Difference between revisions of "CLI - Database"

 
(18 intermediate revisions by the same user not shown)
Line 2: Line 2:
 
The imRAD use the MariaDB server<ref>https://en.wikipedia.org/wiki/MariaDB</ref>. We name it "mysql". In this wiki, you use  both terms "MariaDB" and "mysql", but they are the same.
 
The imRAD use the MariaDB server<ref>https://en.wikipedia.org/wiki/MariaDB</ref>. We name it "mysql". In this wiki, you use  both terms "MariaDB" and "mysql", but they are the same.
  
=== Database Connection Properties ===
+
=== Verifying Database ===
If you run the <code>show system mariadb</code> command, it shows the version of the Database.
+
You can verify the status, variables, and so on by using the <code>show database {ARG}</code> command.
All Database Connection Properties are securely encrypted. If you want to see properties as plaintext, use the <code>show database property</code> command.<br>
 
The imRAD consists of three types of Database Connection Properties.
 
 
{| class="wikitable"
 
{| class="wikitable"
! style='width:50px' | ID !! Name !! Description
+
! style='width:150px' | argument !! Description
 
|-
 
|-
| style='text-align:center' | 0 || MainDB || It is the properties for imRAD main database. If there are two systems for the purpose of the [[System Failover]], one of them is the main system. In other words, an active system is the main system and it has the main database.
+
| backup || It shows you the backup configuration and files.
 
|-
 
|-
| style='text-align:center' | 2 || LocalDB || It is the properties for local database.  
+
| connection || It shows you information about which protocol is used.<ref>https://mariadb.com/kb/en/mysql-command-line-client/</ref>
 
|-
 
|-
| style='text-align:center' | 3 || PeerDB || If you configure the [[System Failover]], these properties are written. If not, no properties for the type 3 exist.
+
| process || It shows you which threads are running.<ref>https://mariadb.com/kb/en/show-processlist/</ref>
 +
* ID: The client's process ID.
 +
* USER: The username associated with the process.
 +
* HOST: The host the client is connected to.
 +
* DB: The default database of the process (NULL if no default).
 +
* COMMAND: The command type.<ref>https://mariadb.com/kb/en/thread-command-values/</ref>
 +
* TIME: The amount of time, in seconds, the process has been in its current state.
 +
* INFO: The statement being executed.
 +
* PROGRESS: The total progress of the process (0-100%) (see Progress Reporting).
 +
|-
 +
| property || It shows you decrypted database connection properties.
 +
|-
 +
| replication || You can see the status of the MySQL replication.
 +
|-
 +
| status || It shows you the status of MySQL service.
 +
|-
 +
| variable || It shows you the MySQL global variables.
 
|-
 
|-
 
|}
 
|}
  
Note that the leading five characters of the password are marked to * for the purpose of security.
+
If you run the <code>show system mariadb</code> command, it shows the version of the Database. You can also check the status of the database by entering the <code>show service mysql</code> or <code>show service status mysql</code>
<pre>LYSH@MyHostName# show database property 0 // Display the database connection properties of the MainDB (1)
+
<pre>
  Host:127.0.0.1
+
LYSH@MyHostName# show system mariadb
  Port:6710
+
Database server              : 10.4.19-MariaDB, for debian-linux-gnu (x86_64)
  User-id:lyon
 
  User-Password:*****y@nu24
 
</pre>
 
  
=== Configuring Database Connection Properties ===
+
LYSH@MyHostName# show service mysql
You can configure the host of Database Connection Properties. However, you don't need to configure because If you configure the System Failover, the properties for other types are set automatically. Therefore, If there's no problem, DO NOT configure the Database Connection Properties.
+
● mariadb.service - MariaDB 10.4.19 database server
<pre>
+
    Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled)
LYSH@MyHostName# configure
+
    Drop-In: /etc/systemd/system/mariadb.service.d
configure# database property create 2 127.0.0.1 // Configuring the host of the LocalDB(2) to 127.0.0.1
+
            └─migrated-from-my.cnf-settings.conf
configure# exit
+
    Active: active (running) since Tue 2021-05-11 15:44:07 KST; 6 days ago
LYSH@MyHostName# show database property 2 // Display the database connection properties of the LocalDB(2)
+
.....
 
</pre>
 
</pre>
  
 
=== Configuring Database backup ===
 
=== Configuring Database backup ===
You can configure to have the system can backup the database. Note that the imRAD is already enabled to backup the database.
+
You can configure to have the system can backup the database and the imRAD is already enabled to backup the database.
 
The default configuration is
 
The default configuration is
 
* db_backup_interval=1
 
* db_backup_interval=1
 
* db_backup_hour=3
 
* db_backup_hour=3
 
* max_db_backup_file=5
 
* max_db_backup_file=5
The above configurations mean that the system backup the database at 3 o'clock every 1 day and remain only a recent 5 backup files. In other words, if there are more than 5 backup files after backup, the oldest one is removing.  
+
The above configurations mean that the system backup the database at 3 o'clock every 1 day and remain only a recent 5 backup files. In other words, if there are more than 5 backup files after backup, the oldest one is removed.  
 
<pre>
 
<pre>
 
LYSH@MyHostName# show system db_backup // view the current database backup configuration
 
LYSH@MyHostName# show system db_backup // view the current database backup configuration
Line 59: Line 70:
 
</pre>
 
</pre>
  
If you type <code>show files dbbackup</code>, it lists all backup files.
+
You can verify the current database backup configuration and backup files by the <code>show database backup</code> command
 +
<pre>
 +
LYSH@MyHostName# show database backup
 +
db_backup                    : enable
 +
db_backup_interval            : 1
 +
db_backup_hour                : 3
 +
max_db_backup_file            : 5
 +
last_db_backup_datetime      : 2021-04-28 03:30:01
 +
last_db_backup_state          : success
 +
 
 +
total 1.7M
 +
-rw-r--r-- 1 root root  20 Apr 25 03:30 backup_210425.sql.gz
 +
-rw-r--r-- 1 root root  20 Apr 26 03:30 backup_210426.sql.gz
 +
-rw-r--r-- 1 root root  20 Apr 27 03:30 backup_210427.sql.gz
 +
-rw-r--r-- 1 root root  20 Apr 28 03:30 backup_210428.sql.gz
 +
</pre>
 +
 
 +
 
 +
=== Database password ===
 +
If you want to change the database password, enter the <code>database password</code> command.
 +
<pre>
 +
LYSH@MyHostName# configure
 +
LYSH@MyHostName(config) # database password
 +
New password: ***********
 +
Confirm password: ***********
 +
misc: The Database password was changed.
 +
LYSH@MyHostName(config)# exit
 +
LYSH@MyHostName# show system database
 +
Main Database                : lyon/*****y@nu24@127.0.0.1:6710
 +
Local Database                : lyon/*****y@nu24@127.0.0.1:6710
 +
</pre>
 +
{{note|If your system is configured the failover, you must change the password of the active database and then change the password of the passive(standby) database to the same password as the active database. The method of changing the database password of the active device is the same as mentioned above.}}
 +
''Changing password in the passive(standby) database'' <br />
 +
In an environment where the failover is operated, the password of the passive device must be the same as the password of the active device,
 +
so if it is successful after attempting to access the active device, it will be changed to that password.
 +
<pre>
 +
LYSH@MyHostName# configure
 +
LYSH@MyHostName(config) # database password
 +
Notice:
 +
This device is the failover passive(standby) and must be set the same password as the active database.
 +
Therefore, the database password will be changed to the same password as the active device.
 +
Do you want to continue? [y/n]y
 +
Input the password of active Database(a.b.c.d):***********
 +
success
 +
misc: The database password of the failover passive device was changed.
 +
LYSH@MyHostName(config)# exit
 +
</pre>
 +
 
 +
=== Database Exporting ===
 +
You can export one or all databases by entering the <code>mysql export</code> on user mode. It saves exported data in the specified directory.
 +
<pre>
 +
LYSH@MyHostName# mysql export
 +
1) lyon
 +
2) lyon_dhcp
 +
3) lyon_history
 +
4) lyon_log
 +
5) lyon_mailbox
 +
6) lyon_rad
 +
7) lyon_stat
 +
8) all
 +
Select databases number: 1
 +
Please enter a backup file name: backup
 +
Do you want to include the data?(Y/n default[Y]): y
 +
 
 +
LYSH@MyHostName# show database backup
 +
db_backup=enable
 +
db_backup_interval=1
 +
db_backup_hour=3
 +
max_db_backup_file=5
 +
last_db_backup_datetime=2022-01-27 03:30:02
 +
last_db_backup_state=success
 +
 
 +
-rw-r--r-- 1 root root 1115294 Jan 27 20:13 backup.gz
 +
-rw-r--r-- 1 root root 3440103 Jan 23 03:30 backup_220123.sql.gz
 +
...
 +
</pre>
 +
=== Database Importing ===
 +
This command can recover the database from a backed-up file. If the current database is corrupted or other problems occur, you can recover a recent backup file.
 +
<pre>
 +
LYSH@MyHostName# mysql import
 +
1) backup.gz
 +
2) backup_220123.sql.gz
 +
3) backup_220124.sql.gz
 +
4) backup_220125.sql.gz
 +
5) backup_220126.sql.gz
 +
6) backup_220127.sql.gz
 +
7) update
 +
Select backup file number: 2
 +
</pre>
 +
{{note|When data is recovered through the command, all current data is deleted and they are replaced with the data in the backup file, so use it only if there are problems with the database.}}
  
 
=== Connect to Database(mysql) ===
 
=== Connect to Database(mysql) ===
You can access a database directly if necessary by the <code>mysql</code> command.
+
You can access a database directly if necessary by entering the <code>mysql</code> command on user mode.
If you want to access a database using "root", you must request an One Time Password (OTP)<ref>http://issue.basein.net</ref>.
+
If you want to access a database using "root", you must request a One Time Password (OTP)<ref>http://issue.basein.net</ref>.
  
 
You should bear in mind that accessing the Database should be only for the purpose of maintenance or fixing problems.
 
You should bear in mind that accessing the Database should be only for the purpose of maintenance or fixing problems.
  
 +
=== TLS ===
 +
If you want to have all applications connect securely to the database, you can enable MySQL TLS connection by entering the <code>mysql_tls</code> command on configuration mode.
 +
After configuring it, you must restart all services to apply.
 +
LYSH@MyHostName# configure
 +
configure# mysql_tsl yes
 +
configure# exit
 +
LYSH@MyHostName# show system mysql_tls
 +
mysql_tls                    : yes
  
=== mysql ===
+
{{note | This configuration does not affect the "radiusd" service. To enable the "radiusd" service TLS connection, you must configure it from the management interface(RADIUS> Settings> General> [[RADIUS_Settings_-_General#RADIUS_Database_Configuration | RADIUS Database Configuration]]).}}
You can verify the status, variables, and so on by using the <code>show mysql {ARG}</code> command.
 
{| class="wikitable"
 
! style='width:150px' | argument !! Description
 
|-
 
| connection || It shows you information about which protocol is used.<ref>https://mariadb.com/kb/en/mysql-command-line-client/</ref>
 
|-
 
| process || It shows you which threads are running.<ref>https://mariadb.com/kb/en/show-processlist/</ref>
 
* ID: The client's process ID.
 
* USER: The username associated with the process.
 
* HOST: The host the client is connected to.
 
* DB: The default database of the process (NULL if no default).
 
* COMMAND: The command type. See Thread Command Values.
 
* TIME: The amount of time, in seconds, the process has been in its current state.
 
* INFO: The statement being executed.
 
* PROGRESS: The total progress of the process (0-100%) (see Progress Reporting).
 
 
 
|-
 
| replication || You can see the status of the MySQL replication.
 
|-
 
| status || It shows you the status of MySQL service.
 
|-
 
| variable || It shows you the MySQL global variables.
 
|-
 
|}
 
 
 
  
 
=== References ===
 
=== References ===

Latest revision as of 10:24, 28 January 2022

The imRAD use the MariaDB server[1]. We name it "mysql". In this wiki, you use both terms "MariaDB" and "mysql", but they are the same.

Verifying Database

You can verify the status, variables, and so on by using the show database {ARG} command.

argument Description
backup It shows you the backup configuration and files.
connection It shows you information about which protocol is used.[2]
process It shows you which threads are running.[3]
  • ID: The client's process ID.
  • USER: The username associated with the process.
  • HOST: The host the client is connected to.
  • DB: The default database of the process (NULL if no default).
  • COMMAND: The command type.[4]
  • TIME: The amount of time, in seconds, the process has been in its current state.
  • INFO: The statement being executed.
  • PROGRESS: The total progress of the process (0-100%) (see Progress Reporting).
property It shows you decrypted database connection properties.
replication You can see the status of the MySQL replication.
status It shows you the status of MySQL service.
variable It shows you the MySQL global variables.

If you run the show system mariadb command, it shows the version of the Database. You can also check the status of the database by entering the show service mysql or show service status mysql

LYSH@MyHostName# show system mariadb
Database server               : 10.4.19-MariaDB, for debian-linux-gnu (x86_64)

LYSH@MyHostName# show service mysql
● mariadb.service - MariaDB 10.4.19 database server
     Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled)
    Drop-In: /etc/systemd/system/mariadb.service.d
             └─migrated-from-my.cnf-settings.conf
     Active: active (running) since Tue 2021-05-11 15:44:07 KST; 6 days ago
.....

Configuring Database backup

You can configure to have the system can backup the database and the imRAD is already enabled to backup the database. The default configuration is

  • db_backup_interval=1
  • db_backup_hour=3
  • max_db_backup_file=5

The above configurations mean that the system backup the database at 3 o'clock every 1 day and remain only a recent 5 backup files. In other words, if there are more than 5 backup files after backup, the oldest one is removed.

LYSH@MyHostName# show system db_backup		// view the current database backup configuration
db_backup task                : Active
db_backup                     : enable
db_backup_interval            : 1
db_backup_hour                : 3
max_db_backup_file            : 5
last_db_backup_datetime       : 2021-04-28 03:30:01
last_db_backup_state          : success

LYSH@MyHostName# configure
configure# database backup enable		// enable database backup
configure# database backup disable		// disable database backup
configure# database backup hour 5		// Configure the starting hour of database backup
configure# database backup interval 2		// Configure the database backup interval in days
configure# database backup maxfile 3		// Configure the maximum number of database backup files to keep

You can verify the current database backup configuration and backup files by the show database backup command

LYSH@MyHostName# show database backup
db_backup                     : enable
db_backup_interval            : 1
db_backup_hour                : 3
max_db_backup_file            : 5
last_db_backup_datetime       : 2021-04-28 03:30:01
last_db_backup_state          : success

total 1.7M
-rw-r--r-- 1 root root   20 Apr 25 03:30 backup_210425.sql.gz
-rw-r--r-- 1 root root   20 Apr 26 03:30 backup_210426.sql.gz
-rw-r--r-- 1 root root   20 Apr 27 03:30 backup_210427.sql.gz
-rw-r--r-- 1 root root   20 Apr 28 03:30 backup_210428.sql.gz


Database password

If you want to change the database password, enter the database password command.

LYSH@MyHostName# configure
LYSH@MyHostName(config) # database password
New password: ***********
Confirm password: ***********
misc: The Database password was changed.
LYSH@MyHostName(config)# exit
LYSH@MyHostName# show system database
Main Database                 : lyon/*****y@nu24@127.0.0.1:6710
Local Database                : lyon/*****y@nu24@127.0.0.1:6710

If your system is configured the failover, you must change the password of the active database and then change the password of the passive(standby) database to the same password as the active database. The method of changing the database password of the active device is the same as mentioned above.

Changing password in the passive(standby) database
In an environment where the failover is operated, the password of the passive device must be the same as the password of the active device, so if it is successful after attempting to access the active device, it will be changed to that password.

LYSH@MyHostName# configure
LYSH@MyHostName(config) # database password
Notice:
This device is the failover passive(standby) and must be set the same password as the active database.
Therefore, the database password will be changed to the same password as the active device.
Do you want to continue? [y/n]y
Input the password of active Database(a.b.c.d):***********
success
misc: The database password of the failover passive device was changed.
LYSH@MyHostName(config)# exit

Database Exporting

You can export one or all databases by entering the mysql export on user mode. It saves exported data in the specified directory.

LYSH@MyHostName# mysql export
1) lyon
2) lyon_dhcp
3) lyon_history
4) lyon_log
5) lyon_mailbox
6) lyon_rad
7) lyon_stat
8) all
Select databases number: 1
Please enter a backup file name: backup
Do you want to include the data?(Y/n default[Y]): y

LYSH@MyHostName# show database backup
db_backup=enable
db_backup_interval=1
db_backup_hour=3
max_db_backup_file=5
last_db_backup_datetime=2022-01-27 03:30:02
last_db_backup_state=success

-rw-r--r-- 1 root root 1115294 Jan 27 20:13 backup.gz
-rw-r--r-- 1 root root 3440103 Jan 23 03:30 backup_220123.sql.gz
...

Database Importing

This command can recover the database from a backed-up file. If the current database is corrupted or other problems occur, you can recover a recent backup file.

LYSH@MyHostName# mysql import
1) backup.gz
2) backup_220123.sql.gz
3) backup_220124.sql.gz
4) backup_220125.sql.gz
5) backup_220126.sql.gz
6) backup_220127.sql.gz
7) update
Select backup file number: 2

When data is recovered through the command, all current data is deleted and they are replaced with the data in the backup file, so use it only if there are problems with the database.

Connect to Database(mysql)

You can access a database directly if necessary by entering the mysql command on user mode. If you want to access a database using "root", you must request a One Time Password (OTP)[5].

You should bear in mind that accessing the Database should be only for the purpose of maintenance or fixing problems.

TLS

If you want to have all applications connect securely to the database, you can enable MySQL TLS connection by entering the mysql_tls command on configuration mode. After configuring it, you must restart all services to apply.

LYSH@MyHostName# configure
configure# mysql_tsl yes
configure# exit
LYSH@MyHostName# show system mysql_tls
mysql_tls                     : yes

This configuration does not affect the "radiusd" service. To enable the "radiusd" service TLS connection, you must configure it from the management interface(RADIUS> Settings> General> RADIUS Database Configuration).

References