Aug 20, 2024 |
Cloud, MySQL, Percona Software
Percona Operator for MySQL, based on Percona XtraDB Cluster (PXC), provides configuration to expose the ProxySQL, HAProxy, and the PXC instances themselves so that you can use Percona Toolkit to connect to MySQL from these endpoints externally. However, you can also create Kubernetes pods to run Percona Toolkit operations there instead if you do not […]
Jun 27, 2024 |
Cloud, MongoDB, Percona Software, Security
As per K8SPSMDB-732, TLS is now supported with LDAP authentication on Percona Operator for MongoDB 1.16.0 and above. This feature has been documented here as well. I’ve written a previous article on using LDAP authentication and authorization without TLS, so let me provide the instructions here on incorporating TLS with LDAP. First, you need to […]
Mar 27, 2024 |
Insight for DBAs, MongoDB, Percona Software, Security
Percona Server for MongoDB currently has several external authentication options, such as LDAP with SASL, LDAP, Kerberos, and AWS IAM. What is amazing is that SASL can authenticate with Pluggable Authentication Modules (PAM) too. This means that you still have additional external authentication options to choose from through PAM libraries. For a quick demonstration of […]
Sep 19, 2022 |
Cloud, Insight for DBAs, MongoDB, Percona Software
As of Percona Operator for MongoDB 1.12.0, the documentation now has instructions on how to configure LDAP Authentication and Authorization. It already contains an example of how to configure the operator if OpenLDAP is your LDAP server. Here is another example of setting it up but using Samba as your LDAP server. To simplify the […]
Apr 21, 2020 |
Insight for DBAs, MongoDB, Security
Since the release of Percona Server MongoDB 3.6.13 (PSMDB), you have been able to use Vault to store the encryption keys for data at rest encryption. Here’s how to set it up. First, you need to have a Vault server up and running. My colleague, Jericho, has an article on setting up Vault for Percona […]
Jul 01, 2019 |
Insight for DBAs, MySQL
It’s bad practice to provide world-writable access to critical files in Linux, though we’ve seen time and time again that this is done to conveniently share files with other users, applications, or services. But with Xtrabackup, preparing backups could go wrong if the backup configuration has world-writable file permissions. Say you performed a backup on […]
Oct 01, 2018 |
Insight for DBAs, MySQL
MySQL supports replicating to a slave that is one release higher. This allows us to easily upgrade our MySQL setup to a new version, by promoting the slave and pointing the application to it. However, though unsupported, there are times when the MySQL version of slave deployed is one release lower. In this scenario, if […]
Jul 02, 2018 |
Insight for DBAs, MySQL
GTID replication has made it convenient to setup and maintain MySQL replication. You need not worry about binary log file and position thanks to GTID and auto-positioning. However, things can go wrong when pointing a slave to a different master. Consider a situation where the new master has executed transactions that haven’t been executed on […]
Mar 26, 2018 |
Insight for DBAs, MySQL, Percona Software
In this post, we’ll look at the MySQL 8.0 innodb_dedicated_server variable. MySQL 8.0 introduces a new variable called innodb_dedicated_server. When enabled, it auto tunes innodb_buffer_pool_size, innodb_log_file_size and innodb_flush_method at startup (if these variables are not explicitly defined in my.cnf). The new MySQL 8.0 variable automatically sizes the following variables based on the RAM size of […]
Jan 12, 2018 |
Monitoring, MySQL, Percona Software
In this short blog post, I will show you how you can compare current and past time series in Percona Monitoring and Management (PMM). Recently, a support customer shared a graph with us that compared query throughput between today and yesterday as a confirmation that optimizing their server variables improved performance. Do you want to […]
Jul 13, 2017 |
Insight for DBAs, MySQL, Percona Software, Security
In this blog post, we’ll look at how to set up Percona PAM with Active Directory for external authentication. In my previous article on Percona PAM, I demonstrated how to use Samba as a domain, and how easy it is to create domain users and groups via the samba-tool. Then we configured nss-pam-ldapd and nscd […]
Apr 21, 2017 |
Insight for DBAs, MySQL, Security
In this blog, we’ll look at how to setup and troubleshoot the Percona PAM authentication plugin. We occasionally get requests from our support clients on how to get Percona Server for MySQL to authenticate with an external authentication service via LDAP or Active Directory. However, we normally do not have access to client’s infrastructure to […]
Dec 28, 2016 |
Insight for DBAs, MySQL
In a previous article, Ovais demonstrated how a DDL can render a table blocked from new queries. In another article, Valerii introduced performance_schema.metadata_locks, which is available in MySQL 5.7 and exposes metadata lock details. Given this information, here’s a quick way to troubleshoot metadata locks by creating a stored procedure that can: Find out which […]
Feb 10, 2014 |
MySQL
One of the common tasks requested by our support customers is to optimize slow queries. We normally ask for the table structure(s), the problematic query and sample data to be able to reproduce the problem and resolve it by modifying the query, table structure, or global/session variables. Sometimes, we are given access to the server […]
Aug 14, 2013 |
MySQL
Percona Server is bundled with the PAM plugin which opens a plethora of ways to authenticate to MySQL such as restricting time when users can connect to MySQL, authenticate via a USB key, authenticate to an external authentication system such as LDAP and many, many more PAM compatible mechanisms. If you want to use PAM […]