小鱼作为单机版的 OceanBase4.0诞生,是否具有租户资源隔离功能?今天我们通过下面实验进行证明。
1、什么是租户隔离
租户隔离说白了就是进行实例资源的池化、然后进行隔离,就像oracle 12c推出的PDB功能。租户与租户之间数据、权限、资源隔离,每个租户拥有自己独立的访问端口及 CPU、内存访问资源。
2、oceanbase 建立租户的流程
unit config -> resource pool -> tenant
3、创建unit
–分别创建2个unit
obclient [oceanbase]> CREATE RESOURCE UNIT unit1 MAX_CPU 1, MEMORY_SIZE ‘1G’,LOG_DISK_SIZE ‘2G’;
Query OK, 0 rows affected (0.009 sec)
obclient [oceanbase]> CREATE RESOURCE UNIT unit2 MAX_CPU 1, MEMORY_SIZE ‘1G’,LOG_DISK_SIZE ‘2G’;
Query OK, 0 rows affected (0.008 sec)
查询unit是否创建成功
obclient [oceanbase]> SELECT * FROM oceanbase.DBA_OB_UNIT_CONFIGS\G
*************************** 1. row***************************
UNIT_CONFIG_ID: 1
NAME: sys_unit_config
CREATE_TIME: 2023-03-27 14:41:50.601200
MODIFY_TIME: 2023-03-27 14:41:50.601200
MAX_CPU: 1
MIN_CPU: 1
MEMORY_SIZE: 2147483648
LOG_DISK_SIZE: 2147483648
MAX_IOPS: 10000
MIN_IOPS: 10000
IOPS_WEIGHT: 1
*************************** 2. row***************************
UNIT_CONFIG_ID: 1005
NAME: unit2
CREATE_TIME: 2023-03-27 16:50:56.125007
MODIFY_TIME: 2023-03-27 16:50:56.125007
MAX_CPU: 1
MIN_CPU: 1
MEMORY_SIZE: 1073741824
LOG_DISK_SIZE: 2147483648
MAX_IOPS: 10000
MIN_IOPS: 10000
IOPS_WEIGHT: 1
*************************** 3. row***************************
UNIT_CONFIG_ID: 1006
NAME: unit1
CREATE_TIME: 2023-03-27 16:51:05.809746
MODIFY_TIME: 2023-03-27 16:51:05.809746
MAX_CPU: 1
MIN_CPU: 1
MEMORY_SIZE: 1073741824
LOG_DISK_SIZE: 2147483648
MAX_IOPS: 10000
MIN_IOPS: 10000
IOPS_WEIGHT: 1
3 rows in set (0.001 sec)
4、创建resource pool
–分别创建2个资源池,对应unit
obclient [oceanbase]> CREATE RESOURCE POOL pool1 UNIT=‘unit1’,UNIT_NUM=1;
Query OK, 0 rows affected (0.010 sec)
obclient [oceanbase]> CREATE RESOURCE POOL pool2 UNIT=‘unit2’,UNIT_NUM=1;
Query OK, 0 rows affected (0.010 sec)
–查询resource pool是否创建成功
obclient [oceanbase]> select * from DBA_OB_RESOURCE_POOLS\G;
*************************** 1. row***************************
RESOURCE_POOL_ID: 1
NAME: sys_pool
TENANT_ID: 1
CREATE_TIME: 2023-03-27 14:41:50.605285
MODIFY_TIME: 2023-03-27 14:41:50.612883
UNIT_COUNT: 1
UNIT_CONFIG_ID: 1
ZONE_LIST: zone1
REPLICA_TYPE: FULL
*************************** 2. row***************************
RESOURCE_POOL_ID: 1002
NAME: pool1
TENANT_ID: NULL
CREATE_TIME: 2023-03-27 16:51:31.437583
MODIFY_TIME: 2023-03-27 16:51:31.437583
UNIT_COUNT: 1
UNIT_CONFIG_ID: 1006
ZONE_LIST: zone1
REPLICA_TYPE: FULL
*************************** 3. row***************************
RESOURCE_POOL_ID: 1003
NAME: pool2
TENANT_ID: NULL
CREATE_TIME: 2023-03-27 16:51:44.785672
MODIFY_TIME: 2023-03-27 16:51:44.785672
UNIT_COUNT: 1
UNIT_CONFIG_ID: 1005
ZONE_LIST: zone1
REPLICA_TYPE: FULL
3 rows in set (0.005 sec)
5、创建租户
–创建2个租户
obclient [oceanbase]> CREATE TENANT IF NOT EXISTS tenant1 CHARSET=‘utf8mb4’, ZONE_LIST=(‘zone1’), PRIMARY_ZONE=‘zone1’, RESOURCE_POOL_LIST=(‘pool1’) SET ob_tcp_invited_nodes=’%’;
Query OK, 0 rows affected (16.381 sec)
obclient [oceanbase]> CREATE TENANT IF NOT EXISTS tenant2 CHARSET=‘utf8mb4’, ZONE_LIST=(‘zone1’), PRIMARY_ZONE=‘zone1’, RESOURCE_POOL_LIST=(‘pool2’) SET ob_tcp_invited_nodes=’%’;
Query OK, 0 rows affected (16.840 sec)
–查看租户是否创建成功
6、登录租户1,创建yk数据库
[root@k8s-node2 conf]# obclient -h192.168.10.4 -uroot@tenant1 -P2881 -p -Doceanbase -A
Enter password:
Welcome to the OceanBase. Commands end with ; or \g.
Your OceanBase connection id is 3221487648
Server version: OceanBase_CE 4.0.0.0 (r103000022023011215-05bbad0279302d7274e1b5ab79323a2c915c1981) (Built Jan 12 2023 15:28:27)
Copyright © 2000, 2018, OceanBase and/or its affiliates. All rights reserved.
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.
obclient [oceanbase]> create database yk;
Query OK, 1 row affected (0.037 sec)
obclient [oceanbase]> show databases;
±-------------------+
| Database |
±-------------------+
| information_schema |
| mysql |
| oceanbase |
| test |
| yk |
±-------------------+
5 rows in set (0.014 sec)
6、登录租户2查看是否有yk数据库
[root@k8s-node2 conf]# obclient -h192.168.10.4 -uroot@tenant2 -P2881 -p -Doceanbase -A
Enter password:
Welcome to the OceanBase. Commands end with ; or \g.
Your OceanBase connection id is 3221487649
Server version: OceanBase_CE 4.0.0.0 (r103000022023011215-05bbad0279302d7274e1b5ab79323a2c915c1981) (Built Jan 12 2023 15:28:27)
Copyright © 2000, 2018, OceanBase and/or its affiliates. All rights reserved.
Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.
obclient [oceanbase]> show databases;
±-------------------+
| Database |
±-------------------+
| information_schema |
| mysql |
| oceanbase |
| test |
±-------------------+
4 rows in set (0.009 sec)
7、结论
从上面的实验可以看到租户2是看不到租户1的数据库,可以看到集群下两个租户的资源、数据、权限都是隔离的。
OceanBase 数据库通过租户实现资源隔离,每个数据库服务的实例不感知其他实例的存在,并通过权限控制确保不同租户数据的安全性。多租户与 OceanBase 数据库强大的可扩展性相结合,能够提供安全、灵活的 DBaaS 服务。
最后修改时间:2023-04-03 15:07:49
「喜欢这篇文章,您的关注和赞赏是给作者最好的鼓励」
关注作者
【版权声明】本文为墨天轮用户原创内容,转载时必须标注文章的来源(墨天轮),文章链接,文章作者等基本信息,否则作者和墨天轮有权追究责任。如果您发现墨天轮中有涉嫌抄袭或者侵权的内容,欢迎发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。