MySQL 5.7 Reference Manual Including MySQL NDB Cluster 7.5 and NDB Cluster 7.6
If you enable certain MySQL features, you might need to set the SELinux TCP port context for additional ports used by those features. If ports used by MySQL features do not have the correct SELinux context, the features might not function correctly.
The following sections describe how to set port contexts for MySQL features. Generally, the same method can be used to set the port context for any MySQL features. For information about ports used by MySQL features, refer to the MySQL Port Reference.
If SELinux is enabled, you must set the port context for the
Group Replication communication port, which is defined by the
group_replication_local_address
variable. mysqld must be able to bind to
the Group Replication communication port and listen there.
InnoDB Cluster relies on Group Replication so this applies
equally to instances used in a cluster. To view ports
currently used by MySQL, issue:
semanage port -l | grep mysqld
Assuming the Group Replication communication port is 33061, set the port context by issuing:
semanage port -a -t mysqld_port_t -p tcp 33061
If SELinux is enabled, you must set the port context for the
communication port used by X Plugin, which is defined by the
mysqlx_port variable.
mysqld must be able to bind to the
X Plugin communication port and listen there.
Assuming the X Plugin communication port is 33060, set the port context by issuing:
semanage port -a -t mysqld_port_t -p tcp 33060