Good move, will be good for the database for sure. I think of this article [0] every time someone says "why not just use <some hipster database written by 2 people over the course of a year>":
Rule 1: Developing a good DBMS requires 5-7 years and tens of millions of dollars.
The reason is that Alibaba is stuck with mysql and complex queries being put very very deep inside their architecture.
And yes, things like top level transaction databases are like hand maintained clusters of 20 servers for the whole Alibaba with query caching servers in front of them to prevent OOMs
They tried to get rid of it many times as written in their tech blogs, but this probably indicates that they finally gave up on such endeavour, choosing to own Mysql instead
Their most sisyphean issue is the transaction locking. Imagine, 20 people trying to buy 19 trinkets, and you try to resolve transactions in a distributed DB, and two guys manage to buy the same thing in the exactly same nanosecond. The task is hard to tackle.
If you time-atomize the transaction, you get increase in minimal latency.
If you simply use a single server with very fast DB, you get reliability concerns.
Not sure about the funding, but it has been around for 20+ years. Maybe not tens of millions in VC funding, but it definitely has tens of millions of dollars worth of devs spending time on it.
Likely. Last year the foundation they're a part of received $25,000 in earmarked donations for Postgres which you can extrapolate over the 30 years it's been around to be a million-ish [1]. They've also received several million dollars in subsidies by starting as an academic project at Berkley in the 80s.
I think using Postgres would be completely valid (could be wrong though), the issue would be converting their code base, rather than any stability issue in pg.
Looking at their commit history, it's not a fork in the sense of "we're actively developing our own new features and diverging from upstream", it's a fork in the sense of "we've taken a stable release from upstream, applied some of our own patches, some backported patches, and some patches from other forks."
It's a fork as much as the stable packages that RedHat or Debian ships are "forks" since they have a few patches applied to customize for their environment and fix a few issues that hadn't made it upstream by the time they picked a stable release to base on.
MariaDB is an active, independently developed project. They are probably funding MariaDB because working with upstream developers of an actively developed fork can be more efficient than striking out on their own with another actual fork. I wouldn't be surprised if they eventually start using MariaDB, and either rebase their AliSQL patches on top of it or drop AliSQL altogether (much of it just looks like backports of bugs or features).
Any time I hear that a Chinese company is investing in a product I use, it's as if the Chinese government is now part owner of it as well. This may be general paranoia, but given the latest crackdown on VPNs and privacy, I don't know that I want a foreign government with a significant stake in Alibaba have access to direct the future of MariaDB. Is anyone else feeling this?
If you look at Alibaba's investment portfolio [1], you will see Alibaba has invested in a number of popular US-based startups like Snapchat and Lyft, so are they owning part of Snapchat as much as other VCs (depending on the % of course).
One can say about Google / Facebook / Amazon investing in startups and non-profits inevitably influence these organizations' directions; that's just the nature of any investments. When you donate money to a cause you support, you indirectly influence how the cause is headed, because you can pull the pledge, and when enough people pull the pledge, then the people running the cause/non-profits will have to do something to the demand of the donators.
China is the biggest creditor of the US national debt, and even before that US was careful with its relationship with China anyway. So we can't say there is a cause and effect, the best is a weak correlation, and even that is a stretch.
"Biggest foreign creditor" and "biggest creditor" are worlds apart; it's not just about being more precise. More than two thirds of US debt is held domestically.
Yeah, would be better if a US company like Oracle were in charge of it ;)
(Not agreeing or disagreeing with you, just kind of funny/ironic that we're talking about a fork of an open source project that exists because of disagreement with the steward of MySQL... if Alibaba negatively impacts MariaDB, couldn't we just then move on to another fork. MylantaDB anyone?)
Not everything has to be about politics. Sometimes a big company investing in an open source database it already uses is just trying to improve its own infrastructure, not trying to hack your country.
That's besides the point. Even if every single employee at Alibaba is well-intentioned (which is close enough to reality to be considered the case), in the end the government of the PRC has the capability to coerce the company to exert influence in a direction we almost certainly wouldn't like. The only question is whether the PRC would consider the trade offs worth it.
> in the end the government of the PRC has the capability to coerce the company to exert influence in a direction we almost certainly wouldn't like.
It's open source- when that happens, you can fork it and influence it in the direction that you like. I mean if the GCHQ has an active github account[1] - I think the PRC gets a pass to publish open source, let alone Alibaba.
I hear you. We should keep these companies in the hands of US tech companies that would never dream of violating our privacy or collaborating with a government entity against our wishes.
What would the concrete concern be in this case? Any backdoor would destroy the company brand and be excised immediately in a fork.
I suspect they’ll treat it like a piece of critical infrastructure; their political concerns would be at the gfw level, and I just don’t see the likelihood of weaponized attacks. Databases are usually locked down for egress and any outgoing attempts would be rapidly detected.
But a subtle buffer overrun resulting in a 0day that's only obvious to the writers - that's much more likely.
Check out the Underhanded C contest for examples of ways exploits can hide in plain sight.
EDIT: I'm not saying that's what going to happen with Alibaba & MariaDb. I'm just saying that "open source" != "free of exploits and backdoors". One of the biggest untruths about open source is that, with enough eyeballs, all bugs are shallow.
Lenovo seems to get caught with a backdoor every 6 months or so lately. Although I do think that has tainted its brand, I think it's still pretty far off from "destroying the brand".
Interesting, If Google or another tech giant in the U.S. are investing it, would you worry about that? I remember Project PRISM did happen, didn't it ? Alibaba invested it to its own advantage by contributing back to opensource and try to get more Startups in China to use it, that's simple as that. And MariaDB is opensource and community-driven, I don't think it will be controlled.
I don't really understand the MariaDB love around here. If you look at actual production usage, MySQL gets the lion's share, looking at the customers each lists at their website. Oracle has been surprisingly benevolent as stewards of MySQL. That Business Source License that MariaDB put forward for new code at one point[1] looked like something I think would have cost an awful lot of goodwill if anyone else had used it.
- MariaDB Server will continue to be licensed under GPL in perpetuity, while its connectors will continue to be under the LGPL.
To be honest I cannot blame Monty. Google and Facebook were built on MySQL and probably didn't give back as much as he thought would be a fair shar. I guess he doesn't want to see this happening again.
The problem is all these people going into headless chicken mode about how Oracle could discontinue the open source licence of the “original” MySQL, so they’re embracing MariaDB (the company) because it’s run by Monty so it must be open source friendly.
You can use/support MariaDB all you want but let’s not pretend they’re great bastions of open source compared to Oracle in the MySQL realm.
> That Business Source License that MariaDB put forward for new code at one point
As I said, I just made a clarification on that “new code” means other products and not MariaDB server.
Just for the record I am not a MySQL-based DB user, so I don’t really care at all about MariaDB or BSL. My license of choice for releasing my code is AGPL.
Given what I expected Oracle to do to MySQL, if being late on fixing bug reports under a support contract is the worst of their sins, then I stand by my statement.
Really very happy about this. I would love for MariaDB to outpace MySQL in terms of features, as I'm never quite sure which direction Oracle will take with MySQL (especially in terms of licensing)!
It’s ironic in a tragic way that people fear monger about Oracle changing the MySQL license (which has not changed from before Monty sold it to Sun) and advocate for a fork operated by a company that shits on the very concept of open source.
If the MariaDB MaxScale licensing bullshittery didn’t make you think twice about relying on MariaDB, why do you worry about Oracle?
He only made 300m. Us other MySQL employees (about 250) shared crumbs for that purchase (VPs excepted). He screwed us, but he never had respect for us - "people are lazy and greedy" (https://www.pythian.com/blog/mysql-ceo-marten-mickos-intervi...) . Then he promised he would fix the mistake he made with Maria by being more generous. Ha.
Sad to hear that. Being an employee mostly sucks in Sweden.
(If you put some (throwaway?) contact email in your profile I'd be interested to trade stories/old gossip via phone over the weekend; it seems like we worked in similar markets over similar times.)
Just looked through the Crunchbase profiles of a few Western SQL/NoSQL database companies, and I did not see any Chinese investors. This investment will certainly give MariaDB a significant competitive advantage in China. It will be interesting to see if other startups follow their strategy.
In-memory capability, hiring pool of MySQL/MariaDB developers tends to be larger/wider, Galera cluster (M-M functionality), if the queries trend towards simplicity then MySQL/MariaDB tends to be more performant, Postgres can have issues with write amplification, etc.
Uber (I know, I know) switched to MySQL, here are some reasons why:
I never understood which table caused these issues at Uber. They use an example with birthday changes for users. That's no real world example. Apparently issues were caused by a small table updated 500+ times a second and used in a lot of joins. That could be the driver table but why would they update it so much? Personal information rarely changes and live information about the driver (trip status, position, online/offline) should be stored separate from that? And you wouldn't need transactions around those updates?
Did they ever clarify what data actually caused the issues?
please don't use uber as an example.
they made just so many mistakes with postgresql (mistakes that would probably blow up a ton of databases including mysql)
not sure if galera cluster is a good thing.. we've started out with galera and it was a pain. we now run on postgres, but even if we would've stayed with mysql we wouldn't use galera anymore. network split was a pita, even if you had major quorum.
I'm aware of the memory capabilities of mysql in general, but the insinuation was that mysql had more capabilities of in-memory processing than postgres - I dont see anything in those links that are things that postgres cant do - although they may be implemented differently.
The honest answer is that you can get the desired result with Postgres, even if it might require a custom foreign data wrapper implementation. Carpenters pick their favorite saws, and they like MySQL.
To be fair, uber did get burned by a Postgres replication failure- but they also had a NOC team promote 3 bad replicas to primary before stepping back to reconsider their approach. Carpenters do hate losing their fingers in circular saws.
MySQL is faster. There are people that will argue against it but they probably don't understand how the vacuum works. Also if you only read HN yeah you're bias on Postgres vs MySQL. On the end Postgres is "better" but MySQL is already pretty good, it's not like you're comparing a good product to a bad one, both of them are good.
That question could be asked in a reversed fashion too. PostgreSQL is the favorite database here on HN (I prefer it too) but for a generic company out there MySQL/PostgreSQL are interchangeable. Won't really matter which one you choose and I think it's easier to hire people with MySQL experience.
I actually had databases class which used MySQL for exercises and essentially it was like this:
* you can configure triggers for a table, but you can't use them in MySQL unless you make sure the table is InnoDB (this was a while ago before defaults changed)
* MySQL doesn't support aborting INSERT/UPDATE/DELETE from trigger, but you can emulate it by throwing an exception
* a table can have a CHECK constraint, but you can't use it because it is not available in MySQL
Makes one wonder MySQL was picked for that class. I get that it was because it was very popular at the time, but it felt like a toy compared to a functionality that any other database had.
I'm interested in what people's experiences here are. I spent the entire of my degree deep in Oracle, persistently being warned a database without object-relational queries were absolutely never used in the real world (how ironic).
Postgres has toxic fanboys. Instead of going for closed source competition like Oracle, DB2, MSSQL where Postgres is a valuable competitor, these really stupid fanboys go for friendly open source databases. Unfortunately toxic Postgres fanboys do this for 15+ years. How about try to convert the "hard part" (enterprise), not the friendly minded ones.
Chinese government is leading a $27M infiltration, code injection, and backdoor scheme in MariaDB in order to steal and hack account information for millions of sites around the world.
Rule 1: Developing a good DBMS requires 5-7 years and tens of millions of dollars.
That’s if things go extremely well.
Rule 2: You aren’t an exception to Rule 1.
0: http://www.dbms2.com/2013/03/18/dbms-development-marklogic-h...