MongoDB topology design : scalability, security, and compliance on a global scale

MongoDB topology design : scalability, security, and compliance on a global scale / Nicholas Cottrell.

Create a world-class MongoDB cluster that is scalable, reliable, and secure. Comply with mission-critical regulatory regimes such as the European Unions General Data Protection Regulation (GDPR). Whether you are thinking of migrating to MongoDB or need to meet legal requirements for an existing self...

Full description

Saved in:
Bibliographic Details
Main Author: Cottrell, Nicholas (Author)
Format: eBook
Language:English
Published: [California] : Apress, [2020]
Subjects:
MongoDB.
MongoDB
Database management.
Object-oriented databases.
Open source software.
Databases.
Computers > Database Management > General.
Database management
Object-oriented databases
Open source software
Online Access:Click for online access
Table of Contents:
  • Intro
  • Table of Contents
  • About the Author
  • About the Technical Reviewer
  • Acknowledgments
  • Chapter 1: Core Concepts
  • Key features of MongoDB
  • Differences to "traditional databases"
  • Terminology
  • Storage engines
  • Binary JSON
  • Data files
  • Concurrency
  • Relationships
  • Referential integrity
  • ACID compliance
  • Atomicity
  • Consistency
  • Isolation
  • Bulk operations
  • Durability
  • Journal and flushing
  • Scaling
  • Replication
  • Syncing
  • Elections
  • Lag/staleness
  • Oplog window
  • Read preference
  • States
  • Sharding
  • Chunks
  • Choice of shard key
  • Balancer
  • Shard distribution
  • Pre-splitting
  • Ascending shard keys and hot shards
  • Architecture choices
  • Computing resources
  • Memory
  • Storage
  • Bandwidth and latency
  • Horizontal scaling
  • Round-trip latency
  • Private vs. cloud
  • Logical databases
  • Key takeaways
  • Chapter 2: Fault-Tolerant Design
  • Special nodes
  • Arbiters
  • Hidden secondary
  • Delayed secondary
  • Partial restores
  • Nonvoting secondary
  • Avoiding failure
  • Points of failure
  • Reserve capacity
  • Automatic failover
  • Designing for flexibility
  • DNS not IP
  • Auto-discovery
  • Planned downtime
  • Multiple routers
  • Rolling maintenance
  • Clean step-down
  • Tooling failover
  • Failure scenarios
  • Network partition
  • Hardware failure
  • Remote DC failure
  • Storage volume failure
  • Network degradation
  • Shared VM hosts
  • Shared storage area network
  • Unbalanced hardware
  • Key takeaways
  • Chapter 3: Security
  • Local access
  • Network hardening
  • Firewalls with iptables
  • Limit interfaces with bindIp
  • Customize ports
  • Filesystem
  • Authentication
  • Passwords vs. keyfiles
  • Connecting with passwords
  • Keyfiles
  • x.509 certificates
  • Client authentication
  • External authentication
  • Encrypted connections
  • TLS 1.2
  • Encryption at rest
  • Backups
  • Auditing, obfuscation of logs
  • Proactive security
  • Server-side JavaScript
  • Input validation and injection attacks
  • where operator
  • SELinux
  • Binary monitoring
  • Certification
  • Checklist
  • Chapter 4: Compliance and GDPR
  • General Data Protection Regulation
  • Privacy by design
  • Caveats
  • Data protection
  • Key concepts
  • Personally identifiable information
  • Definitions
  • Representatives
  • Data portability
  • Data size
  • Retention of personal data
  • Automatic removal
  • Custom redaction
  • Right to be forgotten
  • Product guarantees
  • Avoid dated collections
  • Data flows
  • Processing data
  • End-to-end data encryption
  • Data storage
  • Data mapping
  • Auditing changes
  • Validation
  • Pseudonymization
  • Generalizing data
  • Encryption at rest
  • Backups
  • Regulations around the world
  • US healthcare
  • California
  • India
  • Canada
  • China
  • Russia
  • Design recommendations
  • Field-level encryption
  • Views
  • Separate permissions
  • Data leaks
  • Sharding
  • Logging
  • Minimize vulnerabilities
  • Summary
  • Chapter 5: Basic Topologies
  • Introduction

Similar Items