Percona Server for MongoDB vs MongoDB Enterprise

在本次网络研讨会中,我们将对MongoDB社区、MongoDB Enterprise Advanced和Percona Server进行并排评估,以便更好地了解决策过程。Percona Server for MongoDB具有企业级功能,运行在Percona监控和管理等工具上以监控MongoDB。更重要的是,它是100%免费和开源的。值得一提的是,MongoDB Enterprise Advanced附带了加密和LDAP授权。因此,我们将介绍这些特性以及更多。

展开查看详情

1. Percona Server for MongoDB vs MongoDB Enterprise September 19th, 2018, at 12:30 PM PDT (UTC-7) / 3:30 PM EDT (UTC-4). Adamo Tonete @adamotonete 1 © 2018 Percona - COMPANY CONFIDENTIAL

2.Agenda MongoDB Versions Percona Server for MongoDB Version (PSMDB) Feature Comparison Percona Monitoring and Management (PMM) Roadmap 2 © 2018 Percona - COMPANY CONFIDENTIAL

3.MongoDB Versions MongoDB comes in 2 different versions: Community Enterprise 3 © 2018 Percona - COMPANY CONFIDENTIAL

4.MongoDB Community Free and open source version of MongoDB Works for most companies Download and run Open source: https://github.com/mongodb/mongo 4 © 2018 Percona - COMPANY CONFIDENTIAL

5.MongoDB Enterprise Paid version of MongoDB Includes Support and some additional features Not entirely open source, requires a licence, not free for use 5 © 2018 Percona - COMPANY CONFIDENTIAL

6.Why use the enterprise version then? MongoDB Enterprise version comes with some additional features such as: - Kerberos & LDAP Authentication; LDAP Authorization - Auditing - Log Redaction - Encrypted Storage Engine - In-Memory Storage Engine - MongoDB Compass Enterprise - BI Connector - SNMP protocol 6 © 2018 Percona - COMPANY CONFIDENTIAL

7.LDAP and Kerberos + LDAP authorization For large companies or complex environments, managing users and permissions LDAP (or Active Directory) is a way to centralize user management, giving an individual permissions, or a user group. 7 © 2018 Percona - COMPANY CONFIDENTIAL

8.Auditing For enhanced security and compliance, awareness of the operations the database is performing can be critical. With an audit, it’s possible to track operations such as user and index creation - at the database level. 8 © 2018 Percona - COMPANY CONFIDENTIAL

9.Log Redaction Logs can have sensitive data. Depending on regulations, certain information may not be allowed to be saved in a log file. Log redaction hides sensitive information, changing the values to a different character. 9 © 2018 Percona - COMPANY CONFIDENTIAL

10.Encryption at rest Most of the good-practice articles and security certifications (PCI/HIPAA/GDPR) require data to be encrypted “at rest”. With WiredTiger encryption all of the data is encrypted at the storage engine level and only a process with the expected key is able to read it. The process of decrypting and encrypting is transparent to the final user. 10 © 2018 Percona - COMPANY CONFIDENTIAL

11.In Memory Storage Engine Low latency storage engine that doesn't rely on the disk subsystem. Completely ephemeral, once the database stops all the data is gone. Sub millisecond latency, only for specific use cases. 11 © 2018 Percona - COMPANY CONFIDENTIAL

12.Compass Enterprise Extended functionalities added to Compass Community. Some features that worth to be mentioned are ● Schema Analysis ● Real Time Server Stats ● Document Validation https://www.percona.com/blog/2018/06/22/finding-the-right-direction-mongodb-compass-community-version/ 12 © 2018 Percona - COMPANY CONFIDENTIAL

13.BI Connector With the BI connector, any application that uses ODBC driver will be able to read data from a MongoDB server. This is useful when ingesting data to a Business Intelligence application, or generating reports that requires tabular data. 13 © 2018 Percona - COMPANY CONFIDENTIAL

14.SNMP Simple Network Management Protocol is available for MongoDB Enterprise. This protocol allows a monitoring system to gather information about the database in a very simple way. 14 © 2018 Percona - COMPANY CONFIDENTIAL

15.Percona Server for MongoDB (PSMDB) 15 © 2018 Percona - COMPANY CONFIDENTIAL

16.Features comparison 16 © 2018 Percona - COMPANY CONFIDENTIAL

17.Features Comparison continued.. https://www.percona.com/software/mongo-database/feature-comparison 17 © 2018 Percona - COMPANY CONFIDENTIAL

18.Features Comparison continued.. 18 © 2018 Percona - COMPANY CONFIDENTIAL

19.PSMDB Features Review ● LDAP Authentication ● Auditing ● In-Memory Storage Engine ● Log Redaction ● Hot Backup 19 © 2018 Percona - COMPANY CONFIDENTIAL

20.What does PSMDB not have? ● Encryption at rest ● LDAP group authorization ● SNMP integration ● BI Connector 20 © 2018 Percona - COMPANY CONFIDENTIAL

21.Other open source solutions? ● Encryption can be done at OS level using LUKS or any other encryption software. ● LDAP group authorization is not available in PSMDB as the authorization is per user and not per group. The user must exist in the $external database. ● It is possible to sync LDAP users with PSMDB with scripting. 21 © 2018 Percona - COMPANY CONFIDENTIAL

22.Other open source solutions? ● SNMP integration is not available in PSMDB. However, PMM does offer plenty of useful graphs and is also open source. ● BI Connectors don't come with PSMDB. There are several connector options available, some are free whereas others are not. 22 © 2018 Percona - COMPANY CONFIDENTIAL

23.PSMDB only features Hot Backup: This is a backup command that will generate an exact copy of the database (binary copy) in a different folder in a very lightweight fashion. > use admin switched to db admin > db.runCommand({createBackup: 1, backupDir: "/my/backup/data/path"}) { "ok" : 1 } 23 © 2018 Percona - COMPANY CONFIDENTIAL

24.PMM PMM is an open-source platform for managing and monitoring MySQL and MongoDB performance and metrics. It is based on Docker, Virtual appliances and AWS AMI and it is self hosted. https://www.percona.com/blog/2018/07/05/configuring-pmm-monitoring-mongodb-cluster/ 24 © 2018 Percona - COMPANY CONFIDENTIAL

25.PMM https://pmmdemo.percona.com/graph/ 25 © 2018 Percona - COMPANY CONFIDENTIAL

26.Schema Analysis There are several open source projects to validate the MongoDB schema. We suggest using Variety https://github.com/variety/variety#core-maintainers 26 © 2018 Percona - COMPANY CONFIDENTIAL

27.Migration to PSMDB PSMDB is binary compatible with MongoDB Enterprise and Community. Just replace the binaries and you're all set. Also rollback to community is easy, no vendor lock. https://www.percona.com/blog/2016/06/17/mongodb-security-pay-enterprise-open-source-covered/ 27 © 2018 Percona - COMPANY CONFIDENTIAL

28.Support ? MongoDB Enterprise is tied with Support while PSMDB is free to use. If you have questions use the community forum https://www.percona.com/forums/ For a more details on our offerings and SLAs, please contact sales. I will keep this as a tech talk :) 28 © 2018 Percona - COMPANY CONFIDENTIAL

29.Roadmap ● Encryption at rest ● LDAP authorization 29 © 2018 Percona - COMPANY CONFIDENTIAL