Home |  MySQL Buzz |  FAQ |  Feeds |  Submit your blog feed |  Feedback |  Archive |  Aggregate feed RSS 2.0 English Deutsch Español Français Italiano 日本語 Русский Português 中文
Employee MySQL Certification Study - DBA Topics
+3 Vote Up -0 Vote Down

For the MySQL DBA Exam, I wrote that I needed to brush up on Security and High Availability techniques. So let’s take a look at these two in more detail.

Security

There were quite a lot of enhancements to security introduced in MySQL 5.6, and I want to make sure I’m not caught off guard by new questions. The major changes (with links to manual pages) are:

  • Password expiration support
  • Enforce password policy such as minimum length or special chars requirements.
  • sha256_password for stronger password hashing.
  • Secure-auth enabled by default. This means clients using passwords stored in pre-MySQL 4.1 format won’t be able to connect.
  • mysql_config_editor has been introduced. The intention of this utility is to stop users from entering passwords in command line arguments.
  • Passwords are no longer written to log files.

Enterprise Edition:

  • PAM module for providing external authentication such as Unix passwords or an LDAP directory (actually this change was in MySQL 5.5).
  • Native Windows authentication is also supported.
  • Audit log plugin for policy-based monitoring and logging (technically also introduced in MySQL 5.5).

Additionally, it’s worthwhile looking at these manual pages:

High Availability Techniques

I wrote about availability a couple of days ago, but this is only part of the problem. The certification wants you to know about the technologies that have been certified as officially supported:

  • DRBD - Most people describe DRBD as “Network level RAID1 for Linux”. It replicates disk-block changes from one server to another, and is typically configured as two servers: one active, one passive, with a virtual IP address pointing to the current ‘active server’.

    Actually, that’s a bit of a simplification: DRBD only provides the disk-block replication. It needs a cluster manager such as Pacemaker or Corosync to do the virtual IP address and failover part.

  • Windows Failover Clustering - This solution is more analogous to Pacemaker than it is to DRBD. What WFC allows you to do is share a virtual IP address between at least two servers that access mysql data files via shared storage. WFC will ensure that only one server will have the mysql data files open at a time.

  • Solaris Cluster - MySQL provides an agent to work with the Solaris cluster framework.

  • OVM Templates for MySQL Enterprise - What this solution does, is allows MySQL to run as a virtual machine. If the underlying physical host fails, the MySQL VM can be migrated to another physical host. Live migrations are also supported if the host hardware requires maintenance. This kind of setup relies on shared storage.

Votes:

You must be logged in with a MySQL account to vote on Planet MySQL entries. More information on PlanetMySQL voting.

Planet MySQL © 1995, 2014, Oracle Corporation and/or its affiliates   Legal Policies | Your Privacy Rights | Terms of Use

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.