Re: Multiple instances of MySQL
On Thursday 09 April 2009 21:43:36 Brent Bloxam wrote: Mel Flynn wrote: Any reason a jail can't be used? This would allow sharing the binary using null or union fs, little overhead, yet seperated from host install and no maintenance of port installed files, like rc.d/mysql-server. Unionfs, unix sockets and flush operations don't like each other from what I know, so make sure your database directory and socket aren't going to be located on a unionfs mount and you should be okay. Someone feel free to correct me if I'm wrong on this, but I definitely haven't been able to get MySQL to play nice with unionfs Haven't tried. It makes no sense to me to union/null fs /var and /tmp. Just /usr/local to share binaries or /usr in case you also want to share OS binaries, but for a dedicated jail, the gain of that is minimal (OS upgrade doesn't require an extra installworld with jail DESTDIR, but mergemaster still needs to be done and requires most operator attention). -- Mel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Multiple instances of MySQL
Mel Flynn wrote: Any reason a jail can't be used? This would allow sharing the binary using null or union fs, little overhead, yet seperated from host install and no maintenance of port installed files, like rc.d/mysql-server. Unionfs, unix sockets and flush operations don't like each other from what I know, so make sure your database directory and socket aren't going to be located on a unionfs mount and you should be okay. Someone feel free to correct me if I'm wrong on this, but I definitely haven't been able to get MySQL to play nice with unionfs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Multiple instances of MySQL
On Tuesday 07 April 2009 14:55:26 DAve wrote: However, I would suggest that you provide, as you suggest, a separate instance of mysql just for this client as well. If they screw up the instance they won't affect other customers. To run a separate instance, I would suggest using different names for the binaries, conf files and datadir. This can be easily done using symlinks; e.g. mysql and mysql-special. Then copy the startup script in /usr/local/etc/rc.d/, rename it to mysql-special and edit it to change all references to the newly-named instance. Use a my-special.cnf file for the special instance and reference it in /etc/rc.conf using mysql_args=. Thanks, looks like it would be doable. I do plan to use a separate my.cnf, separate logging, and even a seperate mysql DB. I was going to share the binaries but I may rethink that decision after your suggestion. Any reason a jail can't be used? This would allow sharing the binary using null or union fs, little overhead, yet seperated from host install and no maintenance of port installed files, like rc.d/mysql-server. -- Mel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Multiple instances of MySQL
Norbert Papke wrote: On April 6, 2009, DAve wrote: Has anyone setup two instances of MySQL on the same server? One running just a client's DBs? Any advice would be helpful. It's just a matter of making sure that the two instances don't share any ports or files. It works well. You'll have to create a custom my.cnf file and start-up script for your second instance. That is as I suspected. Thanks. DAve -- Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it. John Quincy Adams http://appleseedinfo.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Multiple instances of MySQL
Paul Schmehl wrote: --On April 6, 2009 11:41:06 PM -0400 DAve dave.l...@pixelhammer.com wrote: Olivier Nicole wrote: Hi, Has anyone setup two instances of MySQL on the same server? One running just a client's DBs? Any advice would be helpful. That is not answering your question directly, but MySQL works finr over an SSH tunnel. You'd have your users connect/authenticate with SSH first to establish the tunnel, then they'd use the tunnel to forward the NySQl connection. I doubt the would be an option without a GUI to do everything for the user. I suggested a VPN which we can setup easily with a Cisco Client. No answer back from the account manager on that option. If your client needs a gui to access mysql, why not use phpmyadmin (or a similar gui-based admin utility) and restrict access to his IP(s)? You can do this with your firewall rules or by using .htaccess. You can also force SSL connections, which would protect against MITM attacks on a cleartext session. Nope, no web based php admin tools here. Won't touch them. I ahve enough security items to track every day. (You can also require SSL and secure auth for the db and restrict access by IP using the format usern...@fqdn, but you stated that you're not comfortable depending *only* upon mysql's security capabilities.) However, I would suggest that you provide, as you suggest, a separate instance of mysql just for this client as well. If they screw up the instance they won't affect other customers. To run a separate instance, I would suggest using different names for the binaries, conf files and datadir. This can be easily done using symlinks; e.g. mysql and mysql-special. Then copy the startup script in /usr/local/etc/rc.d/, rename it to mysql-special and edit it to change all references to the newly-named instance. Use a my-special.cnf file for the special instance and reference it in /etc/rc.conf using mysql_args=. Thanks, looks like it would be doable. I do plan to use a separate my.cnf, separate logging, and even a seperate mysql DB. I was going to share the binaries but I may rethink that decision after your suggestion. Thanks for the response. DAve -- Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it. John Quincy Adams http://appleseedinfo.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Multiple instances of MySQL
Hi, Has anyone setup two instances of MySQL on the same server? One running just a client's DBs? Any advice would be helpful. That is not answering your question directly, but MySQL works finr over an SSH tunnel. You'd have your users connect/authenticate with SSH first to establish the tunnel, then they'd use the tunnel to forward the NySQl connection. Best regards, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Multiple instances of MySQL
On April 6, 2009, DAve wrote: Has anyone setup two instances of MySQL on the same server? One running just a client's DBs? Any advice would be helpful. It's just a matter of making sure that the two instances don't share any ports or files. It works well. You'll have to create a custom my.cnf file and start-up script for your second instance. More info: http://dev.mysql.com/doc/refman/5.1/en/multiple-servers.html Remember to specify the alternate port when using programs such as 'mysql' command line client. Cheers, -- Norbert Papke. npa...@acm.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Multiple instances of MySQL
Olivier Nicole wrote: Hi, Has anyone setup two instances of MySQL on the same server? One running just a client's DBs? Any advice would be helpful. That is not answering your question directly, but MySQL works finr over an SSH tunnel. You'd have your users connect/authenticate with SSH first to establish the tunnel, then they'd use the tunnel to forward the NySQl connection. I doubt the would be an option without a GUI to do everything for the user. I suggested a VPN which we can setup easily with a Cisco Client. No answer back from the account manager on that option. DAve -- Posterity, you will know how much it cost the present generation to preserve your freedom. I hope you will make good use of it. If you do not, I shall repent in heaven that ever I took half the pains to preserve it. John Quincy Adams http://appleseedinfo.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Multiple instances of MySQL
--On April 6, 2009 11:41:06 PM -0400 DAve dave.l...@pixelhammer.com wrote: Olivier Nicole wrote: Hi, Has anyone setup two instances of MySQL on the same server? One running just a client's DBs? Any advice would be helpful. That is not answering your question directly, but MySQL works finr over an SSH tunnel. You'd have your users connect/authenticate with SSH first to establish the tunnel, then they'd use the tunnel to forward the NySQl connection. I doubt the would be an option without a GUI to do everything for the user. I suggested a VPN which we can setup easily with a Cisco Client. No answer back from the account manager on that option. If your client needs a gui to access mysql, why not use phpmyadmin (or a similar gui-based admin utility) and restrict access to his IP(s)? You can do this with your firewall rules or by using .htaccess. You can also force SSL connections, which would protect against MITM attacks on a cleartext session. (You can also require SSL and secure auth for the db and restrict access by IP using the format usern...@fqdn, but you stated that you're not comfortable depending *only* upon mysql's security capabilities.) However, I would suggest that you provide, as you suggest, a separate instance of mysql just for this client as well. If they screw up the instance they won't affect other customers. To run a separate instance, I would suggest using different names for the binaries, conf files and datadir. This can be easily done using symlinks; e.g. mysql and mysql-special. Then copy the startup script in /usr/local/etc/rc.d/, rename it to mysql-special and edit it to change all references to the newly-named instance. Use a my-special.cnf file for the special instance and reference it in /etc/rc.conf using mysql_args=. Paul Schmehl, If it isn't already obvious, my opinions are my own and not those of my employer. ** WARNING: Check the headers before replying ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org