TWJUG August, MySQL JDBC Driver "Connector/J"

Copyright © 2014, Oracle and/or its affiliates. All rights reserved.1
MySQL with Java
Ryusuke Kajiyama
MySQL Sales Consulting Senior Manager,
Asia Pacific & Japan

“Connector/J”
JDBC Driver
of MySQL

Connector/J
§  Supports Java 5/6/7/8
§  Supports MySQL 5.0/5.1/5.5/5.6/5.7
§  Stable & mature 5.1 branch
–  Maintenance updates released approximately quarterly
§  Supports MySQL Fabric
–  Supports high-availability configurations
–  Load-balancing, failover, (multi-)master/slave replication
§  JMX-administration
§  Extensible
§  Much more!


Installation
§  One platform-independent download
§  The latest GA release
–  http://www.mysql.com/downloads/connector/j/
§  Deflate and extract the tar.gz or zip file
§  Add the library’s JAR file to your CLASSPATH
environment variable
–  For example
export set CLASSPATH=/opt/java/mysql-connector-java-5.1.36-bin.jar:$CLASSPATH

Quick Load Balancer/Failover History Lesson
§  jdbc:mysql://primary,failover - since 3.0.2 (2002!)
–  From 5.1.13, this is a special case of jdbc:mysql://loadbalance under the
hood
§  jdbc:mysql:replication:// - since 3.1.11 (2005)
–  since 5.1.11, the slaves are a jdbc:mysql:loadbalance:// under the hood
§  jdbc:mysql:loadbalance:// - since 5.0.5 (2007)

Load-balancing/Failover Use Cases
§  Directly (jdbc:mysql:loadbalance:// URL prefix):
–  Clustered (NDB) or Multi-Master Replication deployment where both
read and write operations are distributed across all hosts.
§  Indirectly:
–  Replication deployments where read-only load can be distributed to
slaves (jdbc:mysql:replication://)
–  Deployments requiring strong server affinity for specific server, failing
over only when primary host is unavailable
(jdbc:mysql://primary,failover-1,failover-2...)

Fault Tolerance - Load Balancing/Failover
§  Load-balancing, failover is manageable
–  loadBalanceConnectionGroup=“name”
–  JMX – loadBalanceEnableJMX=true
–  In-VM via com.mysql.jdbc.ConnectionGroupManager
–  Add/remove hosts (gracefully or forcefully)
–  Get active hosts
–  Get inactive hosts
–  Get transaction counts
§  For more details:
http://dev.mysql.com/doc/connector-j/en/connector-j-multi-host-connections.html

Controlling load-balance fail-over
§  Standard component
–  Communication exceptions
–  SQLState starting with “08”
–  User-defined SQLState list match – User-defined Class list match
§  Custom component
–  Implement LoadBalanceExceptionChecker interface

StandardLoadBalanceExceptionChecker
properties
§  LoadBalanceSQLStateFailover
–  Comma-delimited list of SQLState values
–  Will match with trailing wildcard
§  “08” will match “08000” and “08S01”
§  loadBalanceSQLExceptionSubclassFailover
–  Comma-delimited list of fully-qualified class/interface names
–  Comparison using Class.isInstance(Exception)

Custom Exception Checker
§  Must implement LoadBalanceExceptionChecker
–  shouldExceptionTriggerFailover(SQLException ex) method
–  NDBLoadBalanceExceptionChecker example:
public class NdbLoadBalanceExceptionChecker extends
StandardLoadBalanceExceptionChecker {
public boolean shouldExceptionTriggerFailover(SQLException ex) {
return super.shouldExceptionTriggerFailover(ex) || checkNdbException(ex);
}
private boolean checkNdbException(SQLException ex) {
// Have to parse the message since most NDB errors are mapped to the same DEMC, sadly.
return (ex.getMessage().startsWith("Lock wait timeout exceeded") ||
(ex.getMessage().startsWith("Got temporary error")
&& ex.getMessage().endsWith("from NDB")));
}
}

Security with SSL and
Pluggable
Authentication


SSL in MySQL
§  MySQL Community built with yaSSL
§  MySQL Enterprise built with OpenSSL
§  MySQL 5.7 includes SSL improvements
–  Automatic SSL configuration with OpenSSL
§  Previous versions require manual configuration
–  Increased requirements for Diffie-Hellman key exchange
§  Key size minimum increased from 512 to 2048
–  Command line client requires SSL when --ssl is given
–  New mysql_ssl_rsa_setup utility
§  Requires OpenSSL to be installed
§  TLS 1.0


SSL Access Control
§  Any user can connect with SSL
§  MySQL 5.7 moves REQUIRE SSL et al to CREATE USER and ALTER
USER statements
–  Previously included with GRANT
§  Users created with REQUIRE SSL will be denied access when
connecting without SSL
§  Additional constraints available
–  REQUIRE X509
–  AND ISSUER ‘issuer’
–  AND SUBJECT ‘subject’
–  AND CIPHER ‘cipher’


SSL in Connector/J
§  Encrypted communications
§  Establish identity of server
§  Allow server to establish identity of client
§  Required for regulatory and corporate policy compliance


SSL Options in Connector/J
§  useSSL
§  requireSSL
§  verifyServerCertificate
§  clientCertificateKeyStoreUrl
§  clientCertificateKeyStoreType
§  clientCertificateKeyStorePassword
§  trustCertificateKeyStoreUrl
§  trustCertificateKeyStoreType
§  trustCertificateKeyStorePassword
§  enabledSSLCipherSuites


Keys Used in SSL
§  Server public key in truststore
–  Can be specified as connection properties or Java system properties
javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword
–  Used to verify the server identity
–  Not needed if verifyServerCertificate=false
§  Client keypair in keystore
–  Can be specified as connection properties or Java system properties
javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword
–  Used to prove client identity to the server
–  Client identity is not verified by default, use REQUIRE X509


Making SSL Connections
§  useSSL & requireSSL
–  useSSL enables SSL connections
–  requireSSL causes connections to abort if SSL is not supported
§  Importing keys with Java keytool
–  Check manual for tutorial:
§  Connector/J Reference
§  “Connecting Securely Using SSL”
–  keytool -import -alias mysqlServerCACert -file cacert.pem -
keystore keystore


Java 7 & MySQL 5.7 Community
§  MySQL 5.7 community uses Diffie-Hellman key exchange by default
§  Java 7 doesn’t support MySQL 5.7’s required 2048 bit key size for DH
key exchange
§  Exception will be thrown giving instructions
§  Force RSA key exchange with:
–  enabledSSLCipherSuites=
TLS_RSA_WITH_AES_128_CBC_SHA


Pluggable Authentication
§  New feature in MySQL 5.5
§  Supports traditional MySQL authentication and improved SHA-256
password hashing
§  Allows additional methods to be added with server plugins
§  Fully supported including extensible interfaces in Connector/J

Performance Tips


Bandwidth Considerations
§  Use fine-grained queries and avoid fetching unnecessary fields and
rows
§  Run tests with useUsageAdvisor=true to warn for inefficiencies
–  Reports on unused columns
–  Reports on result sets which were closed without reading all rows
§  Cache server configuration by setting
cacheServerConfiguration=true
–  Avoids additional querying during connection initialization


Buffered vs Streaming Results
§  Buffered results read entire result set into memory
–  Ala mysql_store_result()
–  Faster local access
–  Additional memory required
–  Best for OLTP applications
–  Fully scrollable cursors
§  Streaming results read individual rows as used
–  Ala mysql_use_result()
–  Access may be slowed while waiting for network reads
–  Reduced memory requirements
–  Best for very large results
–  Forward only scrollability


Enable Streaming Results
§  com.mysql.jdbc.Statement
–  Vender extension interface
§  Cast statement instances
§  Call enableStreamingResults()
§  Call disableStreamingResults()
§  Optionally set clobberStreamingResults=true
–  Result sets automatically closed when new statements are executed on the same
connections

• Use MySQL with Java
http://dev.mysql.com/usingmysql/java/
• Read Connector/J User Manual
http://dev.mysql.com/doc/refman/5.5/en/connector-j.html
• Visit MySQL “JDBC and Java” Forum
http://forums.mysql.com/list.php?39
• View MySQL Essentials Webinars (Part 1 – Part 5)
http://mysql.com/news-and-events/web-seminars/mysql-essentials.html
• Download MySQL 5.5
http://www.mysql.com/downloads/mysql/
• Download Free MySQL White Papers
http://dev.mysql.com/why-mysql/white-papers/
Learn More: Resources

5.6
MySQL Server - GA
The best release ever with high quality and performance
InnoDB NoSQL API and improved replication durability
MySQL Cluster - GA
200 Million NoSQL Reads/Second
Faster reboot operations and more detailed logs
7.4
5.7
MySQL Server - RC
Refactoring and adding more pluggable components
Faster performance and new NoSQL Features

The world's most popular open source database
世界でもっとも普及している、オープンソースデータベース

TWJUG August, MySQL JDBC Driver "Connector/J"

More Related Content

What's hot

Viewers also liked

Similar to TWJUG August, MySQL JDBC Driver "Connector/J"

More from Ryusuke Kajiyama

Recently uploaded

TWJUG August, MySQL JDBC Driver "Connector/J"