Jun 18, 2021 |
MySQL, ProxySQL, Security
Starting with the release of proxysql-admin 2.0.15, the proxysql-admin 2.x series can now encrypt the credentials needed to access proxysql and cluster nodes. This only applies to the proxysql-admin configuration, this does not change the ProxySQL config, so those credentials are still unencrypted. The credentials file is the unencrypted file containing the usernames, passwords, hostnames, […]
Oct 04, 2019 |
Insight for DBAs, MySQL, Percona Software
Starting with the experimental release of Percona XtraDB Cluster 8.0, we have made changes to the SST process to make the process more robust and easier to use. mysqldump and rsync are no longer supported SST methods. Support for mysqldump was deprecated starting with PXC 5.7 and has now been completely removed. MySQL 8.0 introduced […]
Oct 03, 2019 |
Insight for DBAs, MySQL, Percona Software, ProxySQL
The problem In PXC 5.6 and 5.7, when using xtrabackup-v2 as the SST method, the DBA must create a user with the appropriate privileges for use by Percona XtraBackup (PXB). The username and password of this backup user are specified in the wsrep_sst_auth variable. This is a problem because this username and password was being […]
Mar 19, 2018 |
Insight for DBAs, MySQL, Percona Software
Recently, I’ve been looking into issues with the interactions between MySQL asynchronous replication and Galera replication. In this blog post, I’d like to share what I’ve learned. MySQL asynchronous replication and Galera replication These interactions are complicated due to the number of factors involved (Galera replication vs. asynchronous replication, replication filters, and row-based vs. statement-based […]
Apr 24, 2017 |
Insight for DBAs, Percona Software
In this blog post, I’ll discuss some changes to the behavior of the Percona XtraDB Cluster SST tmpdir option in the latest versions of Percona XtraDB Cluster 5.6.35-26.20-3 and 5.7.17-29.30. Previously, we did not use the path specified by the tmpdir. From Percona XtraDB Cluster 5.6.35-26.20-3 and 5.7.17-29.20, we use the tmpdir option to specify the […]
Apr 23, 2017 |
Percona Software, Security
If you’ve tried to use SSL in Percona XtraDB Cluster and saw an error in the logs like SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small, we’ve implemented some changes in Percona XtraDB Cluster 5.6.34 and 5.7.16 that get rid of these errors. Some background dh key too small refers to the Diffie-Hellman parameters used by the SSL code that are […]
Apr 21, 2017 |
MySQL, Percona Software, Security
In this blog post, we’ll look at a feature that recently added to Percona XtraDB Cluster 5.7.16, that makes it easier to configure Percona XtraDB Cluster SSL for all related communications. It uses mode “encrypt=4”, and configures SSL for both IST/Galera communications and SST communications using the same SSL files. “encrypt=4” is a new encryption […]
Apr 21, 2017 |
Percona Software, Security
In this blog post, we’ll look at enabling Percona XtraDB Cluster SST Traffic Encryption, and some of the changes to the SSL-based encryption of SST traffic in Percona XtraDB Cluster 5.7.16. Some background Percona XtraDB Cluster versions prior to 5.7 support encryption methods 0, 1, 2 and 3: encrypt = 0 : (default) No encryption encrypt […]