I don’t claim to be a security expert, but I’d like opinions from people in the field, as well as database experts that view security highly. Here are some opinions from a discussion with Chad and Lenz a while ago. What do you consider a security hole, that warrants immediate action or a release of a server within a sensible timeframe?

• Remotely exploiting MySQL without login credentials
• Remotely crashing MySQL without login credentials

The above two are definite problems. What about:

• denial of service attacks
• data loss
• data changes
• data insertion

Chad tells us, “security is policy enforcement.” And the policy should state: “the service should always be available to authorized people, never to …

In the first article in this series on archiving strategies for online transaction processing (OLTP) database servers, I covered some basics: why to archive, and what to consider when gathering requirements for the archived data itself. This article is more technical. I want to help you understand how to choose which rows are archivable, and how to deal with complex data relationships and dependencies. In that context, I'll also discuss a few concrete archiving strategies, their strengths and shortcomings, and how they can satisfy your requirements, especially requirements for data consistency, which as you will see is one of the most difficult problems in archiving.

Let’s say when you have to run a batch process monthly, you can survive with times like 10 minutes. I can imagine a lot of seasoned DBAs right now ROFL about my insignificant 10 minutes. The point here is I was developing this process and some test cases, so my usual trial/error methodology doesn’t scale very well with 10 minute offsets.

So I borrowed an idea from a colleague: why not moving all the database to memory? It’s not so big and I have 2G of ram. But, could I change all tables (~20) to MEMORY in one line or so?

Since this was a Ruby on Rails project, I used the rails console to be able to mix SQL and Ruby. My first try:

conn.tables.each do |t|
  conn.execute "ALTER TABLE #{t} ENGINE=MEMORY"
end

First error: foreign …

MySQL AB, developer of the world's most popular open source database, today announced that Zimbra is using the MySQL database to deploy millions of email accounts as part of its rapidly growing open source messaging and collaboration system.

MySQL Connector/Net 5.1.2 a new version of the all-managed .NET driver for MySQL has been released.

Connector/Net 5.1 represents a change in how we package our products. Until now, we've shipped our core provider and the Visual Studio integration bits as separate downloads. This has become a bit of a problem. Often we would fix a bug that involved changing code both in the VS package and in the core provider. This provided a versioning problem where users would need to upgrade both products to see the benefit of the bug fix. To solve this, we've decided to discontinue Tools for Visual Studio as a separate product and have, instead, integrated it into a new Connector/Net installer. We hope this provides a better "out of box" experience for our users.

All previous versions of Tools for Visual Studio should be uninstalled prior to installing this product.

Version 5.1.2 works with all versions of MySQL …

With our current focus on the "12 Days of Scale Out" I thought I'd mention some observations from a recent visit to China.  I was there mostly on vacation, but I was able to spend a couple of days on the front end in some meetings with customers and press in Beijing through our partner there, Great Open Source.

The highlight of my visit was meetings with Sina.com (the largest portal in China) and Baidu.com (the largest search engine company).  Both are large scale users of MySQL with literally hundreds of MySQL servers at the core of their operations.

These companies have to deal with the same challenges as their US or European counterparts, but …

This article goes along similar lines to the piece I did on the security of MySQL. I came across another blog that asked about programming tips that really should not be followed in the real world. I thought it might be interesting to get some ideas of what areas of MySQL or database theory that is taught as "religion" at University or even in starting positions that just don't work in the real world in some situations.

I will get the ball rolling by adding a few points that are often drummed into people, but don't work in all situations.

read more

This article goes along similar lines to the piece I did on the security of MySQL. I came across another blog that asked about programming tips that really should not be followed in the real world. I thought it might be interesting to get some ideas of what areas of MySQL or database theory that is taught as "religion" at University or even in starting positions that just don't work in the real world in some situations.

I will get the ball rolling by adding a few points that are often drummed into people, but don't work in all situations.

read more

Thanks to Google and MySQL I have been given an opportunity to create a project from scratch with the help of a mentor, but it is fundamentally different that projects given at school. Unless you are in a software engineering course projects are generally given out with about two weeks to complete them and they are not prerequisites for the next project. The design process is severely diminished in that situation because the time constraint forces a more programming centric approach to complete the program. Not to say that design should take a majority of the time over coding, but I have found that for my project it is not only time saving, but essential to completing the project with the goals I have set. I will briefly explain how the design process has positively influenced my project.

Object Oriented Design is Complicated

The key to the success of my project will be its modularity; how simple could someone add a …

Sometimes it´s useful to take a look at the querylog, when you see a growing graph in a monitoring tool and think "what´s happening there?"
But there is no need to keep it always enabled as it produces I/O load.
To enable the querylog, the mysqld must be restartet, which means downtime and this is not acceptable. So I found the following way:

• start the mysqld with querylog enabled
• delete the querylog file and keep the mysqld running
• issue a "flush logs" when you need the querylog. The mysqld re-creates the file and you can look at it.
• remove the querylog file when finished

Ok, not the perfect way, but it seems to work. But don´t forget the side effects of a "flush logs". This command creates a new binlog and errorlog too.