This is a blogpost about MySQL 8.0.0, the content here could be subject to changes in the future since this is not a stable release.

This is a feature that will make life the many DevOps and DBAs easier. Believe it or not, a lot of people control access to the database by sharing the same username and password. Which is completely insecure for a number of reasons:

• If someone is fired, they still have access
• If you get hacked for using the same password, well, I only can say: good luck

That also means: no more querying to Stack Overflow to get that giant GRANT statement for each user you need to create. (Thank you @mwop for reminding me of this).

Creating a Role

This is a group of privileges that will be assigned to users:

CREATE ROLE …

At our September 2016 New York City MySQL Meetup was a demonstration of how to implement role-based security in MySQL using Hexatier. In addition, several other important security features demonstrated included role based dynamic data masking down to a per column level and full statement auditing.

Thanks to Scott Unrick, Lead Database Administrator at Teladoc for the great presentation. Slides are available here.

Hexatier – MySQL Role-based Security & Data Masking from …

In MySQL 5.7 the new JSON support had been added. The JSON support consists out of three features:

• The JSON Datatype
• A set of JSON functions
• Generated columns

All three features combined allow building very powerful applications without committing to a fixed data structure on every part, but I was missing one thing a lot: Aggregation.

A topic I'm thinking a lot about is finding ways to select nested data. In MySQL we typically have two ways for this. Either one sends multiple queries to retrieve different nesting levels or one builds JOINs which tend to deliver repetitive responses. A tool …

Percona  announces the new release of Percona XtraDB Cluster 5.6 on September 15, 2016. Binaries are available from the downloads area or our software repositories.

Percona XtraDB Cluster 5.6.30-25.16.2 is now the current release, based on the following:

• Percona Server 5.6.30-76.3
• Galera Replication library 3.16
• Codership wsrep API version 25

This release provides a …

Starting with MySQL 8.0 we are introducing a new feature which will allow configuration variables to be persisted. This means that for a number of configuration settings, you will no longer need to manually edit a configuration file and can instead make modifications directly via an SQL connection.…

The issue On 12 September 2016 (three days ago) a MySQL security vulnerability was announced. The CVE id is CVE-2016-6662.

There are 3 claims:

1. By setting malloc-lib in the configuration file access to an OS root shell can be gained.
2. By using the general log a configuration file can be written in any place which is writable for the OS mysql user.
3. By using SELECT...INTO DUMPFILE... it is possible to elevate privileges from a database user with the FILE privilege to any database account including root.

How it is supposed to be used

1. Find an SQL Injection in a website or otherwise gain access to a MySQL account.
2. Now create a …

Percona Live Amsterdam is in 3 weeks, and on the evening of the second day of the conference (Tuesday October 4th 2016), there is the traditional Community Dinner.

As last year, Booking.com is hosting the event and as last year, canal boats will bring attendees from the conference venue to Booking.com headquarters.

This event involves some planning: Percona needs to arrange for canal boats and

In this blog post, we’ll discuss the MySQL default configuration changes between 5.6 and 5.7.

MySQL 5.7 has added a variety of new features that might excite you. However, there are also changes in the current variables that you might have overlooked. MySQL 5.7 updated nearly 40 of the defaults from 5.6. Some of the changes could severely impact your server performance, while others might go unnoticed. I’m going to go over each of the changes and what they mean.

The change that can have the largest impact on your server is likely

sync_binlog

. My colleague, Roel Van de Paar, wrote about this impact in depth in another blog post, so I won’t go in much detail.

Recently, I worked on a customer case where the customer needed to monitor the checksum via Nagios monitoring. The pmp-check-pt-table-checksum plugin from Percona Monitoring Plugins for MySQL achieves this goal. I thought it was worth a blogpost.

pmp-check-pt-table-checksum

 alerts you when the pt-table-checksum tool from Percona Toolkit finds data drifts on …

One of the things we have been working on for MySQL 8, is speeding up scans that read multiple records from a table or an index. Such scans benefit from reading the records in batches, so that they don’t get the overhead of latching data pages and navigating in the B-tree for every single record that is read.…