This time we are dividign this section in 4 topics:
1. Installing percona
2. Installing Sysbench
3. Enablingaesni
4. Ecnrypting /var/lib/mysql
5. Issuing a sysbench test
INSTALLING Percona
From: http://www.percona.com/doc/percona-server/5.5/installation/apt_repo.html
Add this to /etc/apt/sources.list, replacing VERSION with the name of your distribution:
Start and stop percona to verify that it is working:
2. INSTALLING SYSBENCH
That is it! Later we will prepare a database and execute a test
3. ENABLING AESNI
4. encrypting with zNcrypt
Let's say it is already installed and /mnt/encrypt is our encryption directory.
Add the rule zncrypt acl --add --rule="ALLOW @mysql * /usr/sbin/mysqld"
as well as "ALLOW @mysql * /usr/bin/mysqld_safe --shell=/bin/dash"
5. EXECUTING SYSBENCH
First lets create sbtest database:
Now let's prepare sysbench:
Then test a with multiple threads:
Check the aesni_intel usage
Enjoy!
P.S. No Flags for today!
1. Installing percona
2. Installing Sysbench
3. Enablingaesni
4. Ecnrypting /var/lib/mysql
5. Issuing a sysbench test
INSTALLING Percona
From: http://www.percona.com/doc/percona-server/5.5/installation/apt_repo.html
ubuntu@ip-10-40-255-125:~$ gpg --keyserver hkp://keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
gpg: directory `/home/ubuntu/.gnupg' created
gpg: new configuration file `/home/ubuntu/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/ubuntu/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/home/ubuntu/.gnupg/secring.gpg' created
gpg: keyring `/home/ubuntu/.gnupg/pubring.gpg' created
gpg: requesting key CD2EFD2A from hkp server keys.gnupg.net
gpg: /home/ubuntu/.gnupg/trustdb.gpg: trustdb created
gpg: key CD2EFD2A: public key "Percona MySQL Development Team <mysql-dev@percona.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
ubuntu@ip-10-40-255-125:~$ gpg -a --export CD2EFD2A | sudo apt-key add -
OK
ubuntu@ip-10-40-255-125:~$
Add this to /etc/apt/sources.list, replacing VERSION with the name of your distribution:
Remember to update the local cache:
deb http://repo.percona.com/apt precise main
deb-src http://repo.percona.com/apt precise main
$ apt-get updateAfter that you can install the server and client packages
# apt-get install percona-server-server-5.5 percona-server-client-5.5
Start and stop percona to verify that it is working:
root@ip-10-40-255-125:/home/ubuntu# sudo service mysqld restart
mysqld: unrecognized service
root@ip-10-40-255-125:/home/ubuntu# sudo service mysql restart
* Stopping MySQL (Percona Server) mysqld [ OK ]
* Starting MySQL (Percona Server) database server mysqld [ OK ]
* Checking for corrupt, not cleanly closed and upgrade needing tables.
root@ip-10-40-255-125:/home/ubuntu# sudo service mysql status
* /usr/bin/mysqladmin Ver 8.42 Distrib 5.5.30, for Linux on x86_64
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Server version 5.5.30-30.2
Protocol version 10
Connection Localhost via UNIX socket
UNIX socket /var/run/mysqld/mysqld.sock
Uptime: 5 sec
Threads: 1 Questions: 106 Slow queries: 0 Opens: 171 Flush tables: 1 Open tables: 41 Queries per second avg: 21.200
root@ip-10-40-255-125:/home/ubuntu#
2. INSTALLING SYSBENCH
root@ip-10-40-255-125:/home/ubuntu# apt-get install sysbench
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
sysbench
0 upgraded, 1 newly installed, 0 to remove and 86 not upgraded.
Need to get 66.0 kB of archives.
After this operation, 170 kB of additional disk space will be used.
Get:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu/ precise/universe sysbench amd64 0.4.12-1build2 [66.0 kB]
Fetched 66.0 kB in 0s (398 kB/s)
Selecting previously unselected package sysbench.
(Reading database ... 62104 files and directories currently installed.)
Unpacking sysbench (from .../sysbench_0.4.12-1build2_amd64.deb) ...
Processing triggers for man-db ...
Setting up sysbench (0.4.12-1build2) ...
root@ip-10-40-255-125:/home/ubuntu# sys
sysbench sysctl
root@ip-10-40-255-125:/home/ubuntu# sysbench
That is it! Later we will prepare a database and execute a test
3. ENABLING AESNI
ubuntu@ip-10-40-255-125:~$ lsmod }| grep aesni
Usage: lsmod
ubuntu@ip-10-40-255-125:~$ lsmod | grep aesni
aesni_intel 55664 0
cryptd 20530 1 aesni_intel
aes_x86_64 17255 1 aesni_intel
ubuntu@ip-10-40-255-125:~$
4. encrypting with zNcrypt
Let's say it is already installed and /mnt/encrypt is our encryption directory.
Add the rule zncrypt acl --add --rule="ALLOW @mysql * /usr/sbin/mysqld"
as well as "ALLOW @mysql * /usr/bin/mysqld_safe --shell=/bin/dash"
root@ip-10-40-255-125:/home/ubuntu# zncrypt acl --add --rule="ALLOW @mysql * /usr/sbin/mysqld"
Type MASTER passphrase:
1 rule(s) were added
root@ip-10-40-255-125:/home/ubuntu# sudo service mysql stop
* Stopping MySQL (Percona Server) mysqld [ OK ]
root@ip-10-40-255-125:/home/ubuntu# zncrypt encrypt @mysql /var/lib/mysql /mnt/encrypted/
encrypt: invalid command action.
root@ip-10-40-255-125:/home/ubuntu# zncrypt-move encrypt @mysql /var/lib/mysql /mnt/encrypted/
Type MASTER passphrase:
Size to encrypt: 29928 Kb
Moving from: '/var/lib/mysql'
Moving to: '/mnt/encrypted/mysql/var/lib/mysql'
[=====================================================================>] 100%
Done.
root@ip-10-40-255-125:/home/ubuntu#
root@ip-10-40-255-125:/home/ubuntu# zncrypt acl --add --rule="ALLOW @mysql * /usr/bin/mysqld_safe --shell=/bin/dash"
Type MASTER passphrase:
1 rule(s) were added
root@ip-10-40-255-125:/home/ubuntu# sudo service mysql start
* Starting MySQL (Percona Server) database server mysqld [ OK ]
* Checking for corrupt, not cleanly closed and upgrade needing tables.
root@ip-10-40-255-125:/home/ubuntu#
5. EXECUTING SYSBENCH
First lets create sbtest database:
root@ip-10-40-255-125:/home/ubuntu# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 41
Server version: 5.5.30-30.2 Percona Server (GPL), Release 30.2
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> create database sbtest;
Query OK, 1 row affected (0.00 sec)
mysql> exit
Bye
root@ip-10-40-255-125:/home/ubuntu#
Now let's prepare sysbench:
root@ip-10-40-255-125:/home/ubuntu# sysbench --db-driver=mysql --test=oltp --mysql-user=root --max-requests=100000 --oltp-table-size=1000000 --mysql-password=root --mysql-db=sbtest --mysql-socket=/var/run/mysqld/mysqld.sock prepare
sysbench 0.4.12: multi-threaded system evaluation benchmark
Creating table 'sbtest'...
Creating 1000000 records in table 'sbtest'...
root@ip-10-40-255-125:/home/ubuntu#
Then test a with multiple threads:
Check the aesni_intel usage
root@ip-10-40-255-125:/home/ubuntu# lsmod | grep aesni
aesni_intel 55664 100
cryptd 20530 1 aesni_intel
aes_x86_64 17255 1 aesni_intel
root@ip-10-40-255-125:/home/ubuntu#
Enjoy!
P.S. No Flags for today!
No hay comentarios:
Publicar un comentario