Securing Access to Facebook's Databases

Wednesday 12:50PM-1:40PM

@ Room 204

MySQL / MariaDB

50 minutes conference


Business / Case Studies, Operations

Since the beginning, Facebook has used a conventional username/password to secure access to production MySQL instances. Over the last few years we've been working on moving to x509 TLS client certificate authenticated connections. Given the many types of languages and systems at Facebook that use MySQL in some way - this required a massive amount of changes for a lot of teams.

This talk is part technical overview of how our new solution works and part hard-learned tricks for getting an entire company to change their underlying mysql client libraries.


Andrew Regner

Andrew Regner (Facebook)

Production Engineer


Andrew is a Linux generalist that loves to work on large scale distributed systems. He works on Facebook's MySQL Infrastructure team and is focused on operational efficiency of both humans and servers. This is done by building new software robots that take over more and more of his co-worker's jobs from them, and mediating the arguments that these young and sometimes overly opinionated robots get into.


  Download Slides  

Connect with Percona

Stay Connected on:

Percona Live Conferences

The Percona Live Open Source Database Conferences are the premier event for the diverse and active open source database community, as well as businesses that develop and use open source database software.

Contact Us

For general information about the event/expo/conference, including registration, please contact us at:

  • info(@)
  • +1-888-401-3401
  • +1-919-948-2863