RDS is Alibaba Cloud's relational database service that provides a managed database service. It offers high availability, high performance, and scalability. Key benefits include usability through easy deployment and management, security through features like IP whitelisting and SQL attack protection, and availability through an architecture with primary and standby instances in different zones for failover. RDS instances can be easily scaled up or down and offer backups, read replicas, and temporary instances for recovery.
4. Relational Database Service - RDS
4 / 37
Relational Database Service (RDS) is a managed relational database service that is simple to deploy,
easy to scale, reliable, and cost-effective.
• Choice of database engines
• High availability
• High-performance
• Managed service
• Easy to scale and operate
• Run as many or few systems as you desire
5. RDS - Instances
5 / 37
• An RDS instance is a database service running on a virtual computing
environment (the environment is transparent to users). A User can
decide the database engine, CPU, memory, storage, and network used
by the RDS instance.
• RDS provides a wide selection of instance types optimized to fit
different use cases.
• Instance types comprise varying combinations of CPU, memory,
storage, and networking capacity.
CPU,
Memory
DB
Engine
Storage Network
10. Usability
10 / 37
RDS provides a flexible and easy to use database platform.
• Ease of Use:
Allows you to effortlessly manage ApsaraDB for RDS instances using the web-based Management Console.
• Ease of Connection:
Supports simultaneous connection to the Intranet and/or Internet in high security access mode:
• An Internet address can be connected to the server via the public network to make it easy to manage instances
locally.
• The Intranet address can be connected via other Alibaba Cloud products such as Elastic Compute Service (ECS)
within the same region for faster response times and improved security.
11. Usability – Ease of Management
11 / 37
Fully managed host and operating system
• No access to the database host operating system
• Limited ability to modify configuration that is managed on the host operating system
• No functions that rely on configuration from the host OS
Fully managed storage
• Max storage limits
12. Usability – Effortless Migration
12 / 37
OnP RDB Apsara RDB
Same Knowledge
Same Skills
Same Tool
13. Usability – Simple Deployment
13 / 37
Building a database without cloud
• Prepare hardware
• Install OS
• Install database software
• Configuration
• Tweaking
3-5 hours
Use Cloud Smart
14. Usability - Monitoring
14 / 37
The RDS console provides abundant
performance metrics for users to
conveniently view and know the
running status of their instances.
CloudMonitor Metrics for RDS
• CPU utilization
• Storage
• Memory
• Many others
16. Primary/Standby Architecture
Local Disaster Recovery
Remote Disaster Recovery
High Availability
16 / 37
RDS provides a Three-Tier High Availability and Disaster Recovery Architecture
Increase availability by running your application on two instances in different zones with automatic data synchronization.
When the primary instance is not available, the system will automatically initiate failover to the standby or secondary instance.
Enhances data reliability by deploying primary and standby instances in different zones with independent power sources and
network environments.
Synchronizes data in real time at different locations through data transmission. During any disaster, you can switch to the
remote disaster recovery instance from the primary instance to guarantee business availability. This is currently in public beta
state for MySQL ApsaraDB for RDS.
17. High Availability: 3 Instance Editions
17 / 37
• storage-computing isolated
architecture and a single
computing node
• very high cost-effectiveness
• classic high-availability
architecture with one master
node and one slave node
• ephemeral SSD storage provides
balanced and best performance
• three-node architecture with one
master node and two slave nodes
• guarantees strong data consistency
by synchronizing multiple log copies
• financial-level data reliability and
cross-IDC disaster tolerance
18. Basic Edition vs High-availability Edition
18 / 37
Basic Edition
• contains only one node and has no slave node
for fault recovery
• half the price of the High-availability Edition
High-availability Edition
• two instances in the same or different zones
with automatic data synchronization
• automatically failover
19. High-availability Data Replication Modes
19 / 37
Asynchronous replication (Async)
• A data change
• A ACK to Client
• A send binlog to B
• B Apply Changes
Semi-synchronous replication (Semi-Sync)
• A data change
• A send binlog to B
• B ACK to A
• A ACK to Client
20. 20 / 37
Automatic backup
• You can configure a backup policy to adjust the
cycles of RDS data backup and log backup and
thereby realize automatic backup.
• Automatic backup supports physical backup.
High-availability Backup
21. High-availability Backup
21 / 37
Manual backup
• You can also back up RDS data at any time
you want using manual backup.
• Manual backup supports both physical backup
and logical backup.
22. High-availability: Instance Backup File
22 / 37
• If your total backup data is below 5120MB, there will be no extra charge.
• Users can obtain temporary links to download their backup data as needed. The Storage module also
supports dumping backup files to an OSS Archive Storage for cheaper and steady offline storage.
23. High-availability: Data Recovery
23 / 37
• restore a node to the state that it was in at a specific point in
time.
• automatically create a new slave node to reduce risks when
an irreparable failure occurs to the slave node.
• create a temporary instance with your backup and migrate
data to the master instance.
24. High-availability: Recovery - Temporary Instance
24 / 37
Temporary Instance has the following characteristics:
• Inherits the account and password of the backup file but keep the network type of the current instance.
• Uses its instance name as the password.
• Only one temporary instance can be generated at the same time. Before you create a temporary instance,
delete any existing temporary instance.
• A temporary instance is valid for 48 hours.
26. Scalability
26 / 37
RDS provides an highly scalable platform to build mission critical applications.
• Elastic Scalability:
Scales up or down based on your applications’ real time requirements to ensure 100% resource utilization.
• Massive Storage Space:
Supports up to 20,000 IOPS and 2TB of storage for a single ApsaraDB for RDS instance. You can also upgrade memory and disk
space according to your requirements.
• Infinite Read Capacity:
Supports read-only instances for MySQL hosting thereby increasing the read capacity. Each read-only instance has a dedicated IP
address and load distribution is managed at the application level.
• Configuration:
Supports configuration of up to 1,000 server IP addresses to connect to a ApsaraDB for RDS instance so that risks are directly
controlled at source.
27. Scalability: Read-only Instance
27 / 37
• ApsaraDB for MySQL allows read-only instances to be directly
attached to RDS in order to distribute the read pressure on the
master instance.
• Each read-only instance has an independent connection string,
and the read pressure can be automatically distributed on the
application side.
28. Scalability: Diversified Data Storage
28 / 37
RDS supports diversified storage extension through
Memcache, Redis, and OSS.
• Memcache, Redis:
Provide high response speed for cached hot data.
The cache area can support a higher QPS
(Requests Per Second) than the RDS.
• OSS:
Help reduce the storage pressure on RDS.
30. Security
30 / 37
RDS provides a Three-level Security Defense System to protect the databases against security threats.
• Anti-DDoS:
Provides real-time traffic monitoring at network entry point. If any high traffic attack is identified, source IPs are either
cleaned or blacklisted.
• IP Whitelist Configuration:
Supports configuration of up to 1,000 IP addresses. These can be connected to an ApsaraDB for RDS instance so that the
risks are directly controlled at source.
• Protection of Database from Various Attacks:
Intercepts SQL injection, brute force attacks and other forms of database attacks. ApsaraDB for RDS also provides SQL
audits, allowing you to keep track of who accessed the instance when, and what action was taken at that time.
31. Security: RAM
31 / 37
You can use Alibaba Cloud Resource Access Management (RAM) to control who can perform actions on RDS.
32. Security & Access Control
32 / 37
• RDS will require the IP addresses to be whitelisted before the clients running them can access any database.
This includes both the external clients and the ECS clients in the same VPC.
• RDS allows settings up SSL connections from ECS to RDS via the Load Balancers. This will allow the clients to
perform an end to end encryption of the connection.
35. RDS: Basic Reference Architecture
35 / 37
• ECS
• Fast application of ECS instance
• Create snapshot and custom image
• Server Load Balancer
• SLB instance cluster
• Weighted forwarding rules
• Backend server health check
• RDS
• Master-slave backup of RDS
• Database backup
• Read-only and temporary instance
• OSS
• Image processing
• Static Website Hosting
• OSS API programming
36. RDS: Quick Recap
36 / 37
• Cost-effective
• Real-time monitoring
and instance alerts
• Flexible payment
options
• 99.9% of business
availability
• Automatic failover in
case primary instances
are not available
• Automated backups
• Temporary Instance
• Read-only instances
with expandable read
capacity
• Diversified Data
Storage
• Protects against
network attacks;
Intercepts SQL
injection, brute force
attacks and other types
of database attacks.
• IP Whitelist
Configuration
• TDE
RDS general instances adopt hot standby architecture with master and backup hosts. The single zone means the master and backup nodes are located in the same zone. Multiple zones mean the master and backup nodes are located in different zones. RDS read-only instances adopt single machine architecture. Multiple zones mean the read-only instances can be allocated at random.
Alibaba Cloud is responsible for ensuring the normal operation of RDS through routine maintenance and management, such as hardware/software fault processing and database update patches. You can independently perform database addition, deletion, restart, backup, recovery, and other management operations in the Alibaba Cloud console.
RDS is used similarly to the native database engine, meaning that you can transfer the pre-existing knowledge and skills to RDS management. Data can be migrated to RDS using the commercial off-the-shelf data import and export tools with minimal labor cost required.hours
You can customize RDS specifications through Alibaba Cloud’s official website or the API. After the order is confirmed, RDS generates the specified instance instantly.
RDS can work with ECS to reduce the application response time and save on public traffic fees.
Because there is only one database node, when the node fails, it takes longer to recover the node. Therefore, the High-availability Edition is recommended for sensitive businesses that have higher requirements on database availability.
Asynchronous replication (Async)
In this mode, the master node does not immediately synchronize data to the slave node. When an application initiates an update request, which may include add, delete, or modify operations, the master node responds to the application immediately after completing the operation but does not necessarily replicate that data to the slave node right away. This means that the operation of the primary database is not affected if the slave node is unavailable, but data inconsistencies may occur if the master node is unavailable.
Semi-synchronous replication (Semi-Sync)
This functions as a hybrid of the two preceeding replication modes. In this mode, when both nodes are functioning normally, data replication is identical to the forced synchronous replication mode. However, when there is an exception, such as the slave node becoming unavailable or a network exception occurring between the two nodes, the master node only attempts to replicate data to the slave node and suspend its response to the application for a set period of time. Once the replication mode has timed out, the master node degrades to asynchronous replication. At this point, if the master node becomes unavailable and the application updates its data from the slave node, it is consistent with the data on the master node. When data replication between the two nodes returns to normal, because the slave node or network connection is recovered, forced synchronous replication is reinstated. The amount of time it takes for the nodes to return to forced synchronous replication depends on how the semi-synchronous replication mode was implemented. For instance, ApsaraDB for MySQL 5.5 is different from ApsaraDB for MySQL 5.6 in this regard.
Normally, backup is initiated on the slave node so as not to affect the performance of the master node. However, if the slave node is unavailable or damaged, the Backup module initiates backup on the master node.
https://www.alibabacloud.com/help/doc-detail/26206.htm
逻辑备份是备份sql语句,在恢复的时候执行备份的sql语句实现数据库数据的重现
逻辑备份和物理备份各有优劣,一般来说,物理备份恢复速度比较快,占用空间比较大,逻辑备份速度比较慢,占用空间比较小。逻辑备份的恢复成本高。
Backups are divided into physical backups and logical backups.
Physical backups, which are the primary concern in a backup and recovery strategy, are copies of physical database files.
In contrast, logical backups contain logical data (for example, tables and stored procedures). You can use logical backups to supplement physical backups.
https://www.alibabacloud.com/help/doc-detail/26206.htm
逻辑备份是备份sql语句,在恢复的时候执行备份的sql语句实现数据库数据的重现
逻辑备份和物理备份各有优劣,一般来说,物理备份恢复速度比较快,占用空间比较大,逻辑备份速度比较慢,占用空间比较小。逻辑备份的恢复成本高。
Backups are divided into physical backups and logical backups.
Physical backups, which are the primary concern in a backup and recovery strategy, are copies of physical database files.
In contrast, logical backups contain logical data (for example, tables and stored procedures). You can use logical backups to supplement physical backups.
Using temporary instance will not affect the current production instance. This avoids the impact of data recovery on services so is most recommended
Read-Only Instance is only for MySQL RDS
For other types of databases, you can use this feature
OSS: For example, when RDS and OSS are used in a forum, resources such as the images of registered users or those posted on the forum can be stored in OSS to reduce the storage pressure on RDS.
Key Management Service (KMS) is a secure and easy-to-use management service provided by Alibaba Cloud. With KMS, you will no longer have to spend excessively to protect the confidentiality, integrity, and availability of keys. Instead, KMS securely and conveniently manages your keys, allowing you to focus more on developing encryption/decryption function scenarios.
RDS如何引入KMS实现透明数据加密
https://www.percona.com/blog/2016/04/08/mysql-data-at-rest-encryption/