MariaDB replication from master to slave

centoscentos-7mariadbmariadb-10.3master-slave-replication

After doing some research around this topic, I should be attempting this task soon. However, I have two questions going around my head – could do with an experienced professional answering them.

I am using MariaDB 10.3 and the latest version of Centos 7.

Q1. From the MySQL console, when granting user permission rights, you would grant these for the Private IP and not the Public IP?

Q2. Currently, root permissions are disabled for remote sign-in. Is it a good practise to create a slave user instead and don’t touch root user permissions?

Thank you all!

Best Answer

A1. Use Private IPs where practical -- they are somewhat more secure. This assumes, however, that both Master and Slave are on the same Private network or is 'tunneled' through.

A2. Create a separate "user" for the replication stream. GRANT only REPLICATION SLAVE to that user.

Use root (or other SUPER) only for admin purposes. Create specific user(s) for application code. Grant them more limited access, perhaps GRANT ALL PRIVILEGES ON app_db.*