Mysql Welcome 171017042130
Mysql Welcome 171017042130
Mysql Welcome 171017042130
Haim Tzadok
Safe Usage
The material provided here is not free of
errors and should be treated as such.
If you find any error, please email me -
[email protected] and I will try my
best to correct any error.
1. MySQL Introduction
2. MySQL Clients
3. MySQL Architecture
4. MySQL Basic Security
5. MySQL Configuration
6. MySQL Administration
7. MySQL Monitoring
8. MySQL Replication
9. Backup & Recovery
10. MySQL Advanced Security
11. MySQL Performance Monitoring &
Tuning
WELCOME
Introduction to MySQL
o MySQL Editions
o MySQL Components
o MySQL Installation Brief
MySQL Basic Security
o User Privileges
o User account management
MySQL Clients
o MySQL CLI
o MySQL Workbench
o MySQL Connectors
o MySQL Router
MySQL Architecture
o Internal Architecture
o Information Schema
o Storage Engines
MySQL Configuration
o Server configuration
o Client configuration
MySQL Administration
o OS Service
o Data directory
o Server logs
o Utilities
WELCOME
MySQL Monitoring
o Monitoring using Workbench
o Enterprise Monitoring
MySQL Replication
o Replication formats
o Replication methods
o Binlog Replication
o GTID replication
o Replication topologies
Backup & Recovery
o Logical backup
o Physical backup
Advanced Security
o MySQL Firewall
o MySQL Auditing
o Encryption
MySQL Performance Monitoring
MySQL Introduction
MySQL Introduction
“The wolrd’s most popular open source database”
Objectives
● It is maintained by Oracle/MySQL
○ MariaDB
○ Percona
○ Google patches
○ Facebook patches
MySQL Israeli Community activities
○ Server Only
■ Only installs MySQL server
○ Client Only
■ Only installs Workbench MySQL Visual studio
plugin and MySQL Connectors
○ Full
■ installs everything
○ Custom
■ Allows to select what to install
Obtaining MySQL for Windows
● Pre-requisite -
○ In order to use workbench and other
MySQL tools it is better to download and
install - Microsoft Visual C++ 2013
redistributable/runtime package
Obtaining MySQL for Windows
Proceed to execute...
Obtaining MySQL for Linux
This script will ask about root password for the Database. It will remove
anonymous users and so on…
haim@mysql1 = haim@mysql2
• The wildcard ‘%’ for the host part – represents that a user
can connect from any host except from the localhost.
• A user is a global object, password is not associated with
db,table or routine
MySQL User account Management
Privilege GRANT ALL ON *.* TO haim@’%’; REVOKE INSERT ON *.* FROM show grants for user@’host’;
haim@’%’;
DDL DML
BEGIN/START TRANSACTION BEGIN/START TRANSACTION
CREATE T1 (C1 int); INSERT INTO T1(‘C1’) VALUES (10);
CREATE T2 (C1 int); INSERT INTO T1(‘C1’) VALUES (9);
Rollback; Rollback;
CREATE T3 (C1 int); SELECT * from T1;
SHOW TABLES; INSERT INTO T1(‘C1’) VALUES (7);
Select * from T1;
CLI Clients
• MySQL Command line clients
▪ mysql – a command line client
▪ mysqladmin – a command line client for management
GUI Clients
• Workbench
Application Clients
• MySQL Connectors
• MySQL Router
MySQL Client/Server Architecture
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
mysql client - variables and values
bash:~$ mysql --help FALSE ssl-crlpath (No
local-infile value)
The mysql client
SYNOPSIS
mysql [options] [db_name]
Usually reads /etc/my.cnf and $HOME/.my.cnf
General purpose options include:
--help : shows help and the current Variables options and Boolean values
-h / --host : server host name (default: localhost)
-P / --port : server TCP/IP port (default: 3306)
-S / --socket : UNIX socket file
-u / --user : MySQL login
-U / --safe-updates, --i-am-a-dummy : safe mode
-p / --password : password
--defaults-file : name of configuration file where options are listed.
Output format (Using ; or \G)
Execute queries - ending with ; or \G
A statement ending with ; will produce an output in table format.
mysqlmysql> explain select * from mysql.user;
+----+-------------+-------+------------+------+---------------+------+---------+------+------+----------+-------+
| id | select_type | table | partitions | type | possible_keys | key | key_len | ref | rows | filtered | Extra |
+----+-------------+-------+------------+------+---------------+------+---------+------+------+----------+-------+
| 1 | SIMPLE | user | NULL | ALL | NULL | NULL | NULL | NULL | 4 | 100.00 | NULL |
+----+-------------+-------+------------+------+---------------+------+---------+------+------+----------+-------+
1 row in set, 1 warning (0.00 sec)
Database changed
mysql> show tables;
+-------------------+
| Tables_in_grigale |
+-------------------+
| employees |
+-------------------+
1 row in set (0.00 sec)
mysql>
Using pager
mysql> pager
Default pager wasn't set, using stdout.
mysql>
Log session activities
Log all activity in external text file using tee, Disable with notee.
+----+------+-----------+----+---------+------+----------+------------------+
| Id | User | Host | db | Command | Time | State | Info |
+----+------+-----------+----+---------+------+----------+------------------+
| 79 | root | localhost | | Query | 0 | starting | show processlist |
+----+------+-----------+----+---------+------+----------+------------------+
[root@olp1 ~]#
The mysqladmin client
• Use the status argument to print general purpose status:
• -c : count -i: interval
• - Add a connection
- Edit one of the available Connections
Workbench
Workbench Connection details
– by tapping the right upper edge of an existing connection.
Workbench
Main Navigation
Navigator
Use navigator
to navigate
Between
Available
Administration
options
Workbench
Management -> Server status – Shows server Status and online monitoring
Workbench –
Database design and modeling
For example –
Show Metadata and
Internal schemas - will Reveal
internal databases Such as mysql,
performance_schema, sys and more…
Combine Managenent Tools and
Schema Tree - will combine/Separate
the management tools From the
Schema tree management.
MySQL Architecture
MySQL Architecture
• MySQL Architecture
• MySQL Information Schema
• MySQL Storage Engines
MySQL Architecture
MySQL Architecture
MySQL Information Schema
Major players
In-house (Oracle/MySQL) storage engines are:
● MyISAM (Non transactional SE, not ACID compliant)
● MERGE
● InnoDB
● MEMORY (Saves all the data in the RAM)
● Blackhole (don’t save data in db files, used for replication shipping)
● CSV (Save the data as .csv files, don’t allow indexes)
● ARCHIVE (Compress the data and archive it)
● Federated
● NDB (as part of MySQL Cluster)
Newer, emerging and gaining popularity:
● XtraDB (InnoDB plugin fork by Percona)
● MariaDB (by Monty Program AB)
Today MySQL recommend using InnoDB for all kind of uses !
MySQL Architecture
MySQL Storage Engines
Which engine do we use ?
Use SHOW commands.
• General parameters:
– init-connect – statement that will be executed upon start of connection
– sql_mode – a set of modes that mysql will comply to when running SQL statements.
– read_only (0=OFF, 1=ON)
– wait_timeout (in seconds)
– InnoDB parameters
– innodb_buffer_pool_size – the amount of memory innodb will use for data & index caches.
– Innodb_log_file_size – size of transaction log size.
– Innodb_file_per_table – required for replication.
– Innodb_lock_wait_timeoiut – seconds to wait before rolling back a locking transaction.
Metadata
show databases | show tables | show plugins |
show triggers | show indexes| show grants
show create table/procedure/trigger |
MySQL Server Status
status
show status|show master status| show slave
status | show open tables |show engine innodb
status | show [full] processlist |show global
status
– Chained (Master/Intermediate/Slave)
I S
M
M M
– Group Replication
M M
MySQL Replication
MySQL Replication formats
• MySQL Firewall
• MySQL Auditing
• MySQL encryption
MySQL Firewall
• MySQL Firewall consists of several plugins and tables in
information_schema and mysql db.
• MySQL Firewall is enabled globally but it will not work till it
is implemented on users.
• Firewall mode on users –
OFF – Firewall is not implemented on the user.
RECORDING – Generates white list for the specific user which is
being recorded.
DETECTING - detect and log any transaction which is not in the
white list.
PROTECTING - enables the firewall to work in enforcing mode.
(any statement that is not in the white list will be denied).
MySQL Auditing
MySQL Auditing
MySQL Enterprise Audit provides an easy to use, policy-based
auditing solution that helps organizations implement stronger
security controls and satisfy regulatory compliance.
Encryption vs TDE
Enabling MySQL Encryption
MySQL Encryption
Encryption vs TDE
Encryption – Data itself is encrypted
No indexes can be enabled on
encrypted column. Data is decrypted
using a private key.
TDE – Transparent Data encryption is
encryption in the file-system layer.
MySQL Performance
Monitoring
MySQL Performance Monitoring
REDO
Bufferpool LOGS
Tab1
Tab2
Tab3
Datadir
datafiles
Performance schema