Details
-
Improvement
-
Status: Open
-
Medium
-
Resolution: Unresolved
-
None
-
None
-
None
-
None
-
Yes
-
Yes
-
No
-
Server Integrations
Description
Problem: Clusters created using DBaaS have problems we detected by Advisors. This will break our statement that "our software workeds better together."
These checks executed on newly created clusters with defaul parameters.
Possible solutions:
- improved configuration of default clusters
- better / different priority/messaging in Advisors
Details:
Tested on pmm 2.34
PXC:(k8s 1.24)
Applicable for all 3 PXC
Failed Checks for service "default-mysql-qz9j9v-pxc-2"
| Check Name | Summary | Description | Severity | Details | Actions |
|---|---|---|---|---|---|
| mysql_version | Newer version of Percona XtraDB Cluster is available | Current version is 8.0.27, the latest available version is 8.0.28. | Warning | Read More | |
| mysql_configuration_variables1 | Server is not configured to enforce data integrity | In order for maximum data integrity to be set, the server should have TRADITIONAL,STRICT_ALL_TABLES,STRICT_TRANS_TABLES configured in sql_mode. From these TRADITIONAL,STRICT_ALL_TABLES are missing. | Warning | Read More | |
| mysql_automatic_expired_password | Automatic password expiry is not active. System variable disconnect_on_expired_password is enabled. The server will not allow connecting clients with expired passwords. | See the following steps to activate | Warning | Read More | |
| mysql_security_2 | Root user has host definition that is not 127.0.0.1 or localhost | you have #1 occurrence(s) :[email protected]% | Warning | Read More | |
| mysql_require_secure_transport | MySQL server allows unencrypted remote connections. | MySQL server allows unencrypted remote connections. | Warning | Read More | |
| mysql_security_2 | User(s) has/have host definition '%' which is too open | you have #5 occurrence(s) :[email protected]%; [email protected]%; [email protected]%; [email protected]%; [email protected]% | Warning | Read More | |
| mysql_configuration_variables6 | Passwords don't expire, as default_password_lifetime=0 | Please consider imposing an expiry time for passwords by setting default_password_lifetime to a positive integer, indicating how many days can go by before the user having to renew their password; This will help prevent brute force attacks and risks of data leaks. | Warning | Read More | |
| mysql_security_2 | User(s) has/have direct DBA privileges instead that by Roles | you have #1 occurrence(s) :[email protected]%;[email protected]%;[email protected]%;[email protected]%;[email protected] | Notice | Read More | |
| mysql_security_2 | User(s) not using secure SSL protocol to connect | you have #5 occurrence(s) :[email protected]%; [email protected]%; [email protected]%; [email protected]%; [email protected] | Notice | Read More | |
| mysql_private_networks_only | The following 5 accounts are allowed to be connected from public networks | ["[email protected]%", "[email protected]%", "[email protected]%", "[email protected]%", "[email protected]%"] | Notice | Read More |
MongoDB:
applicable for all Mongo istances, same problems found:
Failed Checks for service "default-mongodb-8irg6m-cfg-1"
| Check Name | Summary | Description | Severity | Details | Actions |
|---|---|---|---|---|---|
| mongodb_journal | MongoDB journaling is disabled | Journaling should not be disabled on production systems. This presents a risk to data durability in the event of a failure. See the following for further details. | Warning | Read More | |
| mongodb_version | Newer version of Percona Server for MongoDB is available | Current version is 4.4.10, latest available version is 4.4.17. | Warning | Read More | |
| mongodb_loglevel | MongoDB is not using the default log level. | To avoid high disk usage, see the following to set it to default | Warning | Read More |
Attachments
Issue Links
- is blocked by
-
-
- Open
-
-
-
- Open
-
- relates to
-
-
- Open
-