I am playing around with MySQL 8.0.14 and InnoDB cluster. I am currently stuck at creating the Group replication via mySQL shell.
Since I want to use SSL, I am required to set ipWhitelist on dba.createCluster() which is shown below:
var cluster = dba.createCluster('testCluster4', {ipWhitelist:'somedns-1.tosqlnode'})
The cluster is successfully created. Now I want to add another instance.
cluster.addInstance('[email protected]', {ipWhitelist:'somedns-1.tosqlnode,somedns-2.tosqlnode'})
This fails as the first instance is showing an error that states that a non-whitelisted instance is trying to connect.
So create another one:
var cluster = dba.createCluster('testCluster5', {ipWhitelist:'somedns-1.tosqlnode,somedns-2.tosqlnode'})
The cluster is successfully created. Now I want to add another instance.
cluster.addInstance('[email protected]', {ipWhitelist:'somedns-1.tosqlnode,somedns-2.tosqlnode'})
Instance is successfully added.
Is it really necessary to know all instance addresses at cluster creation? I cannot find a way via MySQL shell to change the initial ipWhitelist.
Yes, it is. And please be aware that it needs to be bi-directional (as you correctly set in your second attempt). Also, you can use the CIDR notation to select the specific subnet you want to be "whitelisted".
For further information please check the documentation section about ip-whitelist: https://dev.mysql.com/doc/refman/8.0/en/group-replication-ip-address-whitelisting.html
Regarding the possibility of changing the current ip-whitelist of a running cluster, via Shell, that's not possible. You need to re-create your cluster:
Cheers,
Miguel