Colin Charles Agenda

This is the third time MySQL has made an entry into the Oracle Critical Patch Update Advisory service. The first time, we at Team MariaDB came up with an analysis: Oracle’s 27 MySQL security fixes and MariaDB.

Security is important to a DBA. Having vague explanations does no one any good. Even Oracle ACE Director Ronald Bradford chooses to ask some tough questions on this issue. Recently we found a bug in MySQL & MariaDB and did some responsible disclosure as well. 

Security is a big deal to distributions shipping MySQL. It comes alongside having a good, accessible bugs system. Recall a discussion a while back about possibly even replacing MySQL with MariaDB (this led to a fun discussion and a long meeting at UDS Oakland to ensure choice).

These discussions always come back. Today on the Debian mailing list, the suggestion popped back up again. I’m sure it will pop up again in October when the next CPU includes some fixes in MySQL…

What is Oracle going to do about this? Will it start being more open (not with a select few folk, but with the wider community)?

When the mysql librarian closed, I didn’t think too much about it; it was a feature I probably never used. However this month brings the end of the mysql forge. The MySQL Forge was something I worked on while I was at MySQL so I am a little sad to see it go. 

Now for a little bit of a history lesson. We wanted some kind of “forge” back in 2005, because sourceforge was all the rage then (today, you can’t even find mariadb or mongodb listed there). We didn’t want to pay the exorbitant fees associated with sourceforge, so we investigated gforge. After studying it carefully, it would only allow us to use postgresql and changing the database structure for a rapidly developing piece of code wasn’t going to work for us; and we loved eating our own dogfood (mysql).

This meant writing our own code, and thus was born the mysql forge. We requisitioned two machines (forge1, forge2) of which I cannot remember the configuration of now. The only component we didn’t write was the wiki (we used mediawiki). What did we write? The interface to worklog (which looks like it stopped being synced in august 2011), a place to share tools & code (some 288 snippets, UDFs, scripts, etc.), and a project list (which is what the forge provided – over 400 projects that have relation to working with mysql). And the wiki had a chunk of documentation (over 600 pages). 

We launched the forge sometime in april 2006, probably at the mysql users conference 2006. Apparently since then the wiki alone has had 11,236,211 page views. We hacked the wiki quite a bit, and upgrades were always a little bit of hell, but things like single sign on, SpamBlacklist, etc. had to work. 

It seems like the new community resource is just that: community resources. There doesn’t seem to be a link to the new worklog, so its difficult for the community to comment on future worklog entries. The wiki is now hosted at oracle wiki’s, and it doesn’t look like all the content made it. For example I don’t see documentation for the random query generator anywhere… And what about all the code snippets even if the project list has gone?

All in, it was great to work on code with jay pipes, lenz grimmer, dups, and the feature driver giuseppe maxia. One regret was never having opensourced the code behind the forge.

Goodbye MySQL Forge. You served the community well for over five years.

One of the things we (Team MariaDB) talked quite a bit about since we released was PBXT. It was a feature differentiation to MySQL as we shipped another storage engine. It was included in MariaDB 5.1, 5.2, and 5.3; however with our release of MariaDB 5.5, PBXT (docs in the Knowledgebase) has been deprecated and not built by default any longer.

The reason behind it is clear: PBXT is currently not under active development. We still include it in the source releases and if you would like to use it, you just have to build it. If and when development around it comes back to an active state with bugs being fixed and the engine being pushed forward, I’m sure we’ll start building it again. In the meantime, much thanks to Paul McCullagh for developing a great transactional engine.

Just yesterday, I’m sure many saw Twitter opensourcing their MySQL implementation. It is based on MySQL 5.5 and the code is on Github.

For reference, the database team at Facebook has always been actively blogging, and keeping up their code available on Launchpad. Its worth noting that the implementation there is based on MySQL 5.0.84 and 5.1.

At Twitter, most of everything persistent is stored in MySQL – interest graphs, timelines, user data and those precious tweets themselves! At Facebook, its pretty similar – all user interactions like likes, shares, status updates, requests, etc. are all stored in MySQL (ref).

The media has picked up on it too. A fairly misinformed piece on GigaOm (MySQL has problems focused on Stonebrakers fate worst than death? Pfft. Facebook wants to move its code to github? Read the reasoning — its spam handling on LP.), and a shorter piece on CNET.

Both Twitter and Facebook code trees mention that its what they use in their environments, but it’s not supported in any way, shape or form. Facebook recommends Percona Server or MariaDB. Facebook also has tools like online schema change in the repository, amongst others like prefetching tools written in Python.

I haven’t had the chance to play with the Twitter release yet, but it looks like this can only push Percona Server and MariaDB forward. Based on 5.5, some of these BSD-licensed features can make it in, and some have already made it in I’m sure. And what pushes these servers, will push MySQL forward (see lots of new features in MySQL 5.6).

On a personal note, it is amazing to see some MySQL-alumni push this forward. At Twitter, there’s Jeremy Cole and Davi Arnaut. At Facebook, the team includes Domas Mituzas, Harrison Fisk, Yoshinori Matsunobu, Lachlan Mulcahy. Nothing would be complete without mentioning Mark Callaghan (though not-MySQL alumni, active MySQL community member) who led a MySQL team at Google, and now at Facebook.

When I was at MySQL, I took for granted that pretty much every website I used had software at the back of it that was basically MySQL. It was a nice feeling. MariaDB is a lot younger, so when I was in Paris and had to make a payment for the taxi I was sitting in, I smiled a little when I saw that Paybox Services was processing my transaction. Some might recall that Paybox Services deployed MariaDB, since the 5.2 release. It was a wonderful feeling that somewhere in that transaction, MariaDB was behind it!

Paybox wanted some features inside of MySQL 5.5 and have been holding out for MariaDB 5.5. Its kind of nice to see that today, MariaDB 5.5.22 has been released as a release candidate. It is only a matter of time before Paybox can benefit from things they’ve wanted like semi-sync replication.

Right after Percona Live Santa Clara (which MariaDB is quite present for), its worth noting there are a few more events happening on Friday, April 13, 2012 at the Hyatt Regency Santa Clara. MariaDB will be present at 2/3 of those events.

• SkySQL & MariaDB Solutions Day – go ahead and register
• Sphinx Search Day – if you dig full-text search, you should be present so go ahead and register

The one event MariaDB won’t be present at is the Drizzle Day. That doesn’t mean you can’t attend talks across all these events though — the schedules are synced so you can move freely across events. Friday in itself is like a mini-conf, because it seems like there will be four simultaneous tracks happening.