First you need to do is run this query:
SELECT user,host FROM mysql.user
WHERE super_priv='Y' AND
CONCAT(user,'@',host) <> 'root@localhost';
This will list all users that have SUPER privilege. Most users that do application-related DB processing do not require this privilege. According to the MySQL Documentation, those with SUPER privilege can do the following:
- Run CHANGE MASTER TO for controlling replication coordinates
- KILL or
mysqladmin kill
to kill threads belonging to other accounts
- PURGE BINARY LOGS to systemically delete binary logs
- Make configuration changes using SET GLOBAL to modify global system variables
- mysqladmin debug command
- enabling or disabling logging
- performing updates even if the *read_only* system variable is enabled
- starting and stopping replication on slave servers
- specification of any account in the DEFINER attribute of stored programs and views
- HERE IS THE MOST IMPORTANT ONE FOR YOUR PROBLEM: : Enables you to connect (once) even if the connection limit controlled by the max_connections system variable is reached.
You will need to login as root@localhost and revoke SUPER privilege as follows:
UPDATE mysql.user SET super_priv='N'
WHERE super_priv='Y' AND
CONCAT(user,'@',host) <> 'root@localhost';
FLUSH PRIVILEGES;
Once you do this, whenever all users flood mysql connections, only root@localhost
can login. After all, if everybody and his grandmother had SUPER privilege, this would bar root@localhost
from ever connecting ahead of everybody else. If max_connections is at 200 and you need to raise it to 300 without having to restart mysqld, you can dynamically increase the max_connections with this command:
mysql> SET GLOBAL max_connections = 300;
That will allow more connections effective immediately, but don't just arbitrarily increase the number on whim. You have to make sure mysql has enough RAM to accommodate the increase.
CAVEAT : If you change max_connections dynamically to 300, please put it in /etc/my.cnf
[mysqld]
max_connections=300
You can run mysqltuner.pl on your MySQL DB Server. If you do not have it, then run the following:
cd
wget mysqltuner.pl
perl mysqltuner.pl
The 3rd line under Performance Metrics has this
-------- Performance Metrics -------------------------------------------------
[--] Up for: 8d 20h 46m 22s (8M q [10.711 qps], 129K conn, TX: 90B, RX: 19B)
[--] Reads / Writes: 4% / 96%
[--] Total buffers: 2.1G global + 5.4M per thread (2000 max threads)
[OK] Maximum possible memory usage: 12.6G (80% of installed RAM)
See the 5.4M per thread? That is multipled by max_connections. In this example, that would be a maximum of about 10.8G of RAM. Therefore, each time you bump up max_connections, you should run mysqltuner.pl and check if you are pressing the OS for too much memory.
In any case, limiting who has SUPER privileges give such users opportunity to mitigate flooding mysqld with DB Connections.
All mention of either using a symlink or data/index separate data directories state that MyISAM is the only supported
Almost, but not quite "all."
There are three ways of symlinking in MySQL:
- manually symlink the individual table files - only supported for MyISAM and even then the documentation says "as a last resort."
- automatically symlink MyISAM MYD and MYI files with
DATA DIRECTORY
and INDEX DIRECTORY
directives.
- manually symlink a database (i.e. a single schema) directory to a directory in a different location
This last one is the one you want, and will work transparently with any of the normal storage engines.
Stop reading the page from the manual that you mentioned above before you get to section 8.11.3.1.2, and this will make more sense. Everything from that point forward is related to table files being symlinked, not directories. The information that follows is not relevant if your symlinks are done at the database directory level.
Though not directly related to your question, I'll point out that your entire /usr/local/mysql/data directory can also be a symlink to a directory elsewhere. I almost always do this instead of actually telling MySQL to use a different directory, so that it's obvious to any sysadmin looking at the server itself where the actual data lives.
Best Answer
Is there some sort of sane upper limit any one user should never exceed? Maybe your busiest application has at most 20 open connections during peak normal operation. Let's assume you have 20 non root users.
This way your global max connections is safe from every getting reached and there should always be room for you to get in even if one particularly application or user is getting maxed out.