error messages. The DEBUG level displays additional diagnostic information from the Router code, including successful routes. SYSTEM includes messages such as startup messages.

[logger]
level = DEBUG

Output behavior depends on the logging_folder option. Setting logging_folder to a folder saves a log file named mysqlrouter.log to that folder. Setting logging_folder to an empty value, or not setting it, outputs the log to the console. It is set in the [DEFAULT] section.

Bootstrapping accepts a configuration file using --config and utilizes the logger level definition.

timestamp_precision

The logger timestamp precision; the available definitions with example values are:

port

The TCP port listening for HTTP requests; it defaults to 8081.

bind_address

IP address bound to the HTTP port; it defaults to 0.0.0.0.

static_folder

Base directory for static file requests; it's empty by default. An empty value means no static files are served.

require_realm

Name of the [http_auth_realm] instance.

ssl

The value 1 enables SSL, and 0 disables it. TLS clients supporting TLSv1.2 or later are required. This is defined under the [http_server] section.

ssl_cert

File name of the certificate and its chain certifications in PEM format; required if ssl=1. This is defined under the [http_server] section.

ssl_key

File name of the key in PEM format; required if ssl=1. This is defined under the [http_server] section.

ssl_cipher

The cipher-spec (see openssl's 'ciphers' list). Defaults to a comma-separated list of all approved ciphers. Unknown ciphers are silently ignored. Fails if list of ciphers is empty and ssl=1. This is defined under the [http_server] section.

ssl_dh_param

Read the DH parameter from this file in PEM format. Uses the dh-param from RFC 5114 by default if ssl=1. This is defined under the [http_server] section.

interval

Determines the frequency (in seconds) that MySQL Router sends a keepalive ping message. The total number of pings is determiend by the runs configuration option.

[keepalive]
interval = 42
runs = 0

runs

Limits the number of intervals MySQL Router sends a keepalive ping message. Setting it to 0 (default) means it executes until MySQL Router is shut down. The frequency is determined by the interval option.

[keepalive]
interval = 42
runs = 0

backend

The IO backend that handles async operations. The generic poll backend is available on all platforms, while each platform may provide alternative backends.

Options are poll (all platforms) and linux_epoll (Linux). Defaults to linux_epoll on Linux.

[io]
backend=linux_epoll
threads=32

threads

The number of IO threads that handles connections.

Defaults to 0 (uses all available CPU cores/threads) but also accepts a number between 1 and 1024. At runtime the system may restrict the upper limit beyond this value.

[io]
backend=linux_epoll
threads=32

connection_sharing_delay

Seconds to wait before an idle server connection is available for reuse by another client connection.

See Section 3.4, “Connection Sharing and Reuse”.

connection_sharing

Whether to enable connection sharing.

See Section 3.4, “Connection Sharing and Reuse”.

idle_timeout

Seconds to keep the idling connection in the connection pool before closing it. This is set in the [connection_pool] section, and affects all routes in the connection pool. Defaults to 5, accepts a value between 1 and 4294967296.

max_idle_server_connections

Connections to keep open in the connection pool after the client disconnects; and is set in the [connection_pool] section. The default is 0, which disables connection pooling.

client_ssl_session_cache_mode

Enables or disables the cache for client-router TLS sessions.

client_ssl_session_cache_size

Defines the maximum number of sessions cached. If adding a new session to the cache causes the number of cached sessions to exceed the defined maximum, the oldest cached session is dropped to allow the newest to be cached.

client_ssl_session_cache_timeout

Defines the maximum amount of time, in seconds, a session remains in the cache. If the timeout is reached, and this season is not reused, the session is removed from the cache and the connection is closed.

server_ssl_session_cache_mode

Enables or disables the cache for router-server TLS sessions.

server_ssl_session_cache_size

Defines the maximum number of sessions cached. If adding a new session to the cache causes the number of cached sessions to exceed the defined maximum, the oldest cached session is dropped to allow the newest to be cached.

server_ssl_session_cache_timeout

Time in seconds until TLS sessions are removed from the server TLS session cache.

connect_retry_timeout

If a classic connection fails with a transient error, such as max-connections reached, MySQL Router waits the defined number of seconds before retrying the connection. The connection is retried according to the defined routing strategy.

If connect_retry_timeout is not defined, it defaults to 7 seconds. If the value of connect_retry_timeout is defined outside of the valid range of values, MySQL Router will fail to start.

If a connection fails with a transient error after authentication has occurred, the connection can only be retried if the client-router connection is TLS encrypted or has a public key.

backend

Name of the [http_auth_backend] section.

method

The HTTP authentication method; defaults to basic.

name

Name of the realm presented to the authentication user.

require

Requires that the user validates with the authentication backend; defaults to valid-user, which enables this check.

backend

Name of the backend implementation; accepted values are file (default) or metadata_cache.

[http_auth_backend:name]
backend=metadata_cache

[metadata_cache]
auth_cache_refresh_interval=2
auth_cache_ttl=-1

filename

Name of the backend storage file, is relative to the data_folder directory.

cluster_type

The type of AdminAPI object that the Router was bootstrapped against, which is either an InnoDB ReplicaSet (rs) or InnoDB Cluster (gr). Use 'gr' for cluster sets.

Bootstrapping evaluates the target instance and sets this option accordingly in the generated configuration file.

error_quarantine_interval

Defines the interval, in seconds, between checks on quarantined destination connectivity. If a connection is possible, the destination is moved out of quarantine and made available for connections.

If an invalid value is defined, MySQL Router fails to start and an error is logged.

For example:

        [destination_status]
         error_quarantine_threshold=5
         error_quarantine_interval=20 
      

error_quarantine_threshold

Defines the threshold of consecutive, failed attempts to connect to a routing destination before MySQL Router adds the destination to quarantine and stops using it as a destination until it is cleared by the quarantine mechanism. For example, if set to 5, the destination is quarantined after 5 consecutive, failed attempts to connect to it.

If an invalid value is defined, MySQL Router fails to start and an error is logged.

For example:

        [destination_status]
         error_quarantine_threshold=5
         error_quarantine_interval=20