Seppo Jaakola is going to present the topic “MariaDB Galera Cluster Security” at the Security MariaDB Server Fest (Wed 6 April 2022).
I’m currently watching his talk. Let me share with you some details. Seppo is not talking about native MariaDB security features that are by default supported by Galera, but due to the distributed cluster topology additional security related measures are needed. He talks about cluster topology, cluster communication security, Galera enhancement Data at REST encryption and the new 10.9 feature Node screening by IP Allowlist.
Do you have questions to ask Seppo?
In this blog we are going to proceed to create the frontend container to communicate with the backend through a Service and other resources.
When an application is run through the Deployment Pods are created and destroyed dynamically. When created, they get the internal IP address in a cluster, and since they are ephemeral, there needs to be a stable way to allow communications between Pods.
If you ever had to do query performance troubleshooting with MariaDB, you should be
familiar with MariaDB’s ANALYZE for statements feature. It does what EXPLAIN ANALYZE does in some other database systems: ANALYZE query runs the query and produces EXPLAIN output, amended with the data from the query execution:
FROM orders, customer
customer.c_custkey = orders.o_custkey AND
customer.c_acctbal < 0 AND
orders.o_totalprice > 200*1000
| id | select_type | table | type | possible_keys | key | key_len | ref | rows | r_rows | filtered | r_filtered | Extra |
| 1 | SIMPLE | customer | ALL | PRIMARY,…
Things happen, schedules change. I don’t want to bother you with details, so you’ll have to take my word for it: Events related to Russia invading Ukraine have caused us to delay our Security themed MariaDB Server Fest with a week, from Wed 30 March to Wed 6 April 2022.
This is probably the mildest of the consequences of the ongoing war. Nonetheless, we apologise for the inconvenience.
The MariaDB 10.9 preview releases introduce a MySQL compatibility syntax extension, range notation. The ‘last’ keyword was added in JSON path expression, as requested in MDEV-22224 and MDEV-27911. Additionally, negative indexes are now also supported. Range notation, implemented using the ‘to’ keyword, and the ‘last’ keyword, is basically an array element selector.
[M to N] selects a range of elements starting from index M to N.
[last-N] / [last] selects the Nth from last element, and last element, respectively.
We are pleased to announce the third MariaDB series release under the new release model, MariaDB 10.9.0.
One of the purposes of the new model is to get features into the hands of users more quickly, in a form which supports stability by allowing the new feature to be more easily tested, separate from other new features being developed at the same time.
There are four separate preview releases, containing the following features under consideration for release in 10.9.1:
SHOW ANALYZE FORMAT=JSON
- Extend SHOW EXPLAIN to support SHOW ANALYZE [FORMAT=JSON] (MDEV-27021)
- Add EXPLAIN FOR CONNECTION syntax support to SHOW EXPLAIN (MDEV-10000)
JSON Range Notation
- Implement range notation for JSONPath (MDEV-27911)
- Support JSONPath negative index (MDEV-22224)
- JSON_OVERLAPS function (MDEV-27677)
Async redo log write
- Asynchronous redo log write (MDEV-26603)
- Implement the –do-domain-ids, –ignore-domain-ids, and –ignore-server-ids options for mysqlbinlog (MDEV-20119)
- information_schema.tables.table_type now shows TEMPORARY
for local temporary tables.
This is the first in a series of blogs explaining how to use MariaDB in Kubernetes (K8s), as well as explaining some important concepts of K8s and of MariaDB.
This blog explains how to start MariaDB as a stateless application in K8s using the CLI and explores different commands you can run on your CLI.
Let’s first start the minikube
$ minikube start && kubectl get nodes
NAME STATUS ROLES AGE VERSION
minikube Ready control-plane,master 104d v1.22.2
The Pod is a K8s resource and the smallest unit in K8s.
Good news from and for MariaDB Foundation: in Schaffhausen Institute of Technology (SIT), we have a new Platinum Sponsor. With the additional funds and with the insights provided by Serguei Beloussov, who will work with the MariaDB Foundation on the board level, we expect to improve our ability to further the MariaDB Foundation mission related to our values of Openness, Adoption, and Continuity.
This event marks a first in our work with sponsors, given that our top-level sponsor list has so far contained only names fairly familiar to industry players: DBS Bank, Visma, IBM, Microsoft, Alibaba, Tencent, and Service Now, not to mention the eponymous MariaDB Corporation.