Database Zone
{{announcement.body}}
{{announcement.title}}
DZone > Database Zone > Amazon RDS and Pt-Online-Schema-Change

Amazon RDS and Pt-Online-Schema-Change

DZone 's Guide to

Amazon RDS and Pt-Online-Schema-Change

Here's a workaround to get RDS to accept the pt-online-schema-change tool, which can throw an error based on permissions.

by
Miguel Angel Nieto
CORE ·
Jul. 05, 16 · Database Zone ·
Free Resource

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

In this blog post, I discuss some of the insights needed when using Amazon RDS and pt-online-schema-change together.

The pt-online-schema-change tool runs DDL queries (ALTER) online so that the table is not locked for reads and writes. It is a commonly used tool by community users and customers. Using it on Amazon RDS requires knowing about some specific details. First, a high-level explanation of how the tool works.

This is an example from the documentation:

pt-online-schema-change--alter"ADD COLUMN c1 INT"D=sakila,t=actor


As we can see, it is a tool that uses the basic features of MySQL. You can run it on MySQL, Percona Server, MariaDB, Amazon RDS, and so on. But when using Amazon, there is a hidden issue: you don't have SUPER privileges. This means that if you try to run the tool on an RDS with binary logs enabled, you could get the following error:

DBD::mysql::db dofailed:You do not have the SUPER privilege and binary logging is enabled (you might want to use the less safe log_bin_trust_function_creators variable)[forStatement"CREATE TRIGGER `pt_osc_db_table_del` AFTER DELETE ON `db`.`table` FOR EACH ROW DELETE IGNORE FROM `db`.`_table_new` WHERE `db`.`_table_new`.`table_id` <=> OLD.`table_id` AND `db`.`_table_new`.`account_id` <=> OLD.`account_id`"]at/usr/bin/pt-online-schema-change line10583.

This documentation page explains the reason for this message.

The bottom line is creating triggers on a server with binary logs enabled. This requires a user with SUPER privileges (which is impossible in Amazon RDS). The error message specifies the workaround. We need to enable the variable log_bin_trust_function_creators. Enabling it is like saying to the server:

“I trust regular users' triggers and functions, and that they won't cause problems, so allow my users to create them.”

Since the database functionality won't change, it becomes a matter of trusting your users. log_bin_trust_function_creators is a global variable that can be changed dynamically:

mysql>SET GLOBAL log_bin_trust_function_creators=1;

Run the tool again. This time, it will work. After the ALTER is done, you can change the variable to 0 again.

Like This Article? Read More From DZone

10 Top Things to Monitor in Amazon RDS 10 Top Things to Monitor in Amazon RDS
You Should Always Use a Custom DB Parameter Group When Creating an RDS Instance — Here’s How You Should Always Use a Custom DB Parameter Group When Creating an RDS Instance — Here’s How
How to Set Up Replication Between AWS Aurora and an External MySQL Instance How to Set Up Replication Between AWS Aurora and an External MySQL Instance
Hybrid Relational/JSON Data Modeling and Querying

Free DZone Refcard

Hybrid Relational/JSON Data Modeling and Querying
DOWNLOAD
Topics:
privileges ,process ,database ,logs ,amazon rds ,table ,alter

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of Miguel Angel Nieto . See the original article here.

Opinions expressed by DZone contributors are their own.

Database Partner Resources

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
CORE
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone