PlanetMysql.ru — информация о СУБД MySQL

Hanging out in #mysql on freenode the other day, I overheard someone saying that the reason to use connection pools with MySQL is because JDBC connections are expensive to create. That is true out of the box, but mostly because the out of the box behavior of MySQL's JDBC driver is to be standards-compliant. If you know that your DBA and your developers aren't doing crazy things with the database (changing configurations without letting the developers know, going around the "standard" API calls to start/end transactions, etc), then you can get to the point where connection setup is no slower than any other API. Does this mean you shouldn't use a connection pool? NO! (more on this next week).

Here's an iterative overview of the changes made in configuration, and how they affect what queries the driver does on initialization.

First, asking the driver to connect with default configuration results in the following statements being issued for every connection:

SHOW VARIABLES WHERE Variable_name ='language' OR Variable_name = 'net_write_timeout' 
  OR Variable_name = 'interactive_timeout' 
  OR Variable_name = 'wait_timeout' 
  OR Variable_name = 'character_set_client' 
  OR Variable_name = 'character_set_connection' 
  OR Variable_name = 'character_set' 
  OR Variable_name = 'character_set_server' 
  OR Variable_name = 'tx_isolation' 
  OR Variable_name = 'transaction_isolation' 
  OR Variable_name = 'character_set_results' 
  OR Variable_name = 'timezone' 
  OR Variable_name = 'time_zone' 
  OR Variable_name = 'system_time_zone' 
  OR Variable_name = 'lower_case_table_names' 
  OR Variable_name = 'max_allowed_packet' 
  OR Variable_name = 'net_buffer_length' 
  OR Variable_name = 'sql_mode'
  OR Variable_name = 'query_cache_type' 
  OR Variable_name = 'query_cache_size' 
  OR Variable_name = 'init_connect'

SELECT @@session.auto_increment_increment
SHOW COLLATION
SET NAMES utf8
SET character_set_results = NULL
SET autocommit=1
SET sql_mode='STRICT_TRANS_TABLES'

WIth this out of the box configuration, my development rig is topping out around 115 connections/second.

Now, let's tell the driver that we're not going to change any of those variables above while the application is deployed, so that it may cache them by adding "cacheServerConfiguration=true" to the connection string. The first connection will take the same amount of time, but subsequent connections using the same URL in the same JVM will not issue the "SHOW VARIABLES..." statement. We now end up with the following SQL statements on all connections after the first one:

SET NAMES utf8
SET character_set_results = NULL
SET autocommit=1
SET sql_mode='STRICT_TRANS_TABLES'

Next, let's make sure that we've set 'character_set_client' and 'character_set_server' on mysql to match what we're requesting, which for this test was UTF8. Once that is done, the driver no longer has to issue "SET NAMES utf8":

SET character_set_results = NULL
SET autocommit=1
SET sql_mode='STRICT_TRANS_TABLES'

We can get rid of the "SET character_set_results = NULL" if we set the server to match what the JDBC driver is requesting. The default (NULL), is so that character set conversions on result sets is pushed out to the clients, rather than burning CPU at the mysql server, since Java can convert between all character sets MySQL supports on its own. In this example, we assume that the database data is always in UTF-8, so setting by setting 'character_set_results' in MySQL to "utf8", and adding "characterSetResults=UTF-8" to the connection string, we're now at:

SET autocommit=1
SET sql_mode='STRICT_TRANS_TABLES'

I generally prefer all applications to be using a transactional storage engine like InnoDB, and strict mode to keep the data clean and consistent and catch programmer errors, so by adding "sql_mode=STRICT_TRANS_TABLES" to the server's my.cnf, the JDBC driver only issues these statements on connect:

SET autocommit=1

Java developers shouldn't be doing end-runs around Connection.commit(), Connection.rollback() and Connection.setAutoCommit(boolean) by issuing those as regular statements, so in almost all cases it's then safe to add "useLocalSessionState=true" to the connection string, and you end up with zero statements issued by the JDBC driver for connection setup after the first to grab the server configuration to be cached.

After those few small tweaks to the connection string, we're now able to create and close 667 connections/second from a single thread on my old beater of a Macbook Pro to a MySQL server on the same box (this value might be somewhat lower if the connection actually has to go over the wire). For comparison, PHP-5.3.6 using mysqlnd and the following script can create and close 500 connections/second on the same machine:

<?php
date_default_timezone_set("America/Chicago");

$now = new DateTime;

for ($i = 0; $i < 10000; $i++) {
 $link = mysql_connect('127.0.0.1', 'someUser', 'somePassword');
 if (!$link) {
        die('Could not connect: ' . mysql_error());
 }
 mysql_close($link);
}

$then = new DateTime;
$elapsed = $then->diff($now);

echo $elapsed->format('%s seconds');

?>

Stay tuned next week, when we see why you still might want to use a connection pool, even though you can create connections more than fast enough :) Want to know where to read up on all of these configuration parameters? Check out our fine manual at http://dev.mysql.com/doc/refman/5.5/en/connector-j-reference-configuration-properties.html
PlanetMySQL Voting: Vote UP / Vote DOWN

Couchbase raises $14m. AppFog raises $8m. Much ado about Percona Live MySQL Conference and Expo. And more.

# Couchbase raised $14m in series C funding for its NoSQL database.

# AppFog raised $8m series B funding for its PHP-based platform-as-a-service.

# Percona announced its plans to host a Percona Live MySQL Conference and Expo on April 10-12, effectively replacing the O’Reilly MySQL Conference and Expo.

# The announcement sparked some rumblings of discomfort around the MySQL community with Giuseppe Maxia and Sheeri Cabral disputing Baron Schwartz’s claim that “to the best of our knowledge, no one else was planning one” and Monty Widenius stating that he had “personally talked with Percona about this a few weeks ago”.

# SkySQL’s Kaj Arno also called for the community to rally around an event focused on users, while Henrik Ingo welcomed the Percona event and doubted whether plans for a vendor-neutral event had got very far. Roland Bouman also voiced his support for the event.

# Red Hat announced that its Red Hat OpenShift Platform-as-a-Service now supports Java Enterprise Edition 6

# Jaspersoft announced Self-Service Express, offering open source users BI documentation and knowledge base articles.

# Microsoft apparently no longer thinks Linux is a competitive threat to its desktop business.

# Cisco and Twitter joined the Open Invention Network.

# Fabrizio Capobianco asked if there really is room for a third mobile OS.

# Alembic 1.0, the open source computer graphics interchange format jointly developed by Sony Pictures Imageworks and Lucasfilm was released.

PlanetMySQL Voting: Vote UP / Vote DOWN

XKCD (as usual) makes a very good point – this time about password strength, and I reckon it’s something app developers need to consider urgently. Geeks can debate the exact amount of entropy, but that’s not really the issue: insisting on mixed upper/lower and/or non-alpha and/or numerical components to a user password does not really improve security, and definitely makes life more difficult for users.

So basically, the functions that do a “is this a strong password” should seriously reconsider their approach, particularly if they’re used to have the app decide whether to accept the password as “good enough” at all.

PlanetMySQL Voting: Vote UP / Vote DOWN

About Jelastic:

Jelastic is the next generation of Java Platforms as a Service.

Unlike previous cloud platforms, Jelastic:

• Can run any Java application and so does not require developers to change their code or get locked-into the platform,
• Can scale any application up and down by automatically adding or removing memory and CPU units depending on the application load,
• Takes all configuration and management worries away: developers simply specify the application stack and database options they need and Jelastic creates, configures, and maintains the environment for them
• Supports a wide range of application server stacks including Tomcat, JBoss, Jetty, and GlassFish
• Out of the box, allows users to get a preconfigured instance of MariaDB up and running and available to the application.

A beta version of Jelastic is available at http://jelastic.com and it is free throughout the beta program including the use of MariaDB.

You can see videos, read more, and deploy your Java applications in Jelastic today at http://jelastic.com.

Supporting quotes:

Monty Widenius – founder of MySQL and creator of MariaDB:

“It is now even easier to get started with MariaDB. Jelastic lets any Java developer simply upload a Java WAR package, pick MariaDB in the Jelastic environment configuration, and get the best database out there up and running. Java has just received its next generation of Platform-as-a-Service system and it is great that MariaDB is a part of it.”

Hivext CEO Ruslan Synytskyy:

“We are excited to have MariaDB available as a storage option in Jelastic. Full compatibility with MySQL and much improved perfomance, scalability, and feature-set give our customers a state-of-the-art database to suit their application needs.”

About MariaDB:

MariaDB strives to be the logical choice for database professionals looking for a robust, scalable, and reliable RDBMS (Relational Database Management System). MariaDB can be deployed as a drop-in replacement for the popular MySQL database and it is built by some of the original authors of MySQL with assistance from the broader community of Free and open source software developers. In addition to the core functionality of MySQL, MariaDB offers a rich set of feature enhancements including alternate storage engines, server optimizations, and security and performance patches. More information on MariaDB is available at http://mariadb.org and http://kb.askmonty.org.

About Hivext Technologies:

Hivext Technologies is the creator of Jelastic – Java platform as a service which runs a vast variety of Java application stacks, SQL and NoSQL
databases, and can automatically vertically scale up and down any Java application. Jelastic is available as a service for Java developers at
http://jelastic.com, and as a package for hosting providers wishing to add Java hosting to their portfolio. Learn more at http://jelastic.com.

PlanetMySQL Voting: Vote UP / Vote DOWN

A busy week at Casa Turner, as the infamous Home Renovations of Doom wrap up, I finish the final chapters of "Developing Enterprise iOS Applications" (buy a copy for all your friends, it's a real page turner!), pack for two weeks of vacation with the family in California (Palm Springs in August, 120 degrees, woohoo!), and celebrate both a birthday and an anniversary.

But never fear, WIR fans, I'll continue to supply the news, even as my MacBook melts in the sun and the buzzards start to circle overhead.

The law of unintended consequences

If you decide to install Lion Server, you may notice something missing from the included software: MySQL. Previous releases of OS X server offered pre-installed MySQL command line and GUI tools, but they are AWOL from Lion. Instead, the geek-loved but less widely used Postgres database is installed.

It seems pretty obvious to the casual observer why Apple would make this move. With Oracle suing Google over Java, and Oracle's open source philosophy in doubt, I know I wouldn't want to stake my bottom line on an Oracle package bundled with my premiere operating system. Apple could have used one of the non-Oracle forks of MySQL, but it appears they decided to skirt the issue entirely by going with Postgres, which has a clear history of non-litigiousness.

Meanwhile, Oracle had better be asking themselves if they can afford to play the games they've been playing without alienating their market base.

South Korea fines Apple 3 million won, which works out to ...

Apple has bee been hit with a penalty from the South Korean government that's a result of the iPhone location-tracking story that broke earlier this year. Now, Apple may have more money than the U.S. Treasury sitting in petty cash right now, but it will be difficult for them to recover from such a significant hit to their bottom line: a whopping 3 million won, which works out to a staggering ... um ... $2,830. Never mind.

Java 7 and the risks of X.0 software

Java 7 was recently released to the world with great fanfare and todo. This week, we got a reminder why using an X.0 version of software is a risky endeavor. It turns out that the optimized compiler is really a pessimized compiler, and that programs compiled with it stand a chance of crashing. Even better, there's a chance they'll just go off and do the wrong thing.

Java 7 seems to be breaking new ground in non-deterministic programming, which will be very helpful for physics researchers working with the Heisenberg uncertainty principle. What could be more appropriate for simulating the random behavior of particles than a randomly behaving compiler?

Got news?

Please send tips and leads here.

Related:

• More Developer Week in Review coverage

PlanetMySQL Voting: Vote UP / Vote DOWN

Topics for this podcast:

*Oracle, Java, the Apache Software Foundation and open source
*An update on some open source database and data management players
*CorraTech grows with support for open source application alternatives
*Red Hat-Makara acquisition analysis and impact
*Linux kernel report shows strong support, but what now for Novell?

iTunes or direct download (29:31, 5.1MB)

PlanetMySQL Voting: Vote UP / Vote DOWN

Rapid Application Development (RAD) is a way of developing computer software applications with less effort than the traditional means.

RAD tools focus on providing code generation and automated testing capabilities with the use of convention over configuration to provide a streamlined workflow to create applications.

Even with the most advanced and easiest to use RAD tools, there are times which the traditional enterprise and the business software development vendors which are having their own implementations and in-house built frameworks are continuously refusing to adopt them.

Most of the misconceptions on the RAD are based on FUD (Fear, Uncertainty and Doubt) which has been created around the internal complexity of the RAD tools.

Here we take a look at the biggest common misconceptions on RAD tool adoption in the enterprise.

1. RAD tools are magical

This is a common myth among the developers who insist on writing their own code from scratch.

Due to the elegance and the accuracy of properly generated applications, they will assume that the changing of generated code would cause the application to lose its beauty.

They are reluctant to see patterns in commonly developed applications which could be easily generated by the use of RAD tools.

2. You can’t make changes to the generated code

Most of the code generated by the RAD tools are editable, but takes a developer who has the understanding on the related technologies.

When people do not have the exposure to the technologies beneath the RAD generated code, they will start to spread fear and doubt on the customizability of the generated application.

3. RAD tools are for simple applications

Yes, simple applications can be generated by RAD tools, but it doesn’t limit you from creating a large application with the use of the tool.

As long as your application is properly designed, RAD tools will always have a solution.

Agree or not, most of the current applications with support to the cloud are the ones built with RAD tools.

4. You can’t make mistakes while generating the code

Most RAD tools have the capability of correcting mistakes done while generating the code. In most cases, even if you have made a mistake that the tool cannot reverse, there will be a manual way you can correct it.

5. You can’t make complex user interfaces with RAD tools

First, ask yourself whether you really need a complex user interface. The users are really comfortable using a simple, elegant and consistent user interface, rather than a complex and bloated user interface.

Even if you want a complex user interface, you can always integrate your generated code to your own user interface.

6. RAD is for startups, not for big businesses

If you are a big business, you will benefit more from RAD than a startup, because your development and testing time would be significantly reduced due to the reuse of patterns.

Actually, big businesses use RAD, but will not tell you.

7. You can’t integrate RAD applications with other systems

This again is due to the lack of knowledge about the particular application development framework. Almost all of the RAD tools provide means of exposing services to integrate your generated application to other applications.

8. You can’t work in a team setting or use a Version Control System (VCS)

You can always check-in your generated code to the VCS, and work in collaboration. In most of the cases, you just have to make sure only one developer is responsible for the use of tool for a particular module of the application.

9. RAD tools lock you in for a particular technology

Before asking this, ask yourself how much you is locked into the technology which you are currently using.

Most tools provide a humble way to remove the RAD tool dependencies and continue the project as a handwritten project.

10. People who can code should always code, instead of using tools

People who can cook, should always cook? No. Especially when they are given a machine which can create any delicious meal, once the guidelines are defined by the cook? No, not at all.
People, who can code, are the best people to properly use RAD tools, as they understand the tool better, and are able to extend and make the maximum use of the power of the tool.

Additionally, they can write add-ons, application specific and platform specific components to better match the business needs while increasing productivity to the organization as a whole.

11. RAD tools reduces the job security of the developers

This is largely false, as the tool would only increase productivity. Developers would have more time creating ‘applications’ instead of creating ‘application code’. As the tests and the related scripts are automatically generated they would have more time for manual testing of the application and to cater more requirements instead of battling the complexities arising from day to day changes to the application.

12. You can’t maintain generated applications with RAD tools

Before asking this question, look at your own code and see how much legacy code and technologies are still present. One thing you would understand is that application code never grows old or dies. As long as it works, it will be alive.

Using RAD tools, you will always have the particular version of the tool to make changes to the existing code based on the available capabilities. Even if a new version comes along, it will be mostly backwards compatible and would even have capabilities to support the conversion of the existing generated code to the new code to make it better. This is largely possible due to the proper use of patterns in the generated application.

13. RAD is complete

The perfect RAD tool is not yet complete, but the current tools have been evolved over the years and are usually more than enough for almost all businesses. Most tools would provide you ways to enhance the tool in order to better cater for your individual needs.

14. RAD will take your house, your spouse, everything you have and leave you with nothing.

No. Really?

These are just the biggest misconceptions; the rest will be covered in a next post on this blog.

Additional Resources:

• Wikipedia: Rapid Application Development
• Wikipedia: Fear, Uncertainty and Doubt

Frameworks and Tools

• Microsoft Visual Studio
• Grails
• Spring Roo
• CakePHP

Read more posts on this blog :

• Nokia and Symbian : Business and Software : Lessons To Be Learnt
• What Apple taught other businesses tonight.
• Flash and Runtimes on Mobile Devices, Who is right? Steve Jobs or Adobe?
• MySQL is gone. Here comes MariaDB and Drizzle.
• Is Open Source software a classic example of fail for Design by Committee?
• Why a ‘Single Line’ was added to the Solaris Terms of Use by Oracle?
• Oracle starts to monetize Free Software, is it wrong?

 

PlanetMySQL Voting: Vote UP / Vote DOWN

If you live in the U.S., this is the week to gorge on turkey. I wondered out loud last night to my wife if Thanksgiving is the day of the year when the most people eat the same meal. Can any of our overseas readers add to the conversation? Is there a holiday in your country where everyone eats pretty much the same thing? Anyway, before American brains shut down from an overdose of stuffing, here's some developer news you can use.

Oracle announces Plan B for Java

The Java language has continued to evolve over the years, adding features such as Generics. There's an ambitious wishlist of things that developers would like to see in Java 7, but apparently not enough time to do it all and still get a timely release out. As a result, the JCP has decided to forego some of the goodies until Java 8, which is not expected to grace the world until late 2012.

As a recovering LISP-head, the item on the deferred list that catches my eye the most is Lambda expressions/closures. With even relatively "primitive: languages such as Objective-C starting to adopt these structures in the form of Blocks, Java is already behind the curve in this regard. It's a shame it will have to wait another year.

No word if Java Plan B will require a doctor's prescription, or be available to developers under 18 without a note from their parent.

Did we win the SCO battle, but lose the Unix War?

As someone who has 10 framed shares of SCO hanging over his toilet, I was definitely among the many who rejoiced in the sound thrashing SCO received at the hands of Novell, in regards to who owned Unix. The conventional wisdom was that Novell would be a reasonable caretaker for the Unix IP, and would be unlikely to use it against Linux or those who used it.

Life is definitely less clear now that Novell is being consumed by Attachmate. For one thing, part of the deal involves transferring a big chunk of Novell IP to a company fronting for Microsoft. Hopefully, it's just the normal collection of garbage software patents every big company seems to end up with, and not anything that would provide an avenue of attack against Linux.

Rant of the Week: Injection Protection

I'm not sure what they're teaching up at those new-fangled universities these days, but it sure ain't software security. At least that's the assumption I have to make, given the number of SQL and Shell injection attacks I hear about every month.

My whine last week was about null pointer exceptions. They're sloppy, but usually harmless. Injection attacks can take down your entire system or reveal sensitive data to bad guys. In my misspent youth, I ran a chat system and added email support so people could send mail from inside the program. I made the mistake of appending the email address to the end of a string that got run as a shell command. It wasn't long before some "clever" vandal used the email address ";rm -fr ." There went my entire (non-backed-up) source tree.

Open source software is particularly vulnerable to SQL injection attacks, because the SQL schema is generally known. If you're lazy, and build queries using string concats with user-supplied data, it's trivial to enter data that succeeds, but also inserts or deletes data, in entirely different tables. You should always use the parameterized tools to place data into queries or inserts, and probably self-sanitize the data as well.

You should also run queries with the minimum credentials required, e.g., have a database user that can only do selects and use it for any parts of the system that don't require database updates. And have a privileged user be the only one that can update or access sensitive parts of the database.

That's it for this week. Suggestions are always welcome, so please send tips or news here.

PlanetMySQL Voting: Vote UP / Vote DOWN

Here's what's new for the trendy developer this week:

Java's future on Apple: Slightly less in doubt

Last week, it looked like Apple was all "You're not welcome here, Java." In the changeable world that is Jobsland, this week Apple was offering to marry the language, reiterating their support for Java in OS X, and indicating that they would be supplying code and resources to the OpenJDK project.

As I've noted before, this makes sense for Apple, because it gets them out of the JVM business, and makes Oracle the one-stop shopping solution for all your JDK and JRE needs. It also means that the Mac can be added as a regression-tested target for a new version of Java, hopefully avoiding the kind of Java versioning snafus that rendered IBM's SPSS (or is it PAWS this week?) statistics package broken for the last month or so.

Apple makes nice with Java and lets the Google Voice app hit the iPhone in the same week. Could peace in the Middle East be next?

Editorial: NPEs must die

Staying on a Java theme, probably the most common error messages I see on websites (after the all-too-common IIS MSQL database) are Java Null Pointer Exceptions (NPE). If you're not a Java person, an NPE is what you get when you try to call a method on an object, but the variable holding the object contains null, rather than a real object.

NPEs are to Java what bad pointer references are to C. The difference is that, unlike C, an NPE in Java is usually a non-fatal event. In a web server container like Tomcat, an uncaught NPE ends up as status code 500 HTTP backtrace spam.

NPEs are a direct result of not checking the validity of arguments and data before operating on it. Too many Java programmers are lazy, and assume because an NPE doesn't crash things, they can just let it trickle up the stack until someone catches it.

This is just plain bad coding. An NPE tells you almost nothing about what really went wrong. Instead, Java developers should check objects before invoking methods on them, and throw a more specific and meaningful runtime exception, such as an IllegalArgumentException, with details about what value was incorrect.

The same holds true for other languages, of course. It's always a best practice to verify values external to the current context. Java developers just seem to be especially bad about it. So remember folks, trust but verify!

And speaking of MSQL

This must be my week for segues, because speaking of MSQL, Microsoft released a CTP version of SQL Server 2011 (Denali, they call it). CTP is Community Technology Preview, which is kinda Microsoftease for "beta."

Love it or hate it, MSQL powers a lot of the web, and a new turn of SQL Server is a big deal for that part of the world that runs on 96-octane .NET fuel. Database technology is pretty much a two-horse game these days, now that Oracle owns the former third horse (MySQL.) A new SQL Server will hopefully raise the bar enough to get some new and interesting things out of Oracle's two database projects.

Another day on the JavaScript racetrack

Probably the most commonly programmed platform these days is JavaScript on the browser. As a result, browser vendors take their JavaScript performance numbers very seriously. For a while, Chrome has been the target to beat. Ok, technically, Opera has been posting better numbers lately, but Opera has never managed to build significant market share. Let's just say that Chrome has had the best numbers among the big 4 (IE, Firefox, Chrome, Safari).

Mozilla evidently decided not to take things lying down. The latest version of the Firefox 4 beta has turned in speed numbers the Road Runner would find respectable. How long will it take Google to respond? Or, will the new IE beta come from behind to snatch the crown of JavaScript performance? Personally, I'd prefer that Google fix Chrome so Flash doesn't break on the Mac if you look at it funny ...

That's it for this week. Suggestions are always welcome, so please send tips or news here.

PlanetMySQL Voting: Vote UP / Vote DOWN

The Apache Software Foundation’s latest statement on the Java Community Process highlights continued dissatisfaction and dissent from Oracle’s stewardship and involvement in open source software.

This comes after some ups and downs for Oracle and its oversight of Java and other open source software that was previously under the auspices of Sun Microsystems. Oracle started off on a rough path when it sued Google over its implementation of Java in Android without preemptively or clearly stating that it was not attacking open source. At about the same time, it let OpenSolaris die a slow, somewhat confusing death. Oracle won a point when IBM came out with its support in favor of the JCP and OpenJDK over Apache Harmony, and this contributes to the adversarial positioning between Oracle and the Apache Software Foundation. However, Oracle has also seen an erosion of open source support and confidence as OpenOffice.org developers have migrated away from Oracle, many to contribute to the new Libre Office project.

Oracle’s moves illustrate the company’s lack of complete understanding of open source and the value of open source software communities. While it appreciates and leverages open source as an effective, efficient software development approach, it does not truly see the value of providing software to a community and attaining benefits of efficiency, reach and innovation as a result. This is not to say that supporting an open source software community will automatically translate into commercial and community success (not the case with Symbian, for example), but Oracle does not appear to support community as a priority in its proprietary and admittedly successful software strategy.

MySQL can be an example of Oracle doing things right with open source, though we may see similar dissatisfaction and defection as Oracle moves further toward commercialization and further away from free, community software. Still, Oracle at least showed it could continue and contribute and support a successful open source project in the case of MySQL. The same may not be said for OpenSolaris, OpenOffice.org or, increasingly it appears, Java.

PlanetMySQL Voting: Vote UP / Vote DOWN