Professional Documents
Culture Documents
1 and Roadmap
Rasmus Johansson
VP Engineering, MariaDB Corporation
Agenda
MariaDB 10.1 New Features
MariaDB 10.1 Security Feature Set
MariaDB 10.2
Other interesting things
17/03/2016
17/03/2016
Security
17/03/2016
High
Availability
MariaDB Corporation Ab.
Scalability
High
Availability
17/03/2016
17/03/2016
wrep_on = ON
wsrep_provider
wsrep_cluster_address
binlog_format=ROW
default_storage_engine=InnoDB
innodb_autoinc_lock_mode=2
innodb_doublewrite=1
query_cache_size=0
17/03/2016
Scalability
17/03/2016
10
17/03/2016
11
Performance Improvements
Especially for High-End Servers
High processing power
More cores
12
InnoDB Defragmentation
Deleted records can create gaps on pages
Defragmentation based on an implementation
from Facebook and Kakao Corp.
Neither new SQL literals nor server changes
needed
13
17/03/2016
14
Security
17/03/2016
15
Security
17/03/2016
Validation
Encryption
Authentication
Auditing
16
Validation
Encryption
Authentication
Auditing
17/03/2016
17
18
XtraDB/InnoDB tablespaces
XtraDB/InnoDB log files
Binary logs
Aria tables
Temporary files
No Encryption for
Metadata
Memory
Config-Files
17/03/2016
19
20
More info:
https://mariadb.com/kb/en/mariadb/xtradbinnodb-data-scrubbing/
17/03/2016
21
cracklib_password_check plugin
A widely used library
Stop users from choosing easy to guess passwords. It includes checks
for not allowing passwords based on the username or a dictionary
word etc.
17/03/2016
22
17/03/2016
23
DBA
Update Schema
View Statistics
Create Database
MariaDB 10
Developer
Sysadmin
MariaDB Corporation Ab.
Database
Tables
Roles
CREATE ROLE journalist;
GRANT SHOW DATABASES ON *.* TO journalist;
GRANT ALL ON db1.* TO journalist;
GRANT journalist to user1;
https://mariadb.com/kb/en/mariadb/roles-overview/
26
DISCONNECT
FAILED CONNECT
DDL
QUERY
DML+TCL
TIMESTAMP
HOST
USER
SESSION
DCL
DATABASE
OBJECT
TABLES
17/03/2016
27
17/03/2016
28
SSL Connections
Encrytion between client and server
Disabled by default
TLSv1.2 protocol
SSL also available for replication
Variables needed to use SSL
ssl-ca=ca.pem
ssl-cert=server-cert.pem
ssl-key=server-key.pem
17/03/2016
29
Encryption Functions
Encrytion functions are used per column
Available encryptions
AES (Advanced Encryption Standard) algorithm
DES (Data Encryption Standard) algorithm
Requires SSL to be configured
17/03/2016
30
GSS-API on Linux
Red Hat Directory Server
OpenLDAP
SSPI on Windows
Ticket
1request
Service
2ticket
Active Directory
3-
Client
Here is my service
ticket, authenticate me
MariaDB 10.2
17/03/2016
32
Feature
Analytics
Window Functions
Connectors
MySQL 5.7
New APIs
Security
Replication
Performance
Password expiration
Extend AES_ENCRYPT()
Built-in JSON functions from MySQL and/or Facebook and/or SQL Standard
JSON_CONTAINS, JSON_EXTRACT, JSON_INSERT, JSON_APPEND, JSON_REMOVE,
Indexing of JSON
CREATE TABLE t1 (col1 JSON, col2 INT AS JSON_EXTRACT(col1, "$.id"), KEY(col2))
Thank You
mariadb.com
rasmus@mariadb.com
"MySQL is a registered trademark of Oracle and/or its affiliates. Other names may be trademarks
of their respective owners. MariaDB is not affiliated with MySQL."
MariaDB Corporation Ab.
38