SlideShare a Scribd company logo

Fortify aws aurora_proxy_2019_pleu

Marco Tusa
Marco Tusa

Secure our data is a complex topic. We can build a very strong protection around our data, but nothing will prevent the one WHO could potentially access it to compromise the data integrity or to expose it. This because we either under estimate the control we can or should impose, or because we think to do not have the tools to perform such control. Nowadays to be able to control and manage what can access our data is a must, while how to do with standard tools it is a nightmare. The presentation will guide you in a journey, there you will discover how implementing a quite robust protection, more than what you thought was possible. Even more, it is possible and your performances will even improve. Cool right? We will discuss: - Access using not standard port - Implement selective query access - Define accessibility by location/ip/id - Reduce to minimum cost of filtering - Automate the query discovery

1 of 48
Download to read offline
Marco Tusa Percona Fortify your MySQL data security in AWS using ProxySQL and Firewalling
• Open source enthusiast • Principal Consultant • Working in DB world over 25 years • Open source developer and community contributor About Me
Hello, Attendees! Why use ProxySQL with Aurora or AWS solutions What can be done to make your AWS/Aurora safer and more stable
What is ProxySQL (in 1 slide) • ProxySQL has an advanced multi-core architecture. • It's built from the ground up to support hundreds of thousands of concurrent connections, multiplexed to potentially hundreds of backend servers. • Query filtering by design • Query caching • Embedded configuration distribution (cluster) • Design to scale (the largest ProxySQL deployment spans several hundred proxies). • … and more
What is AWS Aurora (in 1 slide) • Amazon Aurora is a MySQL and PostgreSQL compatible relational database built for the cloud • Features a distributed, fault-tolerant, self-healing storage system that auto- scales up to 64TB per database instance • Delivers high performance and availability with up to 15 low-latency read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across three Availability Zones • fully managed by Amazon Relational Database Service (RDS) • … and more
Use ProxySQL version 2 (The problem) ProxySQL deal with backend servers using: • Replication Hostgroup • Async replication • Scheduler • PXC, NDB etc AWS Aurora do not use READ_ONLY but INNODB_READ_ONLY https://dev.mysql.com/doc/refman/5.7/en/innodb-read-only-instance.html
Use ProxySQL version 2 (Solution) October 2017, this issue was opened (https://github.com/sysown/proxysql/ issues/1195 ) MYHGM_MYSQL_REPLICATION_HOSTGROUPS "CREATE TABLE mysql_replication_hostgroups (writer_hostgroup INT CHECK (writer_hostgroup>=0) NOT NULL PRIMARY KEY , reader_hostgroup INT NOT NULL CHECK (reader_hostgroup<>writer_hostgroup AND reader_hostgroup>=0) , check_type VARCHAR CHECK (LOWER(check_type) IN ('read_only','innodb_read_only','super_read_only')) NOT NULL DEFAULT 'read_only' , comment VARCHAR NOT NULL DEFAULT '' , UNIQUE (reader_hostgroup))” mysql> select * from mysql_replication_hostgroups; +------------------+------------------+------------------+------------+ | writer_hostgroup | reader_hostgroup | check_type | comment | +------------------+------------------+------------------+------------+ | 70 | 71 | innodb_read_only | aws-aurora | +------------------+------------------+------------------+------------+ 1 row in set (0.00 sec)
Use ProxySQL version 2 (How to implement) First rollout your Aurora setup • Identify the Endpoint for EACH instance • aws rds describe-db-instances • Web interface INSERT INTO mysql_servers (hostname,hostgroup_id,port,weight,max_connections) VALUES ('proxysqltestdb.eu-central-1',70,3306,1000,2000); VALUES ('proxysqltestdb.eu-central-1',71,3306,1000,2000); VALUES ('proxysqltestdb2.eu-central-1',71,3306,1000,2000); VALUES ('proxysqltestdb-eu-central-1b.eu-central.1',71,3306,1,2000); INSERT INTO mysql_replication_hostgroups(writer_hostgroup,reader_hostgroup,comment,check_type) VALUES (70,71,'aws-aurora’, 'innodb_read_only’); LOAD MYSQL SERVERS TO RUNTIME; SAVE MYSQL SERVERS TO DISK;
But WHY I should use it? GOOD QUESTION
Why Here some number
Why Better a graph Higher is better
Why Only connection latency When using Java connector Single pointer Values in nanoseconds
Why Latency while running the tests Left Aurora Right ProxySQL
Why it happens ProxySQL can redirect the queries as you like and to the instance you want. How do we read this graph? From left to right: • read_only test with an Aurora cluster endpoint • read_only test with ProxySQL • write_only with an Aurora cluster endpoint • write_only with ProxySQL • read and write with an Aurora cluster endpoint • read and write with ProxySQL
Why it happens The Cluster endpoint is an endpoint for an Aurora DB cluster that connects to the current primary instance for that DB cluster. Each Aurora DB cluster has a cluster endpoint and one primary instance. That endpoint receives the read and write request and sends them to the same instance. The main use for it is to perform failover if needed. Each Aurora DB cluster has a reader endpoint. If there is more than one Aurora Replica, the reader endpoint directs each connection request to one of the Aurora Replicas. The reader endpoint only load balances connections to available Aurora Replicas in an Aurora DB cluster. It does not load balance specific queries. If you want to load balance queries to distribute the read workload for a DB cluster, you need to manage that in your application and use instance endpoints to connect directly to Aurora Replicas to balance the load.
Aaah That’s why • Native AWS Cluster endpoints and Reader endpoints are limited in what they offer • With ProxySQL you can very granularly choose how to use each instance, without the need to have the application modify how it works • Using ProxySQL will allow the use of additional elements like • Query Cache • Query rewrite • Blocking/firewalling
Now What? Secure all around • Secure access to RDS (account, IASM, Roles) • Secure network access (limit to local range/Port, VPN, etc) • Secure MySQL user/password/location/access + grants • Secure ProxySQL (user/password + encrypted )
Time to relax?
No is not! Enemies and dangers are around you • Your own application • Developers • Your DBA/OPS • Yourself
We can do more • Queries with no filtering (Where) • Over complicated queries • Not indexed Queries • Jobs that are not suppose to hit main production • Reports on writer node/instance Currently the only way to manage some of the above is to use SP and limit all users to execute
Fields of action Secure by limiting actions on the db Use Proxy as Firewall
MySQL Query Rules Table Filter by: • username • schemaname • client_addr • proxy_addr • proxy_port • digest • match_digest • match_pattern Secure by limiting actions on the db
Destination_hostgroup Pointing to different HG Replace_pattern Rewriting the Query Or if firewalling blocking the query Secure by limiting actions on the db: Targets
Secure limiting actions on the DB Limit queries by (user/ip/ports) insert into mysql_query_rules (rule_id,client_addr,username,destination_hostgroup,activ e,retries,match_digest,apply) values(24,’192.168.1.50)','app_test', 101,1,3,'^SELECT.*$',1); insert into mysql_query_rules (rule_id,client_addr,username,destination_hostgroup,activ e,retries,match_digest,apply) values(38,'192.168.1.51','app_test',200,1,3,'.',1); client_addr: 192.168.1.50 proxy_addr: NULL proxy_port: NULL client_addr: 192.168.1.51 proxy_addr: NULL proxy_port: NULL
Secure limiting actions on the DB Block queries not filtered, without where (I am a dummy) insert into mysql_query_rules (rule_id,match_digest,error_msg,active,apply) values(1,'^SELECTs((?!swhere).)*$','Bad Idea to performa SELECT without a WHERE ... change the syntax and I will let you PASS',1, 1); mysql> select count(*) from wmillAUTOINC; ERROR 1148 (42000): Bad Idea to perform SELECT without a WHERE ... change the syntax and I will let you PASS mysql> select count(*) from wmillAUTOINC where millid=365; | count(*) | | 393 |
Secure limiting actions on the DB Block and transform query by type Select/update/inserts use windmills; select count(*) a,tb1.b from wmillAUTOINC aa , (select count(*) b from wmillMID)tb1 where millid=364 | a | b | | 418 | 164577 | No where in subquery match_pattern : select count(*) a,tb1.b from wmillAUTOINC aa , (select count(*) b from wmillMID )tb1 where millid=(d*) replace_pattern: select count(*) a,tb1.b from wmillAUTOINC aa , (select count(*) b from wmillMID where millid=1)tb1 where millid=1 | a | b | | 418 | 407 | https://github.com/sysown/proxysql/issues/1556
Use ProxySQL as firewall • block all • block stupid checks (SELECT 1) • let pass something by regexp • let pass only specific queries • Make it efficient
IPtables [root@galera1h1n5 ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:mysql ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:tram ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:bmc-reporting ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:krb524 ACCEPT udp -- 10.0.0.0/24 anywhere udp dpt:tram ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpt:42000 ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpt:42002 ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:6033 ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:6032 ACCEPT icmp -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:mysql REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT) target prot opt source destination
ProxySQL way
Filter stupid ping Select 1; Million of times insert into mysql_query_rules (rule_id,match_digest,ok_msg,active,apply) values(500,'SELECT 1','Ok',1, 1);
ProxySQL way (apply NOW) SELECT wmillAUTOINC.id,wmillAUTOINC.millid,wmillAUTOINC.location FROM wmillAUTOINC WHERE wmillAUTOINC.millid=300 and wmillAUTOINC.active=1’); insert into mysql_query_rules (rule_id,proxy_port,username,destination_hostgroup,schema name,active,retries,apply,flagout,match_digest) values(101,6033,'pxc_test',52,'windmills',1,3,1,null, 'SELECT wmillAUTOINC .id,wmillAUTOINC .millid,wmillAUTOINC .location FROM wmillAUTOINC WHERE wmillAUTOINC.millid=d* and wmillAUTOINC.active=.*');
ProxySQL way (apply Later) Select MAX(millid) as millid ,MAX(active) as active FROM wmillMID; insert into mysql_query_rules (rule_id,proxy_port,schemaname,username,destination_hostg roup,active,retries,match_digest,apply,flagout) values(999,6033,'windmills','pxc_test',50,1,3,' Select MAX(millid) as millid ,MAX(active) as active FROM wmillMID’,0,1000); insert into mysql_query_rules (rule_id,proxy_port,schemaname,username,destination_hostg roup,active,retries,match_digest,apply,flagin) values(1042,6033,'windmills','pxc_test', 52,1,3,'^SELECT.*$',1,1000);
Eehm … How much it cost? With nothing enable 10 µ
Eehm … How much it cost? Opps 30 µ is a bit too much
Can you give me a discount?
ProxySQL way (apply now) select hostgroup,schemaname,count_star,digest,replace(replace(digest_te xt,'.','.'),'?','.*') QR from stats_mysql_query_digest where schemaname='windmills' order by count_star desc; | hostgroup | schemaname | count_star | digest | QR | 52 | windmills | 573331 | 0x52A98085A233E516 | SELECT wmillAUTOINC.id,wmillAUTOINC.millid,wmillAUTOINC.location FROM wmillAUTOINC WHERE wmillAUTOINC.millid=.* and wmillAUTOINC.active=.*
ProxySQL way (apply NOW digest) SELECT wmillAUTOINC.id,wmillAUTOINC.millid,wmillAUTOINC.location FROM wmillAUTOINC WHERE wmillAUTOINC.millid=300 and wmillAUTOINC.active=1’); insert into mysql_query_rules (rule_id,proxy_port,username,destination_hostgroup,schema name,active,retries,apply,flagout,digest) values(101,6033,'pxc_test',52,'windmills',1,3,1,null,
 '0xDB3A841EF5443C35');
ProxySQL way (apply later) select hostgroup,schemaname,count_star,digest,replace(replace(digest_te xt,'.','.'),'?','.*') QR from stats_mysql_query_digest where schemaname='windmills' order by count_star desc; | hostgroup | schemaname | count_star | digest | QR | 52 | windmills | 139 | 0x839B1DCE7A8B247A | | Select MAX(millid) as millid ,MAX(active) as active FROM wmillAUTOINC
ProxySQL way (apply Later digest) Select MAX(millid) as millid ,MAX(active) as active FROM wmillMID; insert into mysql_query_rules (rule_id,proxy_port,schemaname,username,destination_hostg roup,active,retries,digest,apply,flagout) values(999,6033,'windmills','pxc_test',50,1,3, '0x839B1DCE7A8B247A',1,1000); insert into mysql_query_rules (rule_id,proxy_port,schemaname,username,destination_hostg roup,active,retries,match_digest,apply,flagin) values(1042,6033,'windmills','pxc_test', 52,1,3,'^SELECT.*$',1,1000);
Eehm … How much it cost Now? 4µ is even less than before
Eehm … How much it cost? Opps 30 µ is a bit too much
Deal Nothing enable : ~ 10 µ Using match_digest : ~ 30 µ Using digest : ~ 4 µ
Done! (or conclusions if you like) • ProxySQL is now (v2.x and above) supporting ASW/Aurora • ProxySQL is better than native connector • Your security at SQL level sucks (look at the mirror before complain with others) • ProxySQL allow you implement SQL control and a way to correct things (while you fix them for real) • It has a cost (nothing is for nothing) • At the moment we do not have it (digest solution) automated (Can you develop it? Help the community !)
But must done right Performance can be affected (by Tibor Korocz) (https://www.percona.com/blog/2017/04/10/proxysql-rules-do-i-have-too-many/)
Rate My Session 46
We’re Hiring 47 Percona’s open source database experts are true superheroes, improving database performance for customers across the globe. Our staff live in nearly 30 different countries around the world, and most work remotely from home. Discover what it means to have a Percona career with the smartest people in the database performance industries, solving the most challenging problems our customers come across.
Contact Me To Contact Me: Marco.tusa@percona.com tusamarco@gmail.com To Follow Me: http://www.tusacentral.net/ http://www.percona.com/blog/ https://www.facebook.com/marco.tusa.94 @marcotusa http://it.linkedin.com/in/marcotusa/ Consulting = No mission refused!

Recommended

Robust ha solutions with proxysql
Robust ha solutions with proxysqlRobust ha solutions with proxysql
Robust ha solutions with proxysql
Marco Tusa
 
Best practice-high availability-solution-geo-distributed-final
Best practice-high availability-solution-geo-distributed-finalBest practice-high availability-solution-geo-distributed-final
Best practice-high availability-solution-geo-distributed-final
Marco Tusa
 
Mysql8 advance tuning with resource group
Mysql8 advance tuning with resource groupMysql8 advance tuning with resource group
Mysql8 advance tuning with resource group
Marco Tusa
 
Postgres Vienna DB Meetup 2014
Postgres Vienna DB Meetup 2014Postgres Vienna DB Meetup 2014
Postgres Vienna DB Meetup 2014
Michael Renner
 
Fortify aws aurora_proxy
Fortify aws aurora_proxyFortify aws aurora_proxy
Fortify aws aurora_proxy
Marco Tusa
 
Percona xtra db cluster(pxc) non blocking operations, what you need to know t...
Percona xtra db cluster(pxc) non blocking operations, what you need to know t...Percona xtra db cluster(pxc) non blocking operations, what you need to know t...
Percona xtra db cluster(pxc) non blocking operations, what you need to know t...
Marco Tusa
 
Hotsos 2011: Mining the AWR repository for Capacity Planning, Visualization, ...
Hotsos 2011: Mining the AWR repository for Capacity Planning, Visualization, ...Hotsos 2011: Mining the AWR repository for Capacity Planning, Visualization, ...
Hotsos 2011: Mining the AWR repository for Capacity Planning, Visualization, ...Kristofferson A
 
Replication and replica sets
Replication and replica setsReplication and replica sets
Replication and replica setsRandall Hunt
 

Recommended

Robust ha solutions with proxysql
Robust ha solutions with proxysqlRobust ha solutions with proxysql
Robust ha solutions with proxysql
Marco Tusa
 
Best practice-high availability-solution-geo-distributed-final
Best practice-high availability-solution-geo-distributed-finalBest practice-high availability-solution-geo-distributed-final
Best practice-high availability-solution-geo-distributed-final
Marco Tusa
 
Mysql8 advance tuning with resource group
Mysql8 advance tuning with resource groupMysql8 advance tuning with resource group
Mysql8 advance tuning with resource group
Marco Tusa
 
Postgres Vienna DB Meetup 2014
Postgres Vienna DB Meetup 2014Postgres Vienna DB Meetup 2014
Postgres Vienna DB Meetup 2014
Michael Renner
 
Fortify aws aurora_proxy
Fortify aws aurora_proxyFortify aws aurora_proxy
Fortify aws aurora_proxy
Marco Tusa
 
Percona xtra db cluster(pxc) non blocking operations, what you need to know t...
Percona xtra db cluster(pxc) non blocking operations, what you need to know t...Percona xtra db cluster(pxc) non blocking operations, what you need to know t...
Percona xtra db cluster(pxc) non blocking operations, what you need to know t...
Marco Tusa
 
Hotsos 2011: Mining the AWR repository for Capacity Planning, Visualization, ...
Hotsos 2011: Mining the AWR repository for Capacity Planning, Visualization, ...Hotsos 2011: Mining the AWR repository for Capacity Planning, Visualization, ...
Hotsos 2011: Mining the AWR repository for Capacity Planning, Visualization, ...Kristofferson A
 
Replication and replica sets
Replication and replica setsReplication and replica sets
Replication and replica setsRandall Hunt
 
Chef patterns
Chef patternsChef patterns
Chef patterns
Biju Nair
 
What is new in PostgreSQL 14?
What is new in PostgreSQL 14?What is new in PostgreSQL 14?
What is new in PostgreSQL 14?
Mydbops
 
Percona Toolkit for Effective MySQL Administration
Percona Toolkit for Effective MySQL AdministrationPercona Toolkit for Effective MySQL Administration
Percona Toolkit for Effective MySQL Administration
Mydbops
 
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
DataStax
 
Introduction to Galera Cluster
Introduction to Galera ClusterIntroduction to Galera Cluster
Introduction to Galera Cluster
Codership Oy - Creators of Galera Cluster
 
合并到 XtraDB 存储引擎集群
合并到 XtraDB 存储引擎集群合并到 XtraDB 存储引擎集群
合并到 XtraDB 存储引擎集群
YUCHENG HU
 
Oss4b - pxc introduction
Oss4b - pxc introductionOss4b - pxc introduction
Oss4b - pxc introduction
Frederic Descamps
 
Cassandra multi-datacenter operations essentials
Cassandra multi-datacenter operations essentialsCassandra multi-datacenter operations essentials
Cassandra multi-datacenter operations essentials
Julien Anguenot
 
In Memory Database In Action by Tanel Poder and Kerry Osborne
In Memory Database In Action by Tanel Poder and Kerry OsborneIn Memory Database In Action by Tanel Poder and Kerry Osborne
In Memory Database In Action by Tanel Poder and Kerry Osborne
Enkitec
 
Apache Cassandra multi-datacenter essentials
Apache Cassandra multi-datacenter essentialsApache Cassandra multi-datacenter essentials
Apache Cassandra multi-datacenter essentials
Julien Anguenot
 
Hbase Nosql
Hbase NosqlHbase Nosql
Hbase Nosqlelliando dias
 
Whitepaper: Where did my CPU go?
Whitepaper: Where did my CPU go?Whitepaper: Where did my CPU go?
Whitepaper: Where did my CPU go?Kristofferson A
 
Real-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBay
Real-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBayReal-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBay
Real-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBay
Altinity Ltd
 
HBaseCon2017 Improving HBase availability in a multi tenant environment
HBaseCon2017 Improving HBase availability in a multi tenant environmentHBaseCon2017 Improving HBase availability in a multi tenant environment
HBaseCon2017 Improving HBase availability in a multi tenant environment
HBaseCon
 
HBaseCon2017 Removable singularity: a story of HBase upgrade in Pinterest
HBaseCon2017 Removable singularity: a story of HBase upgrade in PinterestHBaseCon2017 Removable singularity: a story of HBase upgrade in Pinterest
HBaseCon2017 Removable singularity: a story of HBase upgrade in Pinterest
HBaseCon
 
PostgreSQL WAL for DBAs
PostgreSQL WAL for DBAs PostgreSQL WAL for DBAs
PostgreSQL WAL for DBAs
PGConf APAC
 
Cassandra Summit 2014: Performance Tuning Cassandra in AWS
Cassandra Summit 2014: Performance Tuning Cassandra in AWSCassandra Summit 2014: Performance Tuning Cassandra in AWS
Cassandra Summit 2014: Performance Tuning Cassandra in AWS
DataStax Academy
 
Cassandra 2.1 boot camp, Read/Write path
Cassandra 2.1 boot camp, Read/Write pathCassandra 2.1 boot camp, Read/Write path
Cassandra 2.1 boot camp, Read/Write path
Joshua McKenzie
 
Top 5 mistakes when writing Spark applications
Top 5 mistakes when writing Spark applicationsTop 5 mistakes when writing Spark applications
Top 5 mistakes when writing Spark applications
hadooparchbook
 
Parallel Query in AWS Aurora MySQL
Parallel Query in AWS Aurora MySQLParallel Query in AWS Aurora MySQL
Parallel Query in AWS Aurora MySQL
Mydbops
 
Improve aws withproxysql
Improve aws withproxysqlImprove aws withproxysql
Improve aws withproxysql
Marco Tusa
 
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdfProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
Jesmar Cannao'
 

More Related Content

What's hot

Chef patterns
Chef patternsChef patterns
Chef patterns
Biju Nair
 
What is new in PostgreSQL 14?
What is new in PostgreSQL 14?What is new in PostgreSQL 14?
What is new in PostgreSQL 14?
Mydbops
 
Percona Toolkit for Effective MySQL Administration
Percona Toolkit for Effective MySQL AdministrationPercona Toolkit for Effective MySQL Administration
Percona Toolkit for Effective MySQL Administration
Mydbops
 
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
DataStax
 
Introduction to Galera Cluster
Introduction to Galera ClusterIntroduction to Galera Cluster
Introduction to Galera Cluster
Codership Oy - Creators of Galera Cluster
 
合并到 XtraDB 存储引擎集群
合并到 XtraDB 存储引擎集群合并到 XtraDB 存储引擎集群
合并到 XtraDB 存储引擎集群
YUCHENG HU
 
Oss4b - pxc introduction
Oss4b - pxc introductionOss4b - pxc introduction
Oss4b - pxc introduction
Frederic Descamps
 
Cassandra multi-datacenter operations essentials
Cassandra multi-datacenter operations essentialsCassandra multi-datacenter operations essentials
Cassandra multi-datacenter operations essentials
Julien Anguenot
 
In Memory Database In Action by Tanel Poder and Kerry Osborne
In Memory Database In Action by Tanel Poder and Kerry OsborneIn Memory Database In Action by Tanel Poder and Kerry Osborne
In Memory Database In Action by Tanel Poder and Kerry Osborne
Enkitec
 
Apache Cassandra multi-datacenter essentials
Apache Cassandra multi-datacenter essentialsApache Cassandra multi-datacenter essentials
Apache Cassandra multi-datacenter essentials
Julien Anguenot
 
Whitepaper: Where did my CPU go?
Whitepaper: Where did my CPU go?Whitepaper: Where did my CPU go?
Whitepaper: Where did my CPU go?Kristofferson A
 
Real-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBay
Real-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBayReal-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBay
Real-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBay
Altinity Ltd
 
HBaseCon2017 Improving HBase availability in a multi tenant environment
HBaseCon2017 Improving HBase availability in a multi tenant environmentHBaseCon2017 Improving HBase availability in a multi tenant environment
HBaseCon2017 Improving HBase availability in a multi tenant environment
HBaseCon
 
HBaseCon2017 Removable singularity: a story of HBase upgrade in Pinterest
HBaseCon2017 Removable singularity: a story of HBase upgrade in PinterestHBaseCon2017 Removable singularity: a story of HBase upgrade in Pinterest
HBaseCon2017 Removable singularity: a story of HBase upgrade in Pinterest
HBaseCon
 
PostgreSQL WAL for DBAs
PostgreSQL WAL for DBAs PostgreSQL WAL for DBAs
PostgreSQL WAL for DBAs
PGConf APAC
 
Cassandra Summit 2014: Performance Tuning Cassandra in AWS
Cassandra Summit 2014: Performance Tuning Cassandra in AWSCassandra Summit 2014: Performance Tuning Cassandra in AWS
Cassandra Summit 2014: Performance Tuning Cassandra in AWS
DataStax Academy
 
Cassandra 2.1 boot camp, Read/Write path
Cassandra 2.1 boot camp, Read/Write pathCassandra 2.1 boot camp, Read/Write path
Cassandra 2.1 boot camp, Read/Write path
Joshua McKenzie
 
Top 5 mistakes when writing Spark applications
Top 5 mistakes when writing Spark applicationsTop 5 mistakes when writing Spark applications
Top 5 mistakes when writing Spark applications
hadooparchbook
 
Parallel Query in AWS Aurora MySQL
Parallel Query in AWS Aurora MySQLParallel Query in AWS Aurora MySQL
Parallel Query in AWS Aurora MySQL
Mydbops
 

What's hot (20)

Chef patterns
Chef patternsChef patterns
Chef patterns
 
What is new in PostgreSQL 14?
What is new in PostgreSQL 14?What is new in PostgreSQL 14?
What is new in PostgreSQL 14?
 
Percona Toolkit for Effective MySQL Administration
Percona Toolkit for Effective MySQL AdministrationPercona Toolkit for Effective MySQL Administration
Percona Toolkit for Effective MySQL Administration
 
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
 
Introduction to Galera Cluster
Introduction to Galera ClusterIntroduction to Galera Cluster
Introduction to Galera Cluster
 
合并到 XtraDB 存储引擎集群
合并到 XtraDB 存储引擎集群合并到 XtraDB 存储引擎集群
合并到 XtraDB 存储引擎集群
 
Oss4b - pxc introduction
Oss4b - pxc introductionOss4b - pxc introduction
Oss4b - pxc introduction
 
Cassandra multi-datacenter operations essentials
Cassandra multi-datacenter operations essentialsCassandra multi-datacenter operations essentials
Cassandra multi-datacenter operations essentials
 
In Memory Database In Action by Tanel Poder and Kerry Osborne
In Memory Database In Action by Tanel Poder and Kerry OsborneIn Memory Database In Action by Tanel Poder and Kerry Osborne
In Memory Database In Action by Tanel Poder and Kerry Osborne
 
Apache Cassandra multi-datacenter essentials
Apache Cassandra multi-datacenter essentialsApache Cassandra multi-datacenter essentials
Apache Cassandra multi-datacenter essentials
 
Hbase Nosql
Hbase NosqlHbase Nosql
Hbase Nosql
 
Whitepaper: Where did my CPU go?
Whitepaper: Where did my CPU go?Whitepaper: Where did my CPU go?
Whitepaper: Where did my CPU go?
 
Real-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBay
Real-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBayReal-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBay
Real-time, Exactly-once Data Ingestion from Kafka to ClickHouse at eBay
 
HBaseCon2017 Improving HBase availability in a multi tenant environment
HBaseCon2017 Improving HBase availability in a multi tenant environmentHBaseCon2017 Improving HBase availability in a multi tenant environment
HBaseCon2017 Improving HBase availability in a multi tenant environment
 
HBaseCon2017 Removable singularity: a story of HBase upgrade in Pinterest
HBaseCon2017 Removable singularity: a story of HBase upgrade in PinterestHBaseCon2017 Removable singularity: a story of HBase upgrade in Pinterest
HBaseCon2017 Removable singularity: a story of HBase upgrade in Pinterest
 
PostgreSQL WAL for DBAs
PostgreSQL WAL for DBAs PostgreSQL WAL for DBAs
PostgreSQL WAL for DBAs
 
Cassandra Summit 2014: Performance Tuning Cassandra in AWS
Cassandra Summit 2014: Performance Tuning Cassandra in AWSCassandra Summit 2014: Performance Tuning Cassandra in AWS
Cassandra Summit 2014: Performance Tuning Cassandra in AWS
 
Cassandra 2.1 boot camp, Read/Write path
Cassandra 2.1 boot camp, Read/Write pathCassandra 2.1 boot camp, Read/Write path
Cassandra 2.1 boot camp, Read/Write path
 
Top 5 mistakes when writing Spark applications
Top 5 mistakes when writing Spark applicationsTop 5 mistakes when writing Spark applications
Top 5 mistakes when writing Spark applications
 
Parallel Query in AWS Aurora MySQL
Parallel Query in AWS Aurora MySQLParallel Query in AWS Aurora MySQL
Parallel Query in AWS Aurora MySQL
 

Similar to Fortify aws aurora_proxy_2019_pleu

Improve aws withproxysql
Improve aws withproxysqlImprove aws withproxysql
Improve aws withproxysql
Marco Tusa
 
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdfProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
Jesmar Cannao'
 
ProxySQL for MySQL
ProxySQL for MySQLProxySQL for MySQL
ProxySQL for MySQL
Mydbops
 
HandsOn ProxySQL Tutorial - PLSC18
HandsOn ProxySQL Tutorial - PLSC18HandsOn ProxySQL Tutorial - PLSC18
HandsOn ProxySQL Tutorial - PLSC18
Derek Downey
 
Deep Dive into MySQL InnoDB Cluster Read Scale-out Capabilities.pdf
Deep Dive into MySQL InnoDB Cluster Read Scale-out Capabilities.pdfDeep Dive into MySQL InnoDB Cluster Read Scale-out Capabilities.pdf
Deep Dive into MySQL InnoDB Cluster Read Scale-out Capabilities.pdf
Miguel Araújo
 
What's New in Apache Hive
What's New in Apache HiveWhat's New in Apache Hive
What's New in Apache Hive
DataWorks Summit
 
AWS Database Services-Philadelphia AWS User Group-4-17-2018
AWS Database Services-Philadelphia AWS User Group-4-17-2018AWS Database Services-Philadelphia AWS User Group-4-17-2018
AWS Database Services-Philadelphia AWS User Group-4-17-2018
Bert Zahniser
 
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #4: MS Azure Database MySQL
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #4: MS Azure Database MySQLWebinar Slides: MySQL HA/DR/Geo-Scale - High Noon #4: MS Azure Database MySQL
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #4: MS Azure Database MySQL
Continuent
 
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu GantaAzure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Databricks
 
제3회난공불락 오픈소스 인프라세미나 - MySQL Performance
제3회난공불락 오픈소스 인프라세미나 - MySQL Performance제3회난공불락 오픈소스 인프라세미나 - MySQL Performance
제3회난공불락 오픈소스 인프라세미나 - MySQL Performance
Tommy Lee
 
How to Manage Scale-Out Environments with MariaDB MaxScale
How to Manage Scale-Out Environments with MariaDB MaxScaleHow to Manage Scale-Out Environments with MariaDB MaxScale
How to Manage Scale-Out Environments with MariaDB MaxScale
MariaDB plc
 
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #1: AWS Aurora
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #1: AWS AuroraWebinar Slides: MySQL HA/DR/Geo-Scale - High Noon #1: AWS Aurora
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #1: AWS Aurora
Continuent
 
My sql technical reference manual
My sql technical reference manualMy sql technical reference manual
My sql technical reference manualMir Majid
 
Lessons Learned From PayPal: Implementing Back-Pressure With Akka Streams And...
Lessons Learned From PayPal: Implementing Back-Pressure With Akka Streams And...Lessons Learned From PayPal: Implementing Back-Pressure With Akka Streams And...
Lessons Learned From PayPal: Implementing Back-Pressure With Akka Streams And...
Lightbend
 
Clustrix Database Percona Ruby on Rails benchmark
Clustrix Database Percona Ruby on Rails benchmarkClustrix Database Percona Ruby on Rails benchmark
Clustrix Database Percona Ruby on Rails benchmark
Clustrix
 
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
Timofey Turenko
 
BigData Developers MeetUp
BigData Developers MeetUpBigData Developers MeetUp
BigData Developers MeetUp
Christian Johannsen
 
Azure SQL - more or/and less than SQL Server
Azure SQL - more or/and less than SQL ServerAzure SQL - more or/and less than SQL Server
Azure SQL - more or/and less than SQL Server
Rafał Hryniewski
 
Exploiting NoSQL Like Never Before
Exploiting NoSQL Like Never BeforeExploiting NoSQL Like Never Before
Exploiting NoSQL Like Never Before
Francis Alexander
 

Similar to Fortify aws aurora_proxy_2019_pleu (20)

Improve aws withproxysql
Improve aws withproxysqlImprove aws withproxysql
Improve aws withproxysql
 
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdfProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
ProxySQL and the Tricks Up Its Sleeve - Percona Live 2022.pdf
 
ProxySQL for MySQL
ProxySQL for MySQLProxySQL for MySQL
ProxySQL for MySQL
 
HandsOn ProxySQL Tutorial - PLSC18
HandsOn ProxySQL Tutorial - PLSC18HandsOn ProxySQL Tutorial - PLSC18
HandsOn ProxySQL Tutorial - PLSC18
 
Deep Dive into MySQL InnoDB Cluster Read Scale-out Capabilities.pdf
Deep Dive into MySQL InnoDB Cluster Read Scale-out Capabilities.pdfDeep Dive into MySQL InnoDB Cluster Read Scale-out Capabilities.pdf
Deep Dive into MySQL InnoDB Cluster Read Scale-out Capabilities.pdf
 
What's New in Apache Hive
What's New in Apache HiveWhat's New in Apache Hive
What's New in Apache Hive
 
AWS Database Services-Philadelphia AWS User Group-4-17-2018
AWS Database Services-Philadelphia AWS User Group-4-17-2018AWS Database Services-Philadelphia AWS User Group-4-17-2018
AWS Database Services-Philadelphia AWS User Group-4-17-2018
 
Fudcon talk.ppt
Fudcon talk.pptFudcon talk.ppt
Fudcon talk.ppt
 
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #4: MS Azure Database MySQL
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #4: MS Azure Database MySQLWebinar Slides: MySQL HA/DR/Geo-Scale - High Noon #4: MS Azure Database MySQL
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #4: MS Azure Database MySQL
 
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu GantaAzure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
Azure Databricks – Customer Experiences and Lessons Denzil Ribeiro Madhu Ganta
 
제3회난공불락 오픈소스 인프라세미나 - MySQL Performance
제3회난공불락 오픈소스 인프라세미나 - MySQL Performance제3회난공불락 오픈소스 인프라세미나 - MySQL Performance
제3회난공불락 오픈소스 인프라세미나 - MySQL Performance
 
How to Manage Scale-Out Environments with MariaDB MaxScale
How to Manage Scale-Out Environments with MariaDB MaxScaleHow to Manage Scale-Out Environments with MariaDB MaxScale
How to Manage Scale-Out Environments with MariaDB MaxScale
 
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #1: AWS Aurora
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #1: AWS AuroraWebinar Slides: MySQL HA/DR/Geo-Scale - High Noon #1: AWS Aurora
Webinar Slides: MySQL HA/DR/Geo-Scale - High Noon #1: AWS Aurora
 
My sql technical reference manual
My sql technical reference manualMy sql technical reference manual
My sql technical reference manual
 
Lessons Learned From PayPal: Implementing Back-Pressure With Akka Streams And...
Lessons Learned From PayPal: Implementing Back-Pressure With Akka Streams And...Lessons Learned From PayPal: Implementing Back-Pressure With Akka Streams And...
Lessons Learned From PayPal: Implementing Back-Pressure With Akka Streams And...
 
Clustrix Database Percona Ruby on Rails benchmark
Clustrix Database Percona Ruby on Rails benchmarkClustrix Database Percona Ruby on Rails benchmark
Clustrix Database Percona Ruby on Rails benchmark
 
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
DB proxy server test: run tests on tens of virtual machines with Jenkins, Vag...
 
BigData Developers MeetUp
BigData Developers MeetUpBigData Developers MeetUp
BigData Developers MeetUp
 
Azure SQL - more or/and less than SQL Server
Azure SQL - more or/and less than SQL ServerAzure SQL - more or/and less than SQL Server
Azure SQL - more or/and less than SQL Server
 
Exploiting NoSQL Like Never Before
Exploiting NoSQL Like Never BeforeExploiting NoSQL Like Never Before
Exploiting NoSQL Like Never Before
 

More from Marco Tusa

My sql on kubernetes demystified
My sql on kubernetes demystifiedMy sql on kubernetes demystified
My sql on kubernetes demystified
Marco Tusa
 
Comparing high availability solutions with percona xtradb cluster and percona...
Comparing high availability solutions with percona xtradb cluster and percona...Comparing high availability solutions with percona xtradb cluster and percona...
Comparing high availability solutions with percona xtradb cluster and percona...
Marco Tusa
 
Accessing data through hibernate: what DBAs should tell to developers and vic...
Accessing data through hibernate: what DBAs should tell to developers and vic...Accessing data through hibernate: what DBAs should tell to developers and vic...
Accessing data through hibernate: what DBAs should tell to developers and vic...
Marco Tusa
 
MySQL innoDB split and merge pages
MySQL innoDB split and merge pagesMySQL innoDB split and merge pages
MySQL innoDB split and merge pages
Marco Tusa
 
Accessing Data Through Hibernate; What DBAs Should Tell Developers and Vice V...
Accessing Data Through Hibernate; What DBAs Should Tell Developers and Vice V...Accessing Data Through Hibernate; What DBAs Should Tell Developers and Vice V...
Accessing Data Through Hibernate; What DBAs Should Tell Developers and Vice V...
Marco Tusa
 
Are we there Yet?? (The long journey of Migrating from close source to opens...
Are we there Yet?? (The long journey of Migrating from close source to opens...Are we there Yet?? (The long journey of Migrating from close source to opens...
Are we there Yet?? (The long journey of Migrating from close source to opens...
Marco Tusa
 
Proxysql sharding
Proxysql shardingProxysql sharding
Proxysql sharding
Marco Tusa
 
Geographically dispersed perconaxtra db cluster deployment
Geographically dispersed perconaxtra db cluster deploymentGeographically dispersed perconaxtra db cluster deployment
Geographically dispersed perconaxtra db cluster deployment
Marco Tusa
 
Sync rep aurora_2016
Sync rep aurora_2016Sync rep aurora_2016
Sync rep aurora_2016
Marco Tusa
 
Proxysql ha plam_2016_2_keynote
Proxysql ha plam_2016_2_keynoteProxysql ha plam_2016_2_keynote
Proxysql ha plam_2016_2_keynote
Marco Tusa
 
Empower my sql server administration with 5.7 instruments
Empower my sql server administration with 5.7 instrumentsEmpower my sql server administration with 5.7 instruments
Empower my sql server administration with 5.7 instrumentsMarco Tusa
 
Galera explained 3
Galera explained 3Galera explained 3
Galera explained 3
Marco Tusa
 
Plmce 14 be a_hero_16x9_final
Plmce 14 be a_hero_16x9_finalPlmce 14 be a_hero_16x9_final
Plmce 14 be a_hero_16x9_final
Marco Tusa
 
Scaling with sync_replication using Galera and EC2
Scaling with sync_replication using Galera and EC2Scaling with sync_replication using Galera and EC2
Scaling with sync_replication using Galera and EC2
Marco Tusa
 
Discard inport exchange table & tablespace
Discard inport exchange table & tablespaceDiscard inport exchange table & tablespace
Discard inport exchange table & tablespaceMarco Tusa
 
MySQL cluster 72 in the Cloud
MySQL cluster 72 in the CloudMySQL cluster 72 in the Cloud
MySQL cluster 72 in the CloudMarco Tusa
 
MySQL developing Store Procedure
MySQL developing Store ProcedureMySQL developing Store Procedure
MySQL developing Store ProcedureMarco Tusa
 
MySQL overview
MySQL overviewMySQL overview
MySQL overviewMarco Tusa
 
Oracle to MySQL 2012
Oracle to MySQL 2012 Oracle to MySQL 2012
Oracle to MySQL 2012 Marco Tusa
 

More from Marco Tusa (19)

My sql on kubernetes demystified
My sql on kubernetes demystifiedMy sql on kubernetes demystified
My sql on kubernetes demystified
 
Comparing high availability solutions with percona xtradb cluster and percona...
Comparing high availability solutions with percona xtradb cluster and percona...Comparing high availability solutions with percona xtradb cluster and percona...
Comparing high availability solutions with percona xtradb cluster and percona...
 
Accessing data through hibernate: what DBAs should tell to developers and vic...
Accessing data through hibernate: what DBAs should tell to developers and vic...Accessing data through hibernate: what DBAs should tell to developers and vic...
Accessing data through hibernate: what DBAs should tell to developers and vic...
 
MySQL innoDB split and merge pages
MySQL innoDB split and merge pagesMySQL innoDB split and merge pages
MySQL innoDB split and merge pages
 
Accessing Data Through Hibernate; What DBAs Should Tell Developers and Vice V...
Accessing Data Through Hibernate; What DBAs Should Tell Developers and Vice V...Accessing Data Through Hibernate; What DBAs Should Tell Developers and Vice V...
Accessing Data Through Hibernate; What DBAs Should Tell Developers and Vice V...
 
Are we there Yet?? (The long journey of Migrating from close source to opens...
Are we there Yet?? (The long journey of Migrating from close source to opens...Are we there Yet?? (The long journey of Migrating from close source to opens...
Are we there Yet?? (The long journey of Migrating from close source to opens...
 
Proxysql sharding
Proxysql shardingProxysql sharding
Proxysql sharding
 
Geographically dispersed perconaxtra db cluster deployment
Geographically dispersed perconaxtra db cluster deploymentGeographically dispersed perconaxtra db cluster deployment
Geographically dispersed perconaxtra db cluster deployment
 
Sync rep aurora_2016
Sync rep aurora_2016Sync rep aurora_2016
Sync rep aurora_2016
 
Proxysql ha plam_2016_2_keynote
Proxysql ha plam_2016_2_keynoteProxysql ha plam_2016_2_keynote
Proxysql ha plam_2016_2_keynote
 
Empower my sql server administration with 5.7 instruments
Empower my sql server administration with 5.7 instrumentsEmpower my sql server administration with 5.7 instruments
Empower my sql server administration with 5.7 instruments
 
Galera explained 3
Galera explained 3Galera explained 3
Galera explained 3
 
Plmce 14 be a_hero_16x9_final
Plmce 14 be a_hero_16x9_finalPlmce 14 be a_hero_16x9_final
Plmce 14 be a_hero_16x9_final
 
Scaling with sync_replication using Galera and EC2
Scaling with sync_replication using Galera and EC2Scaling with sync_replication using Galera and EC2
Scaling with sync_replication using Galera and EC2
 
Discard inport exchange table & tablespace
Discard inport exchange table & tablespaceDiscard inport exchange table & tablespace
Discard inport exchange table & tablespace
 
MySQL cluster 72 in the Cloud
MySQL cluster 72 in the CloudMySQL cluster 72 in the Cloud
MySQL cluster 72 in the Cloud
 
MySQL developing Store Procedure
MySQL developing Store ProcedureMySQL developing Store Procedure
MySQL developing Store Procedure
 
MySQL overview
MySQL overviewMySQL overview
MySQL overview
 
Oracle to MySQL 2012
Oracle to MySQL 2012 Oracle to MySQL 2012
Oracle to MySQL 2012
 

Recently uploaded

一比一原版(Bristol毕业证书)布里斯托大学毕业证成绩单如何办理
一比一原版(Bristol毕业证书)布里斯托大学毕业证成绩单如何办理一比一原版(Bristol毕业证书)布里斯托大学毕业证成绩单如何办理
一比一原版(Bristol毕业证书)布里斯托大学毕业证成绩单如何办理
smpc3nvg
 
Design Thinking Design thinking Design thinking
Design Thinking Design thinking Design thinkingDesign Thinking Design thinking Design thinking
Design Thinking Design thinking Design thinking
cy0krjxt
 
一比一原版(UNUK毕业证书)诺丁汉大学毕业证如何办理
一比一原版(UNUK毕业证书)诺丁汉大学毕业证如何办理一比一原版(UNUK毕业证书)诺丁汉大学毕业证如何办理
一比一原版(UNUK毕业证书)诺丁汉大学毕业证如何办理
7sd8fier
 
一比一原版(Brunel毕业证书)布鲁内尔大学毕业证成绩单如何办理
一比一原版(Brunel毕业证书)布鲁内尔大学毕业证成绩单如何办理一比一原版(Brunel毕业证书)布鲁内尔大学毕业证成绩单如何办理
一比一原版(Brunel毕业证书)布鲁内尔大学毕业证成绩单如何办理
smpc3nvg
 
Top 5 Indian Style Modular Kitchen Designs
Top 5 Indian Style Modular Kitchen DesignsTop 5 Indian Style Modular Kitchen Designs
Top 5 Indian Style Modular Kitchen Designs
Finzo Kitchens
 
一比一原版(毕业证)长崎大学毕业证成绩单如何办理
一比一原版(毕业证)长崎大学毕业证成绩单如何办理一比一原版(毕业证)长崎大学毕业证成绩单如何办理
一比一原版(毕业证)长崎大学毕业证成绩单如何办理
taqyed
 
CA OFFICE office office office _VIEWS.pdf
CA OFFICE office office office _VIEWS.pdfCA OFFICE office office office _VIEWS.pdf
CA OFFICE office office office _VIEWS.pdf
SudhanshuMandlik
 
一比一原版(Glasgow毕业证书)格拉斯哥大学毕业证成绩单如何办理
一比一原版(Glasgow毕业证书)格拉斯哥大学毕业证成绩单如何办理一比一原版(Glasgow毕业证书)格拉斯哥大学毕业证成绩单如何办理
一比一原版(Glasgow毕业证书)格拉斯哥大学毕业证成绩单如何办理
n0tivyq
 
Book Formatting: Quality Control Checks for Designers
Book Formatting: Quality Control Checks for DesignersBook Formatting: Quality Control Checks for Designers
Book Formatting: Quality Control Checks for Designers
Confidence Ago
 
Design Thinking Design thinking Design thinking
Design Thinking Design thinking Design thinkingDesign Thinking Design thinking Design thinking
Design Thinking Design thinking Design thinking
cy0krjxt
 
一比一原版(CITY毕业证书)谢菲尔德哈勒姆大学毕业证如何办理
一比一原版(CITY毕业证书)谢菲尔德哈勒姆大学毕业证如何办理一比一原版(CITY毕业证书)谢菲尔德哈勒姆大学毕业证如何办理
一比一原版(CITY毕业证书)谢菲尔德哈勒姆大学毕业证如何办理
9a93xvy
 
一比一原版(MMU毕业证书)曼彻斯特城市大学毕业证成绩单如何办理
一比一原版(MMU毕业证书)曼彻斯特城市大学毕业证成绩单如何办理一比一原版(MMU毕业证书)曼彻斯特城市大学毕业证成绩单如何办理
一比一原版(MMU毕业证书)曼彻斯特城市大学毕业证成绩单如何办理
7sd8fier
 
一比一原版(Bolton毕业证书)博尔顿大学毕业证成绩单如何办理
一比一原版(Bolton毕业证书)博尔顿大学毕业证成绩单如何办理一比一原版(Bolton毕业证书)博尔顿大学毕业证成绩单如何办理
一比一原版(Bolton毕业证书)博尔顿大学毕业证成绩单如何办理
h7j5io0
 
Expert Accessory Dwelling Unit (ADU) Drafting Services
Expert Accessory Dwelling Unit (ADU) Drafting ServicesExpert Accessory Dwelling Unit (ADU) Drafting Services
Expert Accessory Dwelling Unit (ADU) Drafting Services
ResDraft
 
Common Designing Mistakes and How to avoid them
Common Designing Mistakes and How to avoid themCommon Designing Mistakes and How to avoid them
Common Designing Mistakes and How to avoid them
madhavlakhanpal29
 
20 slides of research movie and artists .pdf
20 slides of research movie and artists .pdf20 slides of research movie and artists .pdf
20 slides of research movie and artists .pdf
ameli25062005
 
Exploring the Future of Smart Garages.pdf
Exploring the Future of Smart Garages.pdfExploring the Future of Smart Garages.pdf
Exploring the Future of Smart Garages.pdf
fastfixgaragedoor
 
RTUYUIJKLDSADAGHBDJNKSMAL,D
RTUYUIJKLDSADAGHBDJNKSMAL,DRTUYUIJKLDSADAGHBDJNKSMAL,D
RTUYUIJKLDSADAGHBDJNKSMAL,D
cy0krjxt
 
一比一原版(RHUL毕业证书)伦敦大学皇家霍洛威学院毕业证如何办理
一比一原版(RHUL毕业证书)伦敦大学皇家霍洛威学院毕业证如何办理一比一原版(RHUL毕业证书)伦敦大学皇家霍洛威学院毕业证如何办理
一比一原版(RHUL毕业证书)伦敦大学皇家霍洛威学院毕业证如何办理
9a93xvy
 
一比一原版(NCL毕业证书)纽卡斯尔大学毕业证成绩单如何办理
一比一原版(NCL毕业证书)纽卡斯尔大学毕业证成绩单如何办理一比一原版(NCL毕业证书)纽卡斯尔大学毕业证成绩单如何办理
一比一原版(NCL毕业证书)纽卡斯尔大学毕业证成绩单如何办理
7sd8fier
 

Recently uploaded (20)

一比一原版(Bristol毕业证书)布里斯托大学毕业证成绩单如何办理
一比一原版(Bristol毕业证书)布里斯托大学毕业证成绩单如何办理一比一原版(Bristol毕业证书)布里斯托大学毕业证成绩单如何办理
一比一原版(Bristol毕业证书)布里斯托大学毕业证成绩单如何办理
 
Design Thinking Design thinking Design thinking
Design Thinking Design thinking Design thinkingDesign Thinking Design thinking Design thinking
Design Thinking Design thinking Design thinking
 
一比一原版(UNUK毕业证书)诺丁汉大学毕业证如何办理
一比一原版(UNUK毕业证书)诺丁汉大学毕业证如何办理一比一原版(UNUK毕业证书)诺丁汉大学毕业证如何办理
一比一原版(UNUK毕业证书)诺丁汉大学毕业证如何办理
 
一比一原版(Brunel毕业证书)布鲁内尔大学毕业证成绩单如何办理
一比一原版(Brunel毕业证书)布鲁内尔大学毕业证成绩单如何办理一比一原版(Brunel毕业证书)布鲁内尔大学毕业证成绩单如何办理
一比一原版(Brunel毕业证书)布鲁内尔大学毕业证成绩单如何办理
 
Top 5 Indian Style Modular Kitchen Designs
Top 5 Indian Style Modular Kitchen DesignsTop 5 Indian Style Modular Kitchen Designs
Top 5 Indian Style Modular Kitchen Designs
 
一比一原版(毕业证)长崎大学毕业证成绩单如何办理
一比一原版(毕业证)长崎大学毕业证成绩单如何办理一比一原版(毕业证)长崎大学毕业证成绩单如何办理
一比一原版(毕业证)长崎大学毕业证成绩单如何办理
 
CA OFFICE office office office _VIEWS.pdf
CA OFFICE office office office _VIEWS.pdfCA OFFICE office office office _VIEWS.pdf
CA OFFICE office office office _VIEWS.pdf
 
一比一原版(Glasgow毕业证书)格拉斯哥大学毕业证成绩单如何办理
一比一原版(Glasgow毕业证书)格拉斯哥大学毕业证成绩单如何办理一比一原版(Glasgow毕业证书)格拉斯哥大学毕业证成绩单如何办理
一比一原版(Glasgow毕业证书)格拉斯哥大学毕业证成绩单如何办理
 
Book Formatting: Quality Control Checks for Designers
Book Formatting: Quality Control Checks for DesignersBook Formatting: Quality Control Checks for Designers
Book Formatting: Quality Control Checks for Designers
 
Design Thinking Design thinking Design thinking
Design Thinking Design thinking Design thinkingDesign Thinking Design thinking Design thinking
Design Thinking Design thinking Design thinking
 
一比一原版(CITY毕业证书)谢菲尔德哈勒姆大学毕业证如何办理
一比一原版(CITY毕业证书)谢菲尔德哈勒姆大学毕业证如何办理一比一原版(CITY毕业证书)谢菲尔德哈勒姆大学毕业证如何办理
一比一原版(CITY毕业证书)谢菲尔德哈勒姆大学毕业证如何办理
 
一比一原版(MMU毕业证书)曼彻斯特城市大学毕业证成绩单如何办理
一比一原版(MMU毕业证书)曼彻斯特城市大学毕业证成绩单如何办理一比一原版(MMU毕业证书)曼彻斯特城市大学毕业证成绩单如何办理
一比一原版(MMU毕业证书)曼彻斯特城市大学毕业证成绩单如何办理
 
一比一原版(Bolton毕业证书)博尔顿大学毕业证成绩单如何办理
一比一原版(Bolton毕业证书)博尔顿大学毕业证成绩单如何办理一比一原版(Bolton毕业证书)博尔顿大学毕业证成绩单如何办理
一比一原版(Bolton毕业证书)博尔顿大学毕业证成绩单如何办理
 
Expert Accessory Dwelling Unit (ADU) Drafting Services
Expert Accessory Dwelling Unit (ADU) Drafting ServicesExpert Accessory Dwelling Unit (ADU) Drafting Services
Expert Accessory Dwelling Unit (ADU) Drafting Services
 
Common Designing Mistakes and How to avoid them
Common Designing Mistakes and How to avoid themCommon Designing Mistakes and How to avoid them
Common Designing Mistakes and How to avoid them
 
20 slides of research movie and artists .pdf
20 slides of research movie and artists .pdf20 slides of research movie and artists .pdf
20 slides of research movie and artists .pdf
 
Exploring the Future of Smart Garages.pdf
Exploring the Future of Smart Garages.pdfExploring the Future of Smart Garages.pdf
Exploring the Future of Smart Garages.pdf
 
RTUYUIJKLDSADAGHBDJNKSMAL,D
RTUYUIJKLDSADAGHBDJNKSMAL,DRTUYUIJKLDSADAGHBDJNKSMAL,D
RTUYUIJKLDSADAGHBDJNKSMAL,D
 
一比一原版(RHUL毕业证书)伦敦大学皇家霍洛威学院毕业证如何办理
一比一原版(RHUL毕业证书)伦敦大学皇家霍洛威学院毕业证如何办理一比一原版(RHUL毕业证书)伦敦大学皇家霍洛威学院毕业证如何办理
一比一原版(RHUL毕业证书)伦敦大学皇家霍洛威学院毕业证如何办理
 
一比一原版(NCL毕业证书)纽卡斯尔大学毕业证成绩单如何办理
一比一原版(NCL毕业证书)纽卡斯尔大学毕业证成绩单如何办理一比一原版(NCL毕业证书)纽卡斯尔大学毕业证成绩单如何办理
一比一原版(NCL毕业证书)纽卡斯尔大学毕业证成绩单如何办理
 

Fortify aws aurora_proxy_2019_pleu

  • 1. Marco Tusa Percona Fortify your MySQL data security in AWS using ProxySQL and Firewalling
  • 2. • Open source enthusiast • Principal Consultant • Working in DB world over 25 years • Open source developer and community contributor About Me
  • 3. Hello, Attendees! Why use ProxySQL with Aurora or AWS solutions What can be done to make your AWS/Aurora safer and more stable
  • 4. What is ProxySQL (in 1 slide) • ProxySQL has an advanced multi-core architecture. • It's built from the ground up to support hundreds of thousands of concurrent connections, multiplexed to potentially hundreds of backend servers. • Query filtering by design • Query caching • Embedded configuration distribution (cluster) • Design to scale (the largest ProxySQL deployment spans several hundred proxies). • … and more
  • 5. What is AWS Aurora (in 1 slide) • Amazon Aurora is a MySQL and PostgreSQL compatible relational database built for the cloud • Features a distributed, fault-tolerant, self-healing storage system that auto- scales up to 64TB per database instance • Delivers high performance and availability with up to 15 low-latency read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across three Availability Zones • fully managed by Amazon Relational Database Service (RDS) • … and more
  • 6. Use ProxySQL version 2 (The problem) ProxySQL deal with backend servers using: • Replication Hostgroup • Async replication • Scheduler • PXC, NDB etc AWS Aurora do not use READ_ONLY but INNODB_READ_ONLY https://dev.mysql.com/doc/refman/5.7/en/innodb-read-only-instance.html
  • 7. Use ProxySQL version 2 (Solution) October 2017, this issue was opened (https://github.com/sysown/proxysql/ issues/1195 ) MYHGM_MYSQL_REPLICATION_HOSTGROUPS "CREATE TABLE mysql_replication_hostgroups (writer_hostgroup INT CHECK (writer_hostgroup>=0) NOT NULL PRIMARY KEY , reader_hostgroup INT NOT NULL CHECK (reader_hostgroup<>writer_hostgroup AND reader_hostgroup>=0) , check_type VARCHAR CHECK (LOWER(check_type) IN ('read_only','innodb_read_only','super_read_only')) NOT NULL DEFAULT 'read_only' , comment VARCHAR NOT NULL DEFAULT '' , UNIQUE (reader_hostgroup))” mysql> select * from mysql_replication_hostgroups; +------------------+------------------+------------------+------------+ | writer_hostgroup | reader_hostgroup | check_type | comment | +------------------+------------------+------------------+------------+ | 70 | 71 | innodb_read_only | aws-aurora | +------------------+------------------+------------------+------------+ 1 row in set (0.00 sec)
  • 8. Use ProxySQL version 2 (How to implement) First rollout your Aurora setup • Identify the Endpoint for EACH instance • aws rds describe-db-instances • Web interface INSERT INTO mysql_servers (hostname,hostgroup_id,port,weight,max_connections) VALUES ('proxysqltestdb.eu-central-1',70,3306,1000,2000); VALUES ('proxysqltestdb.eu-central-1',71,3306,1000,2000); VALUES ('proxysqltestdb2.eu-central-1',71,3306,1000,2000); VALUES ('proxysqltestdb-eu-central-1b.eu-central.1',71,3306,1,2000); INSERT INTO mysql_replication_hostgroups(writer_hostgroup,reader_hostgroup,comment,check_type) VALUES (70,71,'aws-aurora’, 'innodb_read_only’); LOAD MYSQL SERVERS TO RUNTIME; SAVE MYSQL SERVERS TO DISK;
  • 9. But WHY I should use it? GOOD QUESTION
  • 12. Why Only connection latency When using Java connector Single pointer Values in nanoseconds
  • 13. Why Latency while running the tests Left Aurora Right ProxySQL
  • 14. Why it happens ProxySQL can redirect the queries as you like and to the instance you want. How do we read this graph? From left to right: • read_only test with an Aurora cluster endpoint • read_only test with ProxySQL • write_only with an Aurora cluster endpoint • write_only with ProxySQL • read and write with an Aurora cluster endpoint • read and write with ProxySQL
  • 15. Why it happens The Cluster endpoint is an endpoint for an Aurora DB cluster that connects to the current primary instance for that DB cluster. Each Aurora DB cluster has a cluster endpoint and one primary instance. That endpoint receives the read and write request and sends them to the same instance. The main use for it is to perform failover if needed. Each Aurora DB cluster has a reader endpoint. If there is more than one Aurora Replica, the reader endpoint directs each connection request to one of the Aurora Replicas. The reader endpoint only load balances connections to available Aurora Replicas in an Aurora DB cluster. It does not load balance specific queries. If you want to load balance queries to distribute the read workload for a DB cluster, you need to manage that in your application and use instance endpoints to connect directly to Aurora Replicas to balance the load.
  • 16. Aaah That’s why • Native AWS Cluster endpoints and Reader endpoints are limited in what they offer • With ProxySQL you can very granularly choose how to use each instance, without the need to have the application modify how it works • Using ProxySQL will allow the use of additional elements like • Query Cache • Query rewrite • Blocking/firewalling
  • 17. Now What? Secure all around • Secure access to RDS (account, IASM, Roles) • Secure network access (limit to local range/Port, VPN, etc) • Secure MySQL user/password/location/access + grants • Secure ProxySQL (user/password + encrypted )
  • 19. No is not! Enemies and dangers are around you • Your own application • Developers • Your DBA/OPS • Yourself
  • 20. We can do more • Queries with no filtering (Where) • Over complicated queries • Not indexed Queries • Jobs that are not suppose to hit main production • Reports on writer node/instance Currently the only way to manage some of the above is to use SP and limit all users to execute
  • 21. Fields of action Secure by limiting actions on the db Use Proxy as Firewall
  • 22. MySQL Query Rules Table Filter by: • username • schemaname • client_addr • proxy_addr • proxy_port • digest • match_digest • match_pattern Secure by limiting actions on the db
  • 23. Destination_hostgroup Pointing to different HG Replace_pattern Rewriting the Query Or if firewalling blocking the query Secure by limiting actions on the db: Targets
  • 24. Secure limiting actions on the DB Limit queries by (user/ip/ports) insert into mysql_query_rules (rule_id,client_addr,username,destination_hostgroup,activ e,retries,match_digest,apply) values(24,’192.168.1.50)','app_test', 101,1,3,'^SELECT.*$',1); insert into mysql_query_rules (rule_id,client_addr,username,destination_hostgroup,activ e,retries,match_digest,apply) values(38,'192.168.1.51','app_test',200,1,3,'.',1); client_addr: 192.168.1.50 proxy_addr: NULL proxy_port: NULL client_addr: 192.168.1.51 proxy_addr: NULL proxy_port: NULL
  • 25. Secure limiting actions on the DB Block queries not filtered, without where (I am a dummy) insert into mysql_query_rules (rule_id,match_digest,error_msg,active,apply) values(1,'^SELECTs((?!swhere).)*$','Bad Idea to performa SELECT without a WHERE ... change the syntax and I will let you PASS',1, 1); mysql> select count(*) from wmillAUTOINC; ERROR 1148 (42000): Bad Idea to perform SELECT without a WHERE ... change the syntax and I will let you PASS mysql> select count(*) from wmillAUTOINC where millid=365; | count(*) | | 393 |
  • 26. Secure limiting actions on the DB Block and transform query by type Select/update/inserts use windmills; select count(*) a,tb1.b from wmillAUTOINC aa , (select count(*) b from wmillMID)tb1 where millid=364 | a | b | | 418 | 164577 | No where in subquery match_pattern : select count(*) a,tb1.b from wmillAUTOINC aa , (select count(*) b from wmillMID )tb1 where millid=(d*) replace_pattern: select count(*) a,tb1.b from wmillAUTOINC aa , (select count(*) b from wmillMID where millid=1)tb1 where millid=1 | a | b | | 418 | 407 | https://github.com/sysown/proxysql/issues/1556
  • 27. Use ProxySQL as firewall • block all • block stupid checks (SELECT 1) • let pass something by regexp • let pass only specific queries • Make it efficient
  • 28. IPtables [root@galera1h1n5 ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:mysql ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:tram ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:bmc-reporting ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:krb524 ACCEPT udp -- 10.0.0.0/24 anywhere udp dpt:tram ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpt:42000 ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpt:42002 ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:6033 ACCEPT tcp -- 10.0.0.0/24 anywhere tcp dpt:6032 ACCEPT icmp -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:mysql REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT) target prot opt source destination
  • 30. Filter stupid ping Select 1; Million of times insert into mysql_query_rules (rule_id,match_digest,ok_msg,active,apply) values(500,'SELECT 1','Ok',1, 1);
  • 31. ProxySQL way (apply NOW) SELECT wmillAUTOINC.id,wmillAUTOINC.millid,wmillAUTOINC.location FROM wmillAUTOINC WHERE wmillAUTOINC.millid=300 and wmillAUTOINC.active=1’); insert into mysql_query_rules (rule_id,proxy_port,username,destination_hostgroup,schema name,active,retries,apply,flagout,match_digest) values(101,6033,'pxc_test',52,'windmills',1,3,1,null, 'SELECT wmillAUTOINC .id,wmillAUTOINC .millid,wmillAUTOINC .location FROM wmillAUTOINC WHERE wmillAUTOINC.millid=d* and wmillAUTOINC.active=.*');
  • 32. ProxySQL way (apply Later) Select MAX(millid) as millid ,MAX(active) as active FROM wmillMID; insert into mysql_query_rules (rule_id,proxy_port,schemaname,username,destination_hostg roup,active,retries,match_digest,apply,flagout) values(999,6033,'windmills','pxc_test',50,1,3,' Select MAX(millid) as millid ,MAX(active) as active FROM wmillMID’,0,1000); insert into mysql_query_rules (rule_id,proxy_port,schemaname,username,destination_hostg roup,active,retries,match_digest,apply,flagin) values(1042,6033,'windmills','pxc_test', 52,1,3,'^SELECT.*$',1,1000);
  • 33. Eehm … How much it cost? With nothing enable 10 µ
  • 34. Eehm … How much it cost? Opps 30 µ is a bit too much
  • 35. Can you give me a discount?
  • 36. ProxySQL way (apply now) select hostgroup,schemaname,count_star,digest,replace(replace(digest_te xt,'.','.'),'?','.*') QR from stats_mysql_query_digest where schemaname='windmills' order by count_star desc; | hostgroup | schemaname | count_star | digest | QR | 52 | windmills | 573331 | 0x52A98085A233E516 | SELECT wmillAUTOINC.id,wmillAUTOINC.millid,wmillAUTOINC.location FROM wmillAUTOINC WHERE wmillAUTOINC.millid=.* and wmillAUTOINC.active=.*
  • 37. ProxySQL way (apply NOW digest) SELECT wmillAUTOINC.id,wmillAUTOINC.millid,wmillAUTOINC.location FROM wmillAUTOINC WHERE wmillAUTOINC.millid=300 and wmillAUTOINC.active=1’); insert into mysql_query_rules (rule_id,proxy_port,username,destination_hostgroup,schema name,active,retries,apply,flagout,digest) values(101,6033,'pxc_test',52,'windmills',1,3,1,null,
 '0xDB3A841EF5443C35');
  • 38. ProxySQL way (apply later) select hostgroup,schemaname,count_star,digest,replace(replace(digest_te xt,'.','.'),'?','.*') QR from stats_mysql_query_digest where schemaname='windmills' order by count_star desc; | hostgroup | schemaname | count_star | digest | QR | 52 | windmills | 139 | 0x839B1DCE7A8B247A | | Select MAX(millid) as millid ,MAX(active) as active FROM wmillAUTOINC
  • 39. ProxySQL way (apply Later digest) Select MAX(millid) as millid ,MAX(active) as active FROM wmillMID; insert into mysql_query_rules (rule_id,proxy_port,schemaname,username,destination_hostg roup,active,retries,digest,apply,flagout) values(999,6033,'windmills','pxc_test',50,1,3, '0x839B1DCE7A8B247A',1,1000); insert into mysql_query_rules (rule_id,proxy_port,schemaname,username,destination_hostg roup,active,retries,match_digest,apply,flagin) values(1042,6033,'windmills','pxc_test', 52,1,3,'^SELECT.*$',1,1000);
  • 40. Eehm … How much it cost Now? 4µ is even less than before
  • 41. Eehm … How much it cost? Opps 30 µ is a bit too much
  • 42. Deal Nothing enable : ~ 10 µ Using match_digest : ~ 30 µ Using digest : ~ 4 µ
  • 43. Done! (or conclusions if you like) • ProxySQL is now (v2.x and above) supporting ASW/Aurora • ProxySQL is better than native connector • Your security at SQL level sucks (look at the mirror before complain with others) • ProxySQL allow you implement SQL control and a way to correct things (while you fix them for real) • It has a cost (nothing is for nothing) • At the moment we do not have it (digest solution) automated (Can you develop it? Help the community !)
  • 44. But must done right Performance can be affected (by Tibor Korocz) (https://www.percona.com/blog/2017/04/10/proxysql-rules-do-i-have-too-many/)
  • 45.
  • 47. We’re Hiring 47 Percona’s open source database experts are true superheroes, improving database performance for customers across the globe. Our staff live in nearly 30 different countries around the world, and most work remotely from home. Discover what it means to have a Percona career with the smartest people in the database performance industries, solving the most challenging problems our customers come across.
  • 48. Contact Me To Contact Me: Marco.tusa@percona.com tusamarco@gmail.com To Follow Me: http://www.tusacentral.net/ http://www.percona.com/blog/ https://www.facebook.com/marco.tusa.94 @marcotusa http://it.linkedin.com/in/marcotusa/ Consulting = No mission refused!