Mais conteúdo relacionado
Semelhante a TWJUG August, MySQL JDBC Driver "Connector/J" (20)
Mais de Ryusuke Kajiyama (13)
TWJUG August, MySQL JDBC Driver "Connector/J"
- 1. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.1
MySQL with Java
Ryusuke Kajiyama
MySQL Sales Consulting Senior Manager,
Asia Pacific & Japan
- 2. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.2
“Connector/J”
JDBC Driver
of MySQL
- 3. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.3
Connector/J
§ Supports Java 5/6/7/8
§ Supports MySQL 5.0/5.1/5.5/5.6/5.7
§ Stable & mature 5.1 branch
– Maintenance updates released approximately quarterly
§ Supports MySQL Fabric
– Supports high-availability configurations
– Load-balancing, failover, (multi-)master/slave replication
§ JMX-administration
§ Extensible
§ Much more!
- 4. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.4
Installation
§ One platform-independent download
§ The latest GA release
– http://www.mysql.com/downloads/connector/j/
§ Deflate and extract the tar.gz or zip file
§ Add the library’s JAR file to your CLASSPATH
environment variable
– For example
export set CLASSPATH=/opt/java/mysql-connector-java-5.1.36-bin.jar:$CLASSPATH
- 5. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.14
Quick Load Balancer/Failover History Lesson
§ jdbc:mysql://primary,failover - since 3.0.2 (2002!)
– From 5.1.13, this is a special case of jdbc:mysql://loadbalance under the
hood
§ jdbc:mysql:replication:// - since 3.1.11 (2005)
– since 5.1.11, the slaves are a jdbc:mysql:loadbalance:// under the hood
§ jdbc:mysql:loadbalance:// - since 5.0.5 (2007)
- 6. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.15
Load-balancing/Failover Use Cases
§ Directly (jdbc:mysql:loadbalance:// URL prefix):
– Clustered (NDB) or Multi-Master Replication deployment where both
read and write operations are distributed across all hosts.
§ Indirectly:
– Replication deployments where read-only load can be distributed to
slaves (jdbc:mysql:replication://)
– Deployments requiring strong server affinity for specific server, failing
over only when primary host is unavailable
(jdbc:mysql://primary,failover-1,failover-2...)
- 7. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.16
Fault Tolerance - Load Balancing/Failover
§ Load-balancing, failover is manageable
– loadBalanceConnectionGroup=“name”
– JMX – loadBalanceEnableJMX=true
– In-VM via com.mysql.jdbc.ConnectionGroupManager
– Add/remove hosts (gracefully or forcefully)
– Get active hosts
– Get inactive hosts
– Get transaction counts
§ For more details:
http://dev.mysql.com/doc/connector-j/en/connector-j-multi-host-connections.html
- 8. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.17
Controlling load-balance fail-over
§ Standard component
– Communication exceptions
– SQLState starting with “08”
– User-defined SQLState list match – User-defined Class list match
§ Custom component
– Implement LoadBalanceExceptionChecker interface
- 9. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.18
StandardLoadBalanceExceptionChecker
properties
§ LoadBalanceSQLStateFailover
– Comma-delimited list of SQLState values
– Will match with trailing wildcard
§ “08” will match “08000” and “08S01”
§ loadBalanceSQLExceptionSubclassFailover
– Comma-delimited list of fully-qualified class/interface names
– Comparison using Class.isInstance(Exception)
- 10. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.19
Custom Exception Checker
§ Must implement LoadBalanceExceptionChecker
– shouldExceptionTriggerFailover(SQLException ex) method
– NDBLoadBalanceExceptionChecker example:
public class NdbLoadBalanceExceptionChecker extends
StandardLoadBalanceExceptionChecker {
public boolean shouldExceptionTriggerFailover(SQLException ex) {
return super.shouldExceptionTriggerFailover(ex) || checkNdbException(ex);
}
private boolean checkNdbException(SQLException ex) {
// Have to parse the message since most NDB errors are mapped to the same DEMC, sadly.
return (ex.getMessage().startsWith("Lock wait timeout exceeded") ||
(ex.getMessage().startsWith("Got temporary error")
&& ex.getMessage().endsWith("from NDB")));
}
}
- 11. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.20
Security with SSL and
Pluggable
Authentication
- 12. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.21
SSL in MySQL
§ MySQL Community built with yaSSL
§ MySQL Enterprise built with OpenSSL
§ MySQL 5.7 includes SSL improvements
– Automatic SSL configuration with OpenSSL
§ Previous versions require manual configuration
– Increased requirements for Diffie-Hellman key exchange
§ Key size minimum increased from 512 to 2048
– Command line client requires SSL when --ssl is given
– New mysql_ssl_rsa_setup utility
§ Requires OpenSSL to be installed
§ TLS 1.0
- 13. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.22
SSL Access Control
§ Any user can connect with SSL
§ MySQL 5.7 moves REQUIRE SSL et al to CREATE USER and ALTER
USER statements
– Previously included with GRANT
§ Users created with REQUIRE SSL will be denied access when
connecting without SSL
§ Additional constraints available
– REQUIRE X509
– AND ISSUER ‘issuer’
– AND SUBJECT ‘subject’
– AND CIPHER ‘cipher’
- 14. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.23
SSL in Connector/J
§ Encrypted communications
§ Establish identity of server
§ Allow server to establish identity of client
§ Required for regulatory and corporate policy compliance
- 15. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.24
SSL Options in Connector/J
§ useSSL
§ requireSSL
§ verifyServerCertificate
§ clientCertificateKeyStoreUrl
§ clientCertificateKeyStoreType
§ clientCertificateKeyStorePassword
§ trustCertificateKeyStoreUrl
§ trustCertificateKeyStoreType
§ trustCertificateKeyStorePassword
§ enabledSSLCipherSuites
- 16. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.25
Keys Used in SSL
§ Server public key in truststore
– Can be specified as connection properties or Java system properties
javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword
– Used to verify the server identity
– Not needed if verifyServerCertificate=false
§ Client keypair in keystore
– Can be specified as connection properties or Java system properties
javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword
– Used to prove client identity to the server
– Client identity is not verified by default, use REQUIRE X509
- 17. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.27
Making SSL Connections
§ useSSL & requireSSL
– useSSL enables SSL connections
– requireSSL causes connections to abort if SSL is not supported
§ Importing keys with Java keytool
– Check manual for tutorial:
§ Connector/J Reference
§ “Connecting Securely Using SSL”
– keytool -import -alias mysqlServerCACert -file cacert.pem -
keystore keystore
- 18. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.28
Java 7 & MySQL 5.7 Community
§ MySQL 5.7 community uses Diffie-Hellman key exchange by default
§ Java 7 doesn’t support MySQL 5.7’s required 2048 bit key size for DH
key exchange
§ Exception will be thrown giving instructions
§ Force RSA key exchange with:
– enabledSSLCipherSuites=
TLS_RSA_WITH_AES_128_CBC_SHA
- 19. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.29
Pluggable Authentication
§ New feature in MySQL 5.5
§ Supports traditional MySQL authentication and improved SHA-256
password hashing
§ Allows additional methods to be added with server plugins
§ Fully supported including extensible interfaces in Connector/J
- 20. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.32
Performance Tips
- 21. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.33
Bandwidth Considerations
§ Use fine-grained queries and avoid fetching unnecessary fields and
rows
§ Run tests with useUsageAdvisor=true to warn for inefficiencies
– Reports on unused columns
– Reports on result sets which were closed without reading all rows
§ Cache server configuration by setting
cacheServerConfiguration=true
– Avoids additional querying during connection initialization
- 22. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.34
Buffered vs Streaming Results
§ Buffered results read entire result set into memory
– Ala mysql_store_result()
– Faster local access
– Additional memory required
– Best for OLTP applications
– Fully scrollable cursors
§ Streaming results read individual rows as used
– Ala mysql_use_result()
– Access may be slowed while waiting for network reads
– Reduced memory requirements
– Best for very large results
– Forward only scrollability
- 23. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.35
Enable Streaming Results
§ com.mysql.jdbc.Statement
– Vender extension interface
§ Cast statement instances
§ Call enableStreamingResults()
§ Call disableStreamingResults()
§ Optionally set clobberStreamingResults=true
– Result sets automatically closed when new statements are executed on the same
connections
- 24. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.62
• Use MySQL with Java
http://dev.mysql.com/usingmysql/java/
• Read Connector/J User Manual
http://dev.mysql.com/doc/refman/5.5/en/connector-j.html
• Visit MySQL “JDBC and Java” Forum
http://forums.mysql.com/list.php?39
• View MySQL Essentials Webinars (Part 1 – Part 5)
http://mysql.com/news-and-events/web-seminars/mysql-essentials.html
• Download MySQL 5.5
http://www.mysql.com/downloads/mysql/
• Download Free MySQL White Papers
http://dev.mysql.com/why-mysql/white-papers/
Learn More: Resources
- 25. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.63
5.6
MySQL Server - GA
The best release ever with high quality and performance
InnoDB NoSQL API and improved replication durability
MySQL Cluster - GA
200 Million NoSQL Reads/Second
Faster reboot operations and more detailed logs
7.4
5.7
MySQL Server - RC
Refactoring and adding more pluggable components
Faster performance and new NoSQL Features
- 26. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.64
The world's most popular open source database
世界でもっとも普及している、オープンソース データベース