Amazonrds 简明教程

Amazon RDS - MySQL Features

MySQL 是一个受欢迎的关系数据库,它可以在其社区版特性中使用 Amazon RDS 服务。MySQL 的几乎所有特性都可以通过 RDS 平台使用,仅基于区域和可用性区域设置一些限制。以下是有关 MySQL 在 RDS 平台中的主要特性的简要说明。

MySQL is a popular Relational DB which is available in the amazon RDS services with its community edition features. Almost every feature of MYSQL can be leveraged in the RDS platform with only some restrictions based on regions and availability zones. Below is a brief description on MYSQLs major features in the RDS platform.

Supported Versions

版本 5.5、5.6 和 5.7 是在 RDS 平台中支持的主要版本。除 5.6.27 外,所有版本在所有 AWS 区域都受支持。如果在 DB 创建期间未提及版本,则默认为当时最新的版本。以下是一个示例,说明如何在 Python SDK 程序中使用 AWS API 获取所有支持的 DB 引擎版本。

The versions 5.5, 5.6 and 5.7 are the major versions supported in the RDS platform. Except for 5.6.27 all versions are supported in all AWS regions. If no version is mentioned during the DB creation, it defaults to the most recent version at that point in time. Below is an example of how to get all supported DB Engine versions using AWS API in a python SDK program.

import boto3

client = boto3.client('rds')

response = client.describe_db_engine_versions(
    DBParameterGroupFamily='mysql5.6',
    DefaultOnly=True,
    Engine='mysql',
    EngineVersion='5.6',
    ListSupportedCharacterSets=True,
)

print(response)

当运行上述代码时,我们会得到以下输出:

When the above code is run we get an output as below −

{
   "ResponseMetadata": {},
   "DBEngineVersions'": [
      {
         "Engine'": "mysql",
         "DBParameterGroupFamily'": "mysql5.6",
         "SupportsLogExportsToCloudwatchLogs'": true,
         "SupportedCharacterSets'": [],
         "SupportsReadReplica'": true,
         "DBEngineDescription'": "MySQL Community Edition",
         "EngineVersion'": "5.6.40",
         "DBEngineVersionDescription'": "MySQL 5.6.40",
         "ExportableLogTypes'": [
            "audit",
            "error",
            "general",
            "slowquery"
         ],
         "ValidUpgradeTarget'": [
            {
               "Engine'": "mysql",
               "IsMajorVersionUpgrade'": true,
               "AutoUpgrade'": false,
               "Description'": "MySQL 5.7.22",
               "EngineVersion'": "5.7.22"
            }
         ]
      }
   ]
}

Version Upgrade

其中 MySQL 版本号保留为 MYSQL A.B.C。在此表示法中,A.B 表示主要版本,C 表示次要版本。次要版本升级与主要版本升级之间的升级方法不同。

There MySQL version number is maintained as MYSQL A.B.C. In this notation, A.B indicates the major version and C indicates the minor version. The upgrade approach is different between minor and major version upgrades.

Minor Version Upgrade

无论何时 Amazon RDS 支持,DB 实例都会自动升级至新的次要版本。此修补程序会在您可以控制的计划维护时段内发生。如果您选择关闭自动更新,也可以手动升级到新版本。

The DB instances are automatically upgraded to new minor versions when ever they are supported by Amazon RDS. This patching occurs during a schedules maintenance window which you can control. You can also manually upgrade to new versions if you prefer to turn off the automatic update.

Major Version upgrade

主要版本升级不可用作自动升级。必须由账户用户通过修改 DB 实例来手动执行。以下流程图指出了实现主要版本升级的步骤。此方法确保在将升级过程应用于实时生产数据库之前对其进行彻底测试。

Major version upgrades are not available as automatic upgrade. It must be done by the account user manually by modifying the DB instance. Below flowchart indicated the steps in achieving the major version upgrade. This approach ensures that the upgrade process is thoroughly tested before it is applied on the live production database.

mysqldbupgrade

Database Security

RDS MySQL DB 的安全性在三层管理。

The security for RDS MYSQL DB is managed at three layers.

Using IAM

在这种方法中,IAM 用户应该有适当的策略和权限。授予此类权限取决于授予这些权限的帐户持有者或超级用户。

In this approach the IAM user should have appropriate policies and permissions. Granting of such permissions is decided by the account holder or the super user who grants these permissions.

Using VPC

您可以使用 VPC 安全组或 DB 安全组来决定哪些 EC2 实例可以打开连接到 DB 实例的端点和端口。这些连接还可以使用 SSL 建立。

You either use a VPC security group or DB security group to decide which EC2 instances can open connections to the endpoint and port of a DB instance. These connections can also be made using SSL.

Using IAM Database Authentication

在这种方法中,您使用 IAM 角色和身份验证令牌。身份验证令牌生成一个唯一值,该值与访问过程中使用的 IAM 角色相关。在这里,数据库以及其他亚马逊网络服务资源(如 EC2 和 S3 等)使用同一组凭证。

In this approach you use a IAM role and an authentication token. The authentication token generates a unique value which is relevant to the IAM role that is used in the access process. Here the same set of credentials are used for database as well as other aws resources, like EC2 and S3 etc.