Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

(DAT304) Amazon RDS for MySQL: Best Practices

2,980 views

Published on

Learn how to monitor your database performance closely and troubleshoot database issues quickly using a variety of features provided by Amazon RDS and MySQL including database events, logs, and engine-specific features. You will also learn about the security best practices to use with Amazon RDS for MySQL as well as how to effectively move data between Amazon RDS and on-premises instances. Hear from Amazon RDS customer Airbnb about the best practices they have implemented in their RDS for MySQL architectures.

Published in: Technology

(DAT304) Amazon RDS for MySQL: Best Practices

  1. 1. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Abdul Sathar Sait, Principal Product Manager, RDS October 2015 | Las Vegas, NV DAT 304 Amazon RDS for MySQL Best Practices Kevin Rice, Director of Engineering, Airbnb
  2. 2. What’s new in Amazon RDS MySQL AWS Key Management Service (AWS KMS)
  3. 3. Selected RDS MySQL customers Tens of thousands of customers. Hundreds of thousands of DB instances.
  4. 4. What we will cover in this session Quick introduction to Amazon Relation Database Service (Amazon RDS) Making the most out of RDS MySQL  Securing your data—encryption at rest  Database migration with minimal downtime  Improving performance by cache warming  Burst mode resources to reduce cost Learn it from the experts—Airbnb
  5. 5. Why choose Amazon RDS? Schema design Query construction Query optimization High availability Backup and recovery Isolation and security Industry compliance Push-button scaling Automated patching Advanced monitoring Routine maintenance Amazon RDS takes care of your time-consuming database management tasks, freeing you to focus on your applications and business You RDS
  6. 6. We made it highly available, secure, easier, and cheaper Push-button provisioning; automated scaling, patching, security, backups, restores, and general care and feeding Lower TCO because we manage the muck ► Get more leverage from your teams ► Focus on the things that differentiate you Built-in high availability and cross-region replication across multiple data centers Now even a small startup can leverage multiple data centers to design highly available apps with over 99.95% availability
  7. 7. High availability with Multi-AZ deployments Enterprise-grade fault tolerance solution for production databases  An Availability Zone is a physically distinct, independent infrastructure  Your database is synchronously replicated to another AZ in the same AWS region  Failover occurs automatically in response to the most important failure scenarios
  8. 8. Customers love Multi-AZ 26% 40% 25% 30% 35% 40% 45% Multi-AZ instances as a share of all RDS instances
  9. 9. Choose cross-region read replicas for faster disaster recovery and enhanced data locality Promote a read replica to a master for faster recovery in the event of disaster Bring data close to your customer’s applications in different regions Promote to a master for easy migration
  10. 10. Choose cross-region snapshot copy for even greater durability, ease of migration Copy a database snapshot to a different AWS region Warm standby for disaster recovery Or use it as a base for migration to a different region
  11. 11. Amazon RDS provides levels of security difficult to achieve on-premises Amazon RDS gives each database instance IP firewall protection RDS offers transparent encryption at rest and SSL protection for data in transit Amazon VPC lets you isolate and control network configuration and connect securely to your IT infrastructure AWS Identity and Access Management (IAM) provides resource-level permission controls AWS has achieved major compliances
  12. 12. Securing your data at rest
  13. 13. Do you encrypt your database?  Protect your data at rest  Premium feature for most commercial databases included at no additional cost to RDS customers  Data stored at rest in the underlying storage is encrypted, as are its automated backups, read replicas, and snapshots  May be needed for compliance (HIPAA and FedRamp)
  14. 14. AWS Key Management Service Integrated with IAM console
  15. 15. Services integration with AWS KMS Two-tiered key hierarchy using envelope encryption • Unique data key encrypts customer data • AWS KMS master keys encrypt data keys Benefits: • Limits risk of compromised data key • Better performance for encrypting large data • Easier to manage small number of master keys than millions of data keys • Centralized access and audit of key activity Data Key 1 Amazon S3 Object Amazon EBS Volume Amazon Redshift Cluster Data Key 2 Data Key 3 Data Key 4 Custom Application Customer Master Key(s)
  16. 16. Your Application or AWS Service + Data Key Encrypted Data Key Encrypted Data Master Key(s) in Customer’s Account AWS KMS 1. Application requests encryption key to use to encrypt data, passes reference to master key in account 2. Client request authenticated based on master key permissions 3. New data encryption key created—copy encrypted under master key 4. Plaintext and encrypted data key returned to the client 5. Plaintext data key used to encrypt data and then deleted 6. Encrypted data key stored for later use and sent back to AWS KMS for when decryption occurs How keys are used to protect your data
  17. 17. Encryption using AWS KMS demo
  18. 18. Database migration to AWS with minimal downtime
  19. 19. Move data to the same or different database engine Keep your apps running during the migration Start your first migration in 10 minutes or less Replicate within, to, or from Amazon EC2 or RDS AWS Database Migration Service
  20. 20. Migrate from Oracle and SQL Server Move your tables, views, stored procedures, and data manipulation language (DML) to MySQL, MariaDB, and Amazon Aurora Highlight where manual edits are needed AWS Schema Conversion Tool
  21. 21. Architecting for lower cost
  22. 22. Burst mode—GP2 and T2 GP2—SSD based Amazon EBS storage • 3 IOPS per GB base performance • Earn credits when usage below base • Burst to 3000+ IOPS T2—Amazon EC2 instance with burst capability • Base performance + burst • Earn credits per hour when below base performance • Can store up to 24 hours’ worth of credits • Amazon CloudWatch metrics to see credits and usage
  23. 23. Burst mode—GP2 and T2
  24. 24. T2—CPU credits
  25. 25. Burst mode vs. standard vs. Provisioned IOPS 0 1000 2000 3000 4000 5000 6000 7000 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 TransactionsperSecond(TPS) Hours 100% read—20 GB data db.m1.medium + 200GB standard $0.575 per hour
  26. 26. Burst mode vs. standard vs. Provisioned IOPS 0 1000 2000 3000 4000 5000 6000 7000 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 TransactionsperSecond(TPS) Hours 100% read—20 GB data db.m1.medium + 200GB standard db.m3.medium + 200G + 2000 IOPS $0.575 per hour $0.408 per hour
  27. 27. Burst mode vs. standard vs. Provisioned IOPS 0 1000 2000 3000 4000 5000 6000 7000 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 TransactionsperSecond(TPS) Hours 100% read—20 GB data db.m1.medium + 200GB standard db.m3.medium + 200G + 2000 IOPS db.m3.large + 200G + 2000 IOPS $0.575 per hour $0.408 per hour $0.508 per hour
  28. 28. Burst mode vs. Standard vs. Provisioned IOPS 0 1000 2000 3000 4000 5000 6000 7000 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 TransactionsperSecond(TPS) Hours 100% read—20 GB data db.m1.medium + 200GB standard db.m3.medium + 200G + 2000 IOPS db.m3.large + 200G + 2000 IOPS db.t2.medium + 200GB gp2 $0.105 per hour $0.575 per hour $0.408 per hour $0.508 per hour
  29. 29. Burst mode vs. standard vs. Provisioned IOPS 0 1000 2000 3000 4000 5000 6000 7000 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 TransactionsperSecond(TPS) Hours 100% read—20 GB data db.m1.medium + 200GB standard db.m3.medium + 200G + 2000 IOPS db.m3.large + 200G + 2000 IOPS db.t2.medium + 200GB gp2 db.t2.medium + 1TB gp2 $0.105 per hour $0.575 per hour $0.233 per hour $0.408 per hour $0.508 per hour
  30. 30. Selected Amazon RDS customers
  31. 31. Airbnb Using technology to provide unique global travel experiences. Exponential growth in: traffic, users, bookings, data, number of engineers. Engineers deploy their own code at any time of day. Rapid experimentation. Search. Discovery. Global payments. Trust and safety. Customer experience.
  32. 32. The basics Master Replica Replica Application Server Application Server Multi-AZ
  33. 33. Binlog settings Master Replica Replica Application Server Application Server Multi-AZ
  34. 34. Snapshots for data analytics Master Replica Replica Multi-AZ Batch Replica Snapshot Temp Instance Daily Application Server HDFS
  35. 35. Binlog streaming: “SpinalTap” Master Replica Replica Multi-AZ Batch Replica SpinalTap Replica Application Server
  36. 36. Disaster recovery Master Replica Replica Multi-AZ Batch Replica Application Server S3 Application Server To separate account and region
  37. 37. Summary and future work
  38. 38. http://bit.ly/awsevalsDAT304
  39. 39. Thank you!
  40. 40. Remember to complete your evaluations!

×