Microsoft acquired the popular mobile to do list application Wunderlist back in 2015, and now it’s preparing users for its eventual demise with the release of its new application “To-Do,” announced today. The new app was built by the team behind Wunderlist, and will bring in the favorite elements of that app in the months ahead, Microsoft says. The company also added that… Read More
In this blog post, we’ll look at how to run Percona XtraDB Cluster on Windows using Docker.
This is a follow-up to my previous post on Percona XtraBackup on Windows. The fact is that with Docker you can now run a variety of software applications on Windows that previously were available only for Linux platforms.
We can run (to evaluate and for testing purposes) several nodes of Percona XtraDB Cluster on a single Windows box.
The steps for this are:
- Setup Docker on the Windows box.
- Create a Docker network.
docker network create net1
- Bootstrap the cluster.
docker run -e MYSQL_ROOT_PASSWORD=test -e CLUSTER_NAME=cl1 --name=node1 --net=net1 perconalab/percona-xtradb-cluster
- Join the nodes.
docker run -e MYSQL_ROOT_PASSWORD=test -e CLUSTER_NAME=cl1 -e CLUSTER_JOIN=node1 --net=net1 perconalab/percona-xtradb-cluster
Repeat step 4 as many times as you want.
The result: the cluster is now running on Windows!
The question whether Percona XtraBackup is available for Windows comes up every so often. While we are not planning to provide regular releases for Windows, I decided to share a way to run Percona XtraBackup in a Docker container (especially since Docker support for Windows has become more and more stable).
For this exercise, I created a playground Docker image:
First, we need to prepare a few things to make it work:
- Install Docker on Windows (the current version I am running is 17.03)
- Enable the sharing of disk C in Docker settings
- Find out the IP address MySQL is running on (
192.168.1.122in my case)
- Grant backup-required privileges for the
GRANT RELOAD,PROCESS,LOCK TABLES,REPLICATION CLIENT ON *.* TO 'xtrabackup'@'192.%' IDENTIFIED by 'xtrapassword'
Now, let’s assume our datadir is in
C:/mysqldata, and we want to backup to
C:/mysqlbackup. Needless to say, that XtraBackup image must run on the same server as MySQL’s datadir (since XtraBackup needs to access the data to copy it).
Now to take a backup we execute:
docker run --rm -it -v //C/mysqldata:/var/lib/mysql -v //C/mysqlbackup:/xtrabackup_backupfiles perconalab/percona-xtrabackup --backup --host=192.168.1.122 --user=xtrabackup --password=xtrapassword
We find our backup in
C:/mysqlbackup when it is done.
Google announced several new products today aimed at luring IT pros who are using Windows in their data centers to the Google Cloud Platform. With that in mind, Google introduced support for Microsoft SQL Server Enterprise and Windows Server Core on the Cloud Platform. In addition, the company announced support for SQL Server Always-On Availability Group for customers who are concerned about… Read More
Microsoft loves to talk about how we are now living in a “cloud first, mobile first” world, but in this world, there is still plenty of room left for Windows Server. Today, at its Ignite conference in Atlanta, the company announced that Windows Server 2016 will be available for purchase on October 1 and will then ship in mid-October. That’s pretty much in line with… Read More
In a recent article on the Percona blog, I recommended readers to a tool called CamStudio for making technical screen recordings. The blog post was very popular and got 300+ Facebook likes in a short time. Providentially though, a reader commented that the installer (as downloaded from the project website) installed “pretty annoying adware on [his] PC.”
As I had been using a slightly dated installer, which did not show this issue, I started looking into the reader’s claims. Besides finding that the reader was correct in his claims about the project website’s installer, I found that even the installer from sourceforge.com (a well known open source download site) had a significant amount of adware in it.
However, the worst had yet to come. Reading through the CamStudio forum on SourceForge, I found out that the CamStudio binaries had apparently been plagued by adware and possibly also viruses and malware. I am however always somewhat suspicious of such reports; consider for example that CamStudio’s competitor TechSmith sells a very similar product (originally based on the same source code I believe) at $299 US per license. Not saying it happened, but one can easily see why competing companies may try to eliminate the open source/free competition.
Still, being cautious, I ran my older original installer (which did not have the adware issues) through virustotal.com, a Google service I learned about during this ‘adventure’. “Guess what” my daughter would say. It had a malware Trojan (Trojan.Siggen6.33552) in it which had only been discovered by a anti-virus software company last April, and only one in 56 virus scanners picked it up according to https://www.virustotal.com! Once the situation was clear, I immediately removed the blog post!
Clearly this was turning out not to be my day. Reading up on this Trojan proved that it was ‘designed for installation of another malware’. Given that Trojan.Siggen6.33552 had only been discovered in April, and given that it may have been installing other malware as per the anti-virus company who discovered it, I quickly decided to reinitialize my Windows PC. Better safe then sorry.
As I mentioned to my colleague David Busby, when you have something happen like this, you become much more security conscious! Thus, I did a review of my network security and was quite amazed at what I found, especially when compared with online security reports.
For example, we have uPnP (universal plug and play) on our routers, Skype automatically installs a (quite wide) hole in the Windows Firewall (seemingly even where it is not necessary), and we allow all 3rd party cookies in all our browsers. One would think this is all fine, but it makes things more easy for attackers!
Besides virustotal.com, David showed me https://malwr.com – another great resource for analysing potential malwares.
Did you know that with the standard Skype settings, someone can easily work out your IP address? Don’t believe it? If you’re on Windows, go to Skype > Tools > Options > Advanced > Connection and hover your mouse over the blue/white question mark after ‘Allow direct connections to your contacts only’. You’ll see that it says “When you call someone who isn’t a contact, we’ll keep your IP address hidden. This may delay your call setup time.“ And apparently on Linux this option is not even directly available (more info here).
So, for example, to make Skype more secure I did 1) untick ‘use port 80 and 443 for additional incoming connections’, 2) setup a fixed port and punched a hole in the Windows firewall just for that port, for a specific program, a specific user, and for a specific IP range (much more restricted than the wide hole that was already there), 3) Removed the “Skype rule” which seemingly was placed there by the Skype installer, 4) Disabled uPnP on my router, 5) Disabled Skype from using uPnP, 6) Ticked ‘Allow direct connections to your contacts only’. Phewy. (Note that disabling uPnP (being a convenience protocol) can lead to some issues with smartTV’s / consoles / mobile phone apps if disabled.)
All our networking & software setup these days is mostly about convenience.
Further reviewing the Windows firewall rules, I saw many rules that could be either removed or tied down significantly. It was like doing QA on my own network (phun intended :). The same with the router settings. Also did a router firmware upgrade, and installed the latest Windows security patches. All of the sudden that previously-annoying ‘we’ll just shut down your pc to install updates, even if you had work open’ feature in Windows seemed a lot more acceptable (I now have a one-week timeout for automatic restarts).
For the future ahead, when I download third party utilities (open source or not), I will almost surely run them through virustotal.com – a fantastic service by Google. It’s quite quick and easy to do; download, upload, check. I also plan to once in a while review Windows firewall rules, program security settings (especially for browsers and tools like Skype etc.), and see if there are Windows updates etc.
The most surprising thing of all? Having made all these security restrictions has given me 0% less functionality thus far.
Maybe it is indeed time we wake up about security.
Microsoft is a company with a new cloud focus, a new CEO, and new re-org, and a massive new hardware business that brought in around $3.5 billion in revenue in its most recent across two device categories alone. So if you aren’t completely sure what the hell Microsoft is, I don’t blame you. The company’s CEO, Satya Nadella, speaking to the media last week at an event on… Read More
It turns out that Microsoft and Salesforce were serious when the two firms detailed a plan to integrate their products earlier this year. Today at the Dreamforce conference, the companies announced that a Salesforce1 app for Windows Phone will be released the second half of 2015, that Office will see integration with the Salesforce suite, and that OneDrive will also garner a connection to the… Read More
Downloading the Windows 10 technical preview? You won’t be able to use it past two weeks after April Fool’s day next year. That’s jolly, because the consumer-facing preview that will follow the current build will be out long before then. But it’s worth keeping in mind: Microsoft is working towards a mid-year release of Windows 10, so the April date is in within that… Read More
At some point, speculating about what will become quickly obvious is difficult. Still, on the cusp as we are of the release of the first preview of what may be called Windows 9, it’s reasonable to take a few notes of the latest rumor cycle: Will Windows 9 be free? Current gossip indicates that for Windows 8 and Windows XP users, the new code could be in the case of the former, free, and… Read More