Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

MySQL Backup and Security Best Practices

16,124 views

Published on

Slides of my talk about MySQL Backup and Security at phpDay in Verona, Italy:
http://www.phpday.it/site/phpday-2009/calendario-conferenze/canale-developers/mysql-backup-and-security-best-practices/

Published in: Technology
  • Dating for everyone is here: ❶❶❶ http://bit.ly/39mQKz3 ❶❶❶
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Sex in your area is here: ♥♥♥ http://bit.ly/39mQKz3 ♥♥♥
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m6jJ5M } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • allow me
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

MySQL Backup and Security Best Practices

  1. 1. MySQL Backup and Security Best practices on how to run MySQL on Linux & OpenSolaris in a secure way Sun Microsystems Lenz Grimmer <lenz@sun.com>
  2. 2. Overview • Improving MySQL Server security – Built-in functionality – Operating System support • Backing up MySQL – Physical vs. logical – Methods and Utilities
  3. 3. Improving MySQL security • Essential part of the post-installation process • Default installation pretty secure already • Some additional steps have to be performed • Utilize additional security features provided by the OS (where applicable) http://dev.mysql.com/doc/refman/5.0/en/security.html
  4. 4. MySQL Server post-installation • Password for the root account $ mysql -u root mysql mysql> SET PASSWORD FOR root@localhost PASSWORD('password') • Remove the anonymous account (or assign a password) • Remove the test database • Script: mysql_secure_installation • Only the necessary accounts • Only the essential privileges
  5. 5. Access Control Check • Connect – Server checks in the user table for a matching entry for the username, host and password • Query – Server checks the user, db, tables_priv and column_privs tables http://dev.mysql.com/doc/refman/5.0/en/privilege-system.html
  6. 6. Query Access Control Do you have sufficient privileges to execute the query? true Query user false true db Query executed false tables_priv true false true columns_priv false Permission denied
  7. 7. MySQL Server security hints • bind-address option in my.cfg binds the TCP port to a specific interface (e.g. 127.0.0.1) • skip-networking option only allows connections via the local socket file • Allow access from selected hosts only • Restrict access to the mysql.user table to the root user • SHOW GRANTS, SET PASSWORD, GRANT/REVOKE • Use phpMyAdmin, MySQL Administrator or other GUI tools for easier user administration • Do not edit mysql.user directly!
  8. 8. MySQL Server security hints • Restrict PROCESS/SUPER/FILE privileges to a minimum • Disable LOAD DATA LOCAL by setting local- infile=0 in my.cnf • Always run run mysqld using a non-privileged user account • For developers: – Do not store plain-text passwords in the database and don't use password() (esp. when using MySQL versions before 4.1) – Use MD5(), SHA1() or some other one-way hashing function instead
  9. 9. MySQL Server security hints • For the paranoid: – Replace the name of the root account with a different (harder to guess) one, to avoid brute- force dictionary attacks – Remove/clean the client's history file (~/.mysql_history), if you edited or added user accounts/passwords 9
  10. 10. Views and Stored Procedures • Use Views to restrict access to certain columns of tables • Stored Procedures shield tables from being accessed/modified by the user/application directly • Available since MySQL 5.0.x http://dev.mysql.com/doc/refman/5.0/en/views.html http://dev.mysql.com/doc/refman/5.0/en/stored-procedures.html 10
  11. 11. Improving access restrictions • Lock down permissions on the data directory with chown and chmod – Avoid that users can corrupt or access table data • Log files must also be kept secure: – Shielding data from user access – GRANT statements in logfiles could reveal user passwords • Generally don't allow shell logins to the DB server for normal users 11
  12. 12. Reducing security risks • Use iptables to firewall the server • Run MySQL in a chroot() environment • Enable SELinux or Novell AppArmor • Run the MySQL server in a VM – Xen / Sun xVM – Solaris Zones/Container – KVM – VMware / Parallels / VirtualBox 12
  13. 13. Securing data and communication • Encrypt network traffic – OpenSSL – SSH tunnel – OpenVPN – Cipe • Encrypt the Data Directory – cryptoloop devices – dm_crypt kernel module 13
  14. 14. Backing up MySQL data • When do you need backups? • What needs to be backed up? • When should backups be performed? • Where will the backups be stored? • How can backups be performed? 14
  15. 15. When Do You Need Backups? • Hardware failure – A system crash may cause some of the data in the databases to be lost – A hard-disk failure will most certainly lead to lost data • User/Application failure – Accidental DROP TABLE or malformed DELETE FROM statements – Editing the table files with text editors, usually leading to corrupt tables 15
  16. 16. What needs to be backed up? • Database content – for full backups – logical or physical backup • Log files – for incremental backups – point-in-time recovery • Configuration Data – /etc/my.cnf – Cron-Jobs 16
  17. 17. When should backups be performed? • On a regular basis • Not during high usage peaks (off hours) • Static data can be backed up less frequently 17
  18. 18. Where to store backups? • On the database server – At least on a separate file system/volume or hard disk drive • Copied to another server – On or off site – Cloud storage (using encryption) • Backed up to tape/disk – Stored on or off site • Choose multiple locations! 18
  19. 19. The Data Directory • Databases and most log and status files are stored in the data directory by default • Default directory compiled into the server – /usr/local/mysql/data/ (tarball installation) – /var/lib/mysql (RPM packages) • Data directory location can be specified during server startup with --datadir=/path/to/datadir/ • Find out the location by asking the server mysql> SHOW VARIABLES like 'data%'; mysql> SHOW VARIABLES like 'innodb_%_dir'; 19
  20. 20. The Binary Log • Contains DML SQL statements (statement based) or actual modified data (row-based) • Also contains additional information about each query (e.g. query execution time) • Binary log is stored in an efficient binary format • mysqlbinlog to decode the log contents • Enable binlogging with --log-bin[=file_name] • Logs are created in sequence e.g. file_name-bin.001, file_name-bin.002, etc. • Binary log is transaction-compatible • mysqld creates binary log index file which contains names of the binary log files used 20
  21. 21. Managing The Binary Log • Purpose of the Binary Log: – Enable replication – Ease crash recovery • SHOW MASTER LOGS shows all binary log files residing on the server • FLUSH LOGS or restarting the server creates a new file • RESET MASTER deletes all binary log files • PURGE MASTER deletes all binary log files up to a certain point • Don't delete logs that slaves still need! 21
  22. 22. The Error Log • When started with mysqld_safe, all error messages are directed to the error log • The log contains info on when mysqld was started and stopped as well as errors found when running $ cat /var/log/mysql.err 000929 15:29:45 mysqld started /usr/sbin/mysqld: ready for connections 000929 15:31:15 Aborted connection 1 to db: 'unconnected' user: 'root' host: `localhost' (Got an error writing communication packets) 000929 15:31:15 /usr/local/mysql/bin/mysqld: Normal shutdown 000929 15:31:15 /usr/local/mysql/bin/mysqld: Shutdown Complete 000929 15:31:54 mysqld started /usr/sbin/mysqld: ready for connections 22
  23. 23. mysqldump • mysqldump dumps table structure and data into SQL statements $ mysqldump mydb > mydb.20050925.sql • CREATE TABLE statements for table structure • INSERT statements for the data • Can dump individual tables or whole databases • mysqldump can also be used directly as input into another server (without creating any files) $ mysqldump --opt world | mysql -h work.mysql.com world 23
  24. 24. mysqldump hints • Use --single-transaction when backing up InnoDB tables • --lock-all-tables is useful for performing consistent MyISAM backups – But locks all DML statements until backup is done • --flush-logs flushes the binary log file (checkpointing) 24
  25. 25. Recovering from Backups • Restoring tables to the state before a crash requires both the backup files and the binary log – Restore the tables to the state they were at the time of the backup from the backup files – Extract the queries issued between the backup and now from synchronised binary logs • When recovering lost data due to unwise queries, remember not to issue them again DB Recovery = Last full backup & binlogs 25
  26. 26. Example SQL level restore • Restore the last full backup mysql < backup.sql • Apply all incremental changes done after the last full backup mysqlbinlog hostname-bin.000001 | mysql 26
  27. 27. MySQL table files backup • Also called “physical” backup • MyISAM Database files can simply be copied after issuing FLUSH TABLES WITH READ LOCK; • The mysqlhotcopy Perl script automates this process • Locking all tables for consistency can be expensive, if the file backup operation takes a long time 27
  28. 28. Backing Up InnoDB Databases • To take a ’binary’ backup, do the following: 1. Shutdown the MySQL server 2. Copy your data files, InnoDB log files, .frm files and my.cnf file(s) to a safe location 3. Restart the server • It is a good idea to backup with mysqldump also, since errors might occur in a binary file without you noticing it • Use mysqldump --single transaction to make an on-line backup • Use InnoDB Hot Backup (commercial) 28
  29. 29. XtraBackup / Maatkit • http://percona.com/percona-lab.html • Online backup for InnoDB (and XtraDB) • Does not work with the InnoDB plugin – Add this to my.cnf: [xtrabackup] target_dir = /home/backups – To backup: $ xtrabackup –backup • http://maatkit.org/ – Multithreaded Perl wrapper scripts: mk-parallel-dump / mk-parallel-restore 29
  30. 30. OSS backup tools • The usual suspects: cp, tar, cpio, gzip, zip called in a shell script via a cron job • rsync or unison for incremental, bandwidth-friendly, remote backups • Complete network-based backup solutions like afbackup, Amanda or Bacula provide more sophisticated features (e.g. catalogs) 30
  31. 31. Linux backup support • File system snapshots – LVM – Zumastor – btrfs – R1Soft Linux Hot Copy • DRBD (“RAID1 over the network”) • Distributed file systems – OpenAFS – GFS – Lustre – Novell iFolder 31
  32. 32. Backup using file system snapshots • Snapshots provide a convenient and fast backup solution for backing up entire databases without disruption • Snapshot volume size does not need to be very large (10-15% are sufficient in a typical scenario) • Backup of files from a snapshot volume can be performed with any tool 32
  33. 33. Benefits of MySQL Snapshot Backups • “Almost hot” (no downtime) • Supports all storage engines • Fast, low overhead • Easy integration • Can be combined with log recovery • Fast recovery • (Usually) Free
  34. 34. Snapshot Backup Caveats • Not incremental • InnoDB ignores FLUSH TABLES WITH READ LOCK • FLUSH TABLES performance impact • Possible I/O performance impact while snapshot is active (Linux LVM) • Handling data spread on multiple volumes (DB logs on separate LV or DBs spread across multiple LVs)
  35. 35. Linux LVM snapshot creation Basic principle: mysql> FLUSH TABLES WITH READ LOCK $ lvcreate -s –-size=<size> --name=backup <LV> mysql> UNLOCK TABLES $ mount /dev/<VG>/backup /mnt $ tar czvf backup.tar.gz /mnt/* $ umount /mnt $ lvremove /dev/<VG>/backup 35
  36. 36. The mylvmbackup script • http://www.lenzg.net/mylvmbackup/ • Perl script for quickly creating MySQL backups using Linux LVM snapshots • Snapshots are mounted to a temporary directory and all data is backed up using tar, rsync or rsnap • Timestamped archive names allow running mylvmbackup many times without risking to overwrite old archives • Can perform InnoDB log recovery on the snapshot prior to backup (LVM2) • Requires Perl, DBI and DBD::mysql 36
  37. 37. MySQL replication • Backing up a replication slave is less time- critical (Master is not blocked for updates) • A slave can use different storage engines • One Master can replicate to many slaves • Keep the limitations of MySQL replication in mind • Make sure to back up the master.info and relay-log.info files as well as any SQL_LOAD-* files (if LOAD DATA INFILE is replicated) 37
  38. 38. The MySQL Online Backup API • API to perform a streaming MySQL online backup, Storage Engine-independent • Transactional tables will contain data only from committed transactions • Non-transactional tables will contain data only from completed statements • Referential integrity will be maintained between all tables backed up with a specific backup command • Preview available on MySQL Forge: http://forge.mysql.com/wiki/OnlineBackup 38
  39. 39. Online Backup example • Future versions (MySQL 6.x) • Example Commands BACKUP DATABASE sakila TO 'sakila- backup.sql'; Metadata: SELECT * FROM mysql.online_backup WHERE backup_id = 1 G RESTORE FROM 'sakila-backup.sql'; Metadata: SELECT * FROM mysql.online_backup WHERE backup_id = 2 G 39
  40. 40. Commercial backup solutions • Acronis True Image • ARCServe • Arkeia • InnoDB HotBackup • SEP sesam • Veritas vxfs snapshots • Zmanda Recovery Manager (ZRM) • R1Soft CDP 40
  41. 41. Backup Method Comparison • Output from mysqldump is portable to any other DBMS (without the --opt option) whereas copied files only work with MySQL • Full backups are expensive • Restoring from logs can be tricky • The file copying methods are much faster than mysqldump • So it comes down to your preferences: – Which tool do you prefer to use – Speed vs. portability 41
  42. 42. Backup Principles • Perform backups regularly • Turn on the binary update log – Update logs are needed to restore the database without losing any data • Synchronise binary logs with the backup files – Use FLUSH LOGS • Name your backups consistently and understandably – Include the date in the file name mydb.20050925.sql • Store your backups away from where your databases are 42
  43. 43. General backup notes • Put the binary logs on a different file system (or even a different drive) – Increases performance – Avoids data loss • Verify the backup is consistent and complete! • Define backup schedules and policies as well as recovery procedures • Test that these actually work! 43
  44. 44. Q&A Questions, Comments?
  45. 45. Thank you! Lenz Grimmer <lenz@sun.com> http://www.lenzg.net/ 45

×