by Jaime Sicam | Mar 27, 2024 | Insight for DBAs, MongoDB, Percona Software, Security
Percona Server for MongoDB currently has several external authentication options, such as LDAP with SASL, LDAP, Kerberos, and AWS IAM. What is amazing is that SASL can authenticate with Pluggable Authentication Modules (PAM) too. This means that you still have... by Jaime Sicam | Sep 19, 2022 | Cloud, Insight for DBAs, MongoDB, Percona Software
As of Percona Operator for MongoDB 1.12.0, the documentation now has instructions on how to configure LDAP Authentication and Authorization. It already contains an example of how to configure the operator if OpenLDAP is your LDAP server. Here is another example of... by Jaime Sicam | Apr 21, 2020 | Insight for DBAs, MongoDB, Security
Since the release of Percona Server MongoDB 3.6.13 (PSMDB), you have been able to use Vault to store the encryption keys for data at rest encryption. Here’s how to set it up.First, you need to have a Vault server up and running. My colleague, Jericho, has an... by Jaime Sicam | Jul 1, 2019 | Insight for DBAs, MySQL
It’s bad practice to provide world-writable access to critical files in Linux, though we’ve seen time and time again that this is done to conveniently share files with other users, applications, or services. But with Xtrabackup, preparing backups could go... by Jaime Sicam | Oct 1, 2018 | Insight for DBAs, MySQL
MySQL supports replicating to a slave that is one release higher. This allows us to easily upgrade our MySQL setup to a new version, by promoting the slave and pointing the application to it. However, though unsupported, there are times when the MySQL version of slave... by Jaime Sicam | Jul 2, 2018 | Insight for DBAs, MySQL
GTID replication has made it convenient to setup and maintain MySQL replication. You need not worry about binary log file and position thanks to GTID and auto-positioning. However, things can go wrong when pointing a slave to a different master. Consider a situation... by Jaime Sicam | Mar 26, 2018 | Insight for DBAs, MySQL, Percona Software
In this post, we’ll look at the MySQL 8.0 innodb_dedicated_server variable.MySQL 8.0 introduces a new variable called innodb_dedicated_server. When enabled, it auto tunes innodb_buffer_pool_size, innodb_log_file_size and innodb_flush_method at startup (if these... by Jaime Sicam | Jan 12, 2018 | Monitoring, MySQL, Percona Software
In this short blog post, I will show you how you can compare current and past time series in Percona Monitoring and Management (PMM).Recently, a support customer shared a graph with us that compared query throughput between today and yesterday as a confirmation that... by Jaime Sicam | Jul 13, 2017 | Insight for DBAs, MySQL, Percona Software, Security
In this blog post, we’ll look at how to set up Percona PAM with Active Directory for external authentication.In my previous article on Percona PAM, I demonstrated how to use Samba as a domain, and how easy it is to create domain users and groups via the... by Jaime Sicam | Apr 21, 2017 | Insight for DBAs, MySQL, Security
In this blog, we’ll look at how to setup and troubleshoot the Percona PAM authentication plugin.We occasionally get requests from our support clients on how to get Percona Server for MySQL to authenticate with an external authentication service via LDAP or... by Jaime Sicam | Dec 28, 2016 | Insight for DBAs, MySQL
In a previous article, Ovais demonstrated how a DDL can render a table blocked from new queries. In another article, Valerii introduced performance_schema.metadata_locks, which is available in MySQL 5.7 and exposes metadata lock details. Given this information,... by Jaime Sicam | Feb 10, 2014 | MySQL
One of the common tasks requested by our support customers is to optimize slow queries. We normally ask for the table structure(s), the problematic query and sample data to be able to reproduce the problem and resolve it by modifying the query, table structure, or... by Jaime Sicam | Aug 14, 2013 | MySQL
Percona Server is bundled with the PAM plugin which opens a plethora of ways to authenticate to MySQL such as restricting time when users can connect to MySQL, authenticate via a USB key, authenticate to an external authentication system such as LDAP and many, many...