MariaDB: MaxScale 2.0 given the full SSL streaming Monty
Generally available now
MariaDB has this afternoon made version 2.0 of MaxScale, its database proxy, generally available.
The new version of the database proxy arrives with additional features for streaming, security, scalability and availability, which it provides while sat between the application client and the database.
Consisting of a generic core and plugins, MaxScale provides an
epoll-based and multithreaded stateless protocol, as well as a shared thread pool to provide core services, around which users can build plugins to handle additional services.
Version 2.0 arrives with a new feature for data streaming, allowing MaxScale to subscribe directly to the binary log which contains a record of all changes to the database. MaxScale 2.0 can now receive that data, change its format to JSON, for instance, and then push the changes to Kafka, Spark, Cassandra, or Hadoop.
Talking to The Register, MariaDB's Roger Bodamer explained that the company believed this was better to do through a proxy rather than directly through the database.
He added: "Through the same mechanism that we've used for data streaming we now also enable the proxy itself to hand over requests to many more slaves that it used to."
The database proxy now externalises the replication process from the database itself, becoming the mechanism by which data gets replicated to many more slaves, and this can now all be done with end-to-end Secure Sockets Layer communications.
"We used to have SSL from client to MaxScale, not all the way through to the database," said Bodamer. Previously the SSL connection terminated at the proxy before continuing on. Bodamer said: "We have very large customers who also want SSL in the data centre, and this feature enables that."
Additionally, MaxScale's security console can now can be made inaccessible over network connections - to only accept connections on the server itself. According to Bodamer, this again is a large database feature, which can mean that the security console is only accessible on the same machine where the proxy is running.
An additional feature allows connection rate limitations, not simply to prevent malicious DDoS attacks, but also to handle "overloading by legitimate infrastructure," as Bodamer said.
In terms of availability, Bodamer said the business doesn't want a single point of failure in MaxScale. Now the proxy can maintain the cursor's state even if in the middle of a connection the database is lost.
Automatic failover and asynchronous replication to hold onto uptime and minimise downtime will ensure that there's transparent failover from one database to another if one of those databases was to be lost, he said.
MaxScale 2.0's general availability follows a beta release which received criticism from FOSS die-hards, with a former MariaDB employee describing plans to release it under CTO Monty Widenius' own Business Source License as tantamount to treachery.
Widenius dismissed the claims that MaxScale 2.0 showed the company was veering away from open source, and told The Register that his firm’s embrace of a commercial licence was "critical" to delivering new revenue to the businesses, and thus allow for the continued development of open-source software. ®
Sponsored: Becoming a Pragmatic Security Leader