Showing entries 1 to 10 of 38816
10 Older Entries »
ProxySQL Firewalling

In this blog post, we’ll look at ProxySQL firewalling (how to use ProxySQL as a firewall).

Not long ago we had an internal discussion about security, and how to enforce a stricter set of rules to prevent malicious acts and block other undesired queries. ProxySQL came up as a possible tool that could help us in achieving what we were looking for. Last year I wrote about how to use ProxySQL to stop a single query.

That approach may be good for few queries and as a temporary solution. But what can we do when we really want to use ProxySQL as an SQL-based firewall? And more importantly, how to do it right?

First of all, let us define what “right” can be in this context. …

[Read more]
Backup and data streaming with xbstream, tar, socat, and netcat

On April 4th 2012 Xtrabackup 2.0 was released in to GA by Percona along with a new streaming feature called xbstream. This new tool allowed for compression and parallelism of streaming backups when running xtrabackup or innobackupex without having to stream using tar, then pipe to gzip or pigz, then pipe to netcat or socat to stream your backup to the recipient server. This resulted in …

[Read more]
Announcing MySQL Server 5.7.21, 5.6.39, and 5.5.59

MySQL Server 5.7.21, 5.6.39, and 5.5.59, new versions of the popular Open Source Database Management System, have been released. These releases are recommended for use on production systems. For an overview of what’s new, please see http://dev.mysql.com/doc/refman/5.7/en/mysql-nutshell.html http://dev.mysql.com/doc/refman/5.6/en/mysql-nutshell.html http://dev.mysql.com/doc/refman/5.5/en/mysql-nutshell.html For information on installing the release on new servers, please see the MySQL installation documentation at […]

Updated: ClusterControl Tips & Tricks: Securing your MySQL Installation

Requires ClusterControl 1.2.11 or later. Applies to MySQL based clusters.

During the life cycle of Database installation it is common that new user accounts are created. It is a good practice to once in a while verify that the security is up to standards. That is, there should at least not be any accounts with global access rights, or accounts without password.

Using ClusterControl, you can at any time perform a security audit.

In the User Interface go to Manage > Developer Studio. Expand the folders so that you see s9s/mysql/programs. Click on security_audit.js and then press Compile and Run.

If there are problems you will clearly see it in the messages section:

Enlarged Messages output:

Here we have accounts that can connect from any hosts and accounts which do not have a password. Those …

[Read more]
Presentation: Highly efficient backup with Xtrabackup

 

Xtrabackup is the most widely open source hot backup tool for MySQL. Xtrabackup support InnoDB and MyISAM engines.It supports both MySQL Server , Percona Server and MariaDB. This presentation covers some of the important features in Xtrabackup.

Pic Courtesy : https://www.flickr.com/photos/robbiewendt/8108744459/

Compare Current and Past Time Series Graphs in Percona Monitoring and Management (PMM)

In this short blog post, I will show you how you can compare current and past time series in Percona Monitoring and Management (PMM).

Recently, a support customer shared a graph with us that compared query throughput between today and yesterday as a confirmation that optimizing their server variables improved performance.

Do you want to compare workload between today and yesterday? This week and last week? Or this month and last month? You can do this by simply duplicating an existing data source of a graph, but add a time offset so it will render past data. You can specify past offsets in (s)econds, (m)inutes, (h)ours, (d)ays, (w)eeks and even (y)ears.

Say you want to graph query throughput from a certain time period and one day before that. To do this, select the “MySQL Overview” dashboard, and then click the header of “MySQL Questions” panel. The panel menu should appear:

Click the …

[Read more]
Meltdown vs MySQL part 2: in-memory sysbench and a core i5 NUC

This is my second performance report for the Meltdown patch using in-memory sysbench and a small server. In this test I used a core i5 NUC with the 4.13 and 4.8 kernels. In the previous test I used a core i3 NUC with the 4.4 kernel.

  • results for 4.13 are mixed -- sometimes there is more QPS with the fix enabled, sometimes there is more with the fix disabled. The typical difference is small, about 2%.
  • QPS for 4.8, which doesn't have the Meltdown fix, are usually better than with 4.13, the largest difference is ~10% and the difference tend to be larger at 1 client than at 2 or 8.


Configuration

My usage of sysbench is described here. The servers are  …

[Read more]
XFS, nobarrier and the 4.13 Linux kernel

tl;dr

My day

  • nobarrier isn't supported as a mount option for XFS in kernel 4.13.0-26 with Ubuntu 16.04. I assume this isn't limited to Ubuntu. Read this for more detail on the change.
  • write throughput is much worse on my SSD without nobarrier
  • there is no error on the command line when mounting a device that uses the nobarrier option
  • there is an error message in dmesg output for this


There might be two workarounds:

  • switch from XFS to ext4
  • echo "write through" > /sys/block/$device/queue/write_cache


The Story

I have a …

[Read more]
Meltdown vs MySQL part 1: in-memory sysbench and a core i3 NUC

This is my first performance report for the Meltdown patch using in-memory sysbench and a small server.

  • the worst case overhead was ~5.5%
  • a typical overhead was ~2%
  • QPS was similar between the kernel with the Meltdown fix disabled and the old kernel
  • the overhead with too much concurrency (8 clients) wasn't worse than than the overhead without too much concurrency (1 or 2 clients)


Configuration
My usage of sysbench is described here. The servers are described here. For this test I used the core i3 NUC (NUC5i3ryh) with Ubuntu 16.04. I have 3 such servers and ran tests with the fix enabled ( …

[Read more]
This Week in Data with Colin Charles 23: CPU security continues to draw attention

Join Percona Chief Evangelist Colin Charles as he covers happenings, gives pointers and provides musings on the open source database community.

Much is still being talked about the Meltdown/Spectre CPU security vulnerabilities. There’s an interesting Twitter thread showing performance impact on Kafka brokers. Jaime Crespo also writes about how it affects MariaDB Server 10.1.30 – Finding out the MySQL performance regression due to kernel mitigation for Meltdown CPU vulnerability. It’s worth checking out the thread for PostgreSQL too.

Something else worth thinking about, …

[Read more]
Showing entries 1 to 10 of 38816
10 Older Entries »