When my add second node ,the error log has these error messages:
2023-03-30T09:31:18.751420Z 0 [ERROR] [MY-000000] [Galera] failed to open gcomm backend connection: 110: failed to reach primary view (pc.wait_prim_timeout): 110 (Connection timed out)
at gcomm/src/pc.cpp:connect():161
2023-03-30T09:31:18.751433Z 0 [ERROR] [MY-000000] [Galera] gcs/src/gcs_core.cpp:gcs_core_open():219: Failed to open backend connection: -110 (Connection timed out)
2023-03-30T09:31:19.751980Z 0 [Note] [MY-000000] [Galera] gcomm: terminating thread
2023-03-30T09:31:19.752021Z 0 [Note] [MY-000000] [Galera] gcomm: joining thread
2023-03-30T09:31:19.752094Z 0 [ERROR] [MY-000000] [Galera] gcs/src/gcs.cpp:gcs_open():1811: Failed to open channel 'pxc-cluster' at 'gcomm://192.168.110.143': -110 (Connection timed out)
2023-03-30T09:31:19.752105Z 0 [ERROR] [MY-000000] [Galera] gcs connect failed: Connection timed out
2023-03-30T09:31:19.752113Z 0 [ERROR] [MY-000000] [WSREP] Provider/Node (gcomm://192.168.110.143) failed to establish connection with cluster (reason: 7)
2023-03-30T09:31:19.752127Z 0 [ERROR] [MY-010119] [Server] Aborting
2023-03-30T09:31:19.752724Z 0 [System] [MY-010910] [Server] /usr/sbin/mysqld: Shutdown complete (mysqld 8.0.31-23.1) Percona XtraDB Cluster (GPL), Release rel23, Revision 536c22e, WSREP version 26.1.4.3.
2023-03-30T09:31:19.753470Z 0 [ERROR] [MY-010065] [Server] Failed to shutdown components infrastructure.
The primary node has these error messages:
2023-03-30T09:31:15.218503Z 0 [Warning] [MY-000000] [Galera] Handshake failed: tlsv1 alert decrypt error
...
2023-03-30T09:31:18.184230Z 0 [Warning] [MY-000000] [Galera] Handshake failed: tlsv1 alert decrypt error
My database’s version is “mysql Ver 8.0.31-23.1 for Linux on x86_64 (Percona XtraDB Cluster (GPL), Release rel23, Revision 536c22e, WSREP version 26.1.4.3)”.
My primary node’s my.cnf is:
[client]
socket=/var/lib/mysql/mysql.sock
[mysqld]
server-id=1
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
# Binary log expiration period is 604800 seconds, which equals 7 days
binlog_expire_logs_seconds=604800
######## wsrep ###############
# Path to Galera library
wsrep_provider=/usr/lib64/galera4/libgalera_smm.so
# Cluster connection URL contains IPs of nodes
#If no IP is found, this implies that a new cluster needs to be created,
#in order to do that you need to bootstrap this node
wsrep_cluster_address=gcomm://
# In order for Galera to work correctly binlog format should be ROW
binlog_format=ROW
# Slave thread to use
wsrep_slave_threads=8
wsrep_log_conflicts
# This changes how InnoDB autoincrement locks are managed and is a requirement for Galera
innodb_autoinc_lock_mode=2
# Node IP address
wsrep_node_address=192.168.110.143
# Cluster name
wsrep_cluster_name=pxc-cluster
#If wsrep_node_name is not specified, then system hostname will be used
wsrep_node_name=pxc-cluster-node-1
#pxc_strict_mode allowed values: DISABLED,PERMISSIVE,ENFORCING,MASTER
pxc_strict_mode=ENFORCING
# SST method
wsrep_sst_method=xtrabackup-v2
wsrep_provider_options="socket.ssl=yes;socket.ssl_key=/etc/my.cnf.d/certificates/server-key.pem;socket.ssl_cert=/etc/my.cnf.d/certificates/server-cert.pem;socket.ssl_ca=/etc/my.cnf.d/certificates/ca.pem"
[sst]
encrypt=4
ssl-ca=/etc/my.cnf.d/certificates/ca-cert.pem
ssl-cert=/etc/my.cnf.d/certificates/server1-cert.pem
ssl-key=/etc/my.cnf.d/certificates/server1-key.pem
The second node’s my.cnf is:
[client]
socket=/var/lib/mysql/mysql.sock
[mysqld]
server-id=2
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
# Binary log expiration period is 604800 seconds, which equals 7 days
binlog_expire_logs_seconds=604800
######## wsrep ###############
# Path to Galera library
wsrep_provider=/usr/lib64/galera4/libgalera_smm.so
# Cluster connection URL contains IPs of nodes
#If no IP is found, this implies that a new cluster needs to be created,
#in order to do that you need to bootstrap this node
wsrep_cluster_address=gcomm://192.168.110.143
# In order for Galera to work correctly binlog format should be ROW
binlog_format=ROW
# Slave thread to use
wsrep_slave_threads=8
wsrep_log_conflicts
# This changes how InnoDB autoincrement locks are managed and is a requirement for Galera
innodb_autoinc_lock_mode=2
# Node IP address
wsrep_node_address=192.168.110.149
# Cluster name
wsrep_cluster_name=pxc-cluster
#If wsrep_node_name is not specified, then system hostname will be used
wsrep_node_name=pxc-cluster-node-2
#pxc_strict_mode allowed values: DISABLED,PERMISSIVE,ENFORCING,MASTER
pxc_strict_mode=ENFORCING
# SST method
wsrep_sst_method=xtrabackup-v2
wsrep_provider_options="socket.ssl=yes;socket.ssl_key=/etc/my.cnf.d/certificates/server-key.pem;socket.ssl_cert=/etc/my.cnf.d/certificates/server-cert.pem;socket.ssl_ca=/etc/my.cnf.d/certificates/ca.pem"
[sst]
encrypt=4
ssl-ca=/etc/my.cnf.d/certificates/ca-cert.pem
ssl-cert=/etc/my.cnf.d/certificates/server1-cert.pem
ssl-key=/etc/my.cnf.d/certificates/server1-key.pem
The pem files all come from primary node.
How can I do for this error?