Featured
Percona Products
Percona Services
Use Cases
Jaime SicamPercona Operator for MySQL, based on Percona XtraDB Cluster (PXC), provides configuration to expose the ProxySQL, HAProxy, and the PXC instances themselves so that you can use Percona Toolkit to connect to MySQL from these endpoints externally. However, you can also create Kubernetes pods to run Percona Toolkit operations there instead if you do not […]
As per K8SPSMDB-732, TLS is now supported with LDAP authentication on Percona Operator for MongoDB 1.16.0 and above. This feature has been documented here as well. I’ve written a previous article on using LDAP authentication and authorization without TLS, so let me provide the instructions here on incorporating TLS with LDAP. First, you need to […]
Percona Server for MongoDB currently has several external authentication options, such as LDAP with SASL, LDAP, Kerberos, and AWS IAM. What is amazing is that SASL can authenticate with Pluggable Authentication Modules (PAM) too. This means that you still have additional external authentication options to choose from through PAM libraries. For a quick demonstration of […]
As of Percona Operator for MongoDB 1.12.0, the documentation now has instructions on how to configure LDAP Authentication and Authorization. It already contains an example of how to configure the operator if OpenLDAP is your LDAP server. Here is another example of setting it up but using Samba as your LDAP server. To simplify the […]
Since the release of Percona Server MongoDB 3.6.13 (PSMDB), you have been able to use Vault to store the encryption keys for data at rest encryption. Here’s how to set it up. First, you need to have a Vault server up and running. My colleague, Jericho, has an article on setting up Vault for Percona […]
It’s bad practice to provide world-writable access to critical files in Linux, though we’ve seen time and time again that this is done to conveniently share files with other users, applications, or services. But with Xtrabackup, preparing backups could go wrong if the backup configuration has world-writable file permissions. Say you performed a backup on […]
MySQL supports replicating to a slave that is one release higher. This allows us to easily upgrade our MySQL setup to a new version, by promoting the slave and pointing the application to it. However, though unsupported, there are times when the MySQL version of slave deployed is one release lower. In this scenario, if […]
GTID replication has made it convenient to setup and maintain MySQL replication. You need not worry about binary log file and position thanks to GTID and auto-positioning. However, things can go wrong when pointing a slave to a different master. Consider a situation where the new master has executed transactions that haven’t been executed on […]
In this post, we’ll look at the MySQL 8.0 innodb_dedicated_server variable. MySQL 8.0 introduces a new variable called innodb_dedicated_server. When enabled, it auto tunes innodb_buffer_pool_size, innodb_log_file_size and innodb_flush_method at startup (if these variables are not explicitly defined in my.cnf). The new MySQL 8.0 variable automatically sizes the following variables based on the RAM size of […]
In this short blog post, I will show you how you can compare current and past time series in Percona Monitoring and Management (PMM). Recently, a support customer shared a graph with us that compared query throughput between today and yesterday as a confirmation that optimizing their server variables improved performance. Do you want to […]
In this blog post, we’ll look at how to set up Percona PAM with Active Directory for external authentication. In my previous article on Percona PAM, I demonstrated how to use Samba as a domain, and how easy it is to create domain users and groups via the samba-tool. Then we configured nss-pam-ldapd and nscd […]
In this blog, we’ll look at how to setup and troubleshoot the Percona PAM authentication plugin. We occasionally get requests from our support clients on how to get Percona Server for MySQL to authenticate with an external authentication service via LDAP or Active Directory. However, we normally do not have access to client’s infrastructure to […]
In a previous article, Ovais demonstrated how a DDL can render a table blocked from new queries. In another article, Valerii introduced performance_schema.metadata_locks, which is available in MySQL 5.7 and exposes metadata lock details. Given this information, here’s a quick way to troubleshoot metadata locks by creating a stored procedure that can: Find out which […]
One of the common tasks requested by our support customers is to optimize slow queries. We normally ask for the table structure(s), the problematic query and sample data to be able to reproduce the problem and resolve it by modifying the query, table structure, or global/session variables. Sometimes, we are given access to the server […]
Percona Server is bundled with the PAM plugin which opens a plethora of ways to authenticate to MySQL such as restricting time when users can connect to MySQL, authenticate via a USB key, authenticate to an external authentication system such as LDAP and many, many more PAM compatible mechanisms. If you want to use PAM […]