Skip to content

Commit

Permalink
Memgraph 2.17 docs (#680)
Browse files Browse the repository at this point in the history
* Memgraph 2.17 docs

* Docs

* Zoned datetime data type (#723)

* Document how zoned datetime is supported

* Fix formatting

* Update the Differences in Cypher implementation page

* Update min/max functions

* Revert "Zoned datetime data type (#723)" (#763)

This reverts commit 16c8157.

* [Memgraph 2.17 < ]Update Kubernetes docs  (#773)

* Init docs for kubernetes.

* Fixes.

* Update page.

* Update.

* Fix.

* Update pages/getting-started/install-memgraph/kubernetes.mdx

Co-authored-by: Katarina Supe <[email protected]>

* Update kubernetes.mdx

---------

Co-authored-by: Katarina Supe <[email protected]>
Co-authored-by: Kruno Golubic <[email protected]>

* [memgraph-2.17 < ] --restore-replication-state-startup default to true (#762)

* Replication changes

* Update config docs

---------

Co-authored-by: kgolubic <[email protected]>

* Memgrpah 2.17 release notes (#679)

* Initial commit

* Update release notes

* Update release notes

* Update styling

* Fix typo

* Update RN

* Update release notes

* Update RN

* Update Release notes

* Add HA changes for 2.17 (#749)

* add '#1932 discard request leadership on follower' changes from megraph

* add user other user actions from '#1981' PR

* add part for env flags

---------

Co-authored-by: kgolubic <[email protected]>

* new: Add Lab 2.14 release notes (#779)

Co-authored-by: Kruno Golubic <[email protected]>

* Fix the Cypher examples for ZonedDateTime (#782)

* Create if not exists 2.17 (#780)

* Added description for if not exists for users and roles

* Added changes to description for if not exists for users and roles

* Update role-based-access-control.mdx

* Update users.mdx

---------

Co-authored-by: Kruno Golubic <[email protected]>

* Update release notes

* Update RN

* [memgraph-2-17 < ] Debugging memgraph (#765)

* Debugging memgraph

* Updated documentation

* Add Docker Compose

* Add one more todo

* Grammarly

* Fix image path

* Move to new location

* Update help-center.md

* Fix typo (#783)

* Debugging image

* Remove TODO mark

---------

Co-authored-by: kgolubic <[email protected]>
Co-authored-by: Kruno Golubic <[email protected]>

* Update release notes

* Update direct download  links

* Bolt routing (#777)

* Update RN

* Update RN

* Add bolt server to the output (#728)

* Update RN

* Update RN

* Data recovery on startup (#793)

* Add flags

* Update flags and remove callout

* Add callout

* Update RN

* Update release notes

* Update values for Vertex (#791)

* Update

* Update Delta values

* Fix typo

* Update code

* Update values

* Update one

* Update calculations

---------

Co-authored-by: Ante Pušić <[email protected]>
Co-authored-by: Ante Javor <[email protected]>
Co-authored-by: Katarina Supe <[email protected]>
Co-authored-by: Andi <[email protected]>
Co-authored-by: Antonio Filipovic <[email protected]>
Co-authored-by: Toni <[email protected]>
Co-authored-by: tonijurjevic96 <[email protected]>
Co-authored-by: Josipmrden <[email protected]>
  • Loading branch information
9 people authored May 23, 2024
1 parent bf51440 commit 9f3dc02
Show file tree
Hide file tree
Showing 14 changed files with 591 additions and 110 deletions.
26 changes: 16 additions & 10 deletions pages/clustering/high-availability.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,7 @@ You can start the coordinator instance by specifying `--coordinator-id` and
queries related to high availability, so you cannot execute any data-oriented query on it. The coordinator port is used for the Raft protocol, which
all coordinators use to ensure the consistency of the cluster's state. Data instances are distinguished from coordinator instances by
specifying `--management-port` flag. This port is used for RPC network communication between the coordinator and data
instances. When started by default, the data instance is MAIN. All data instances should be started with the flag `--replication-restore-state-on-startup=true`
so that its role (MAIN or REPLICA) is restored on restart. The coordinator will ensure that no data inconsistency can happen during and after the instance's
instances. When started by default, the data instance is MAIN. The coordinator will ensure that no data inconsistency can happen during and after the instance's
restart. Once all instances are started, the user can start adding data instances to the cluster.

<Callout type="info">
Expand All @@ -61,6 +60,8 @@ Users only need to change the scheme which they use for connecting to coordinato
use `neo4j://<coordinator_ip_adresss>` to get an active connection to the current MAIN instance in the cluster. You can find examples of how to
use bolt+routing in different programming languages [here](https://github.com/memgraph/memgraph/tree/master/tests/drivers).

It is important to note that setting up the cluster (registration of data instances and coordinators, setting main) must be done using bolt connection since bolt+routing is only used for routing data-related
queries, not coordinator-based queries.

## Starting instances

Expand Down Expand Up @@ -358,6 +359,12 @@ When choosing a new MAIN in the failover procedure from the list of available RE
had more up-to-date data when the failover procedure was choosing a new MAIN but was down at that point when rejoining the cluster, the new MAIN instance sends a force sync RPC request to such instance. Force sync
RPC request deletes all current data on all databases on a given instance and accepts data from the current MAIN. This way cluster will always follow the current MAIN.


## Actions on follower coordinators

From follower coordinators you can only execute `SHOW INSTANCES`. Registration of data instance, unregistration of data instances, demoting instance, setting instance to MAIN and force reseting cluster state
are all disabled.

## Instances' restart

### Data instances' restart
Expand Down Expand Up @@ -393,32 +400,32 @@ This example will show how to set up a highly available cluster in Memgraph usin

1. Start coordinator1:
```plaintext
docker run --name coord1 -p 7687:7687 -p 7444:7444 memgraph/memgraph-mage --bolt-port=7690 --log-level=TRACE --data-directory=/tmp/mg_data_coord1 --log-file=/tmp/coord1.log --also-log-to-stderr --coordinator-id=1 --coordinator-port=10111 --experimental-enabled=high-availability
docker run --name coord1 -p 7690:7690 -p 7444:7444 memgraph/memgraph-mage --bolt-port=7690 --log-level=TRACE --data-directory=/tmp/mg_data_coord1 --log-file=/tmp/coord1.log --also-log-to-stderr --coordinator-id=1 --coordinator-port=10111 --experimental-enabled=high-availability
```

2. Start coordinator2:
```plaintext
docker run --name coord2 -p 7688:7688 -p 7445:7444 memgraph/memgraph-mage --bolt-port=7691 --log-level=TRACE --data-directory=/tmp/mg_data_coord2 --log-file=/tmp/coord2.log --also-log-to-stderr --coordinator-id=2 --coordinator-port=10112 --experimental-enabled=high-availability
docker run --name coord2 -p 7691:7691 -p 7445:7444 memgraph/memgraph-mage --bolt-port=7691 --log-level=TRACE --data-directory=/tmp/mg_data_coord2 --log-file=/tmp/coord2.log --also-log-to-stderr --coordinator-id=2 --coordinator-port=10112 --experimental-enabled=high-availability
```

3. Start coordinator3:
```plaintext
docker run --name coord3 -p 7689:7689 -p 7446:7444 memgraph/memgraph-mage --bolt-port=7692 --log-level=TRACE --data-directory=/tmp/mg_data_coord3 --log-file=/tmp/coord3.log --also-log-to-stderr --coordinator-id=3 --coordinator-port=10113 --experimental-enabled=high-availability
docker run --name coord3 -p 7692:7692 -p 7446:7444 memgraph/memgraph-mage --bolt-port=7692 --log-level=TRACE --data-directory=/tmp/mg_data_coord3 --log-file=/tmp/coord3.log --also-log-to-stderr --coordinator-id=3 --coordinator-port=10113 --experimental-enabled=high-availability
```

4. Start instance1:
```plaintext
docker run --name instance1 -p 7690:7690 -p 7447:7444 memgraph/memgraph-mage --bolt-port=7687 --log-level=TRACE --data-directory=/tmp/mg_data_instance1 --log-file=/tmp/instance1.log --also-log-to-stderr --replication-restore-state-on-startup=true --management-port=10011 --experimental-enabled=high-availability
docker run --name instance1 -p 7687:7687 -p 7447:7444 memgraph/memgraph-mage --bolt-port=7687 --log-level=TRACE --data-directory=/tmp/mg_data_instance1 --log-file=/tmp/instance1.log --also-log-to-stderr --management-port=10011 --experimental-enabled=high-availability
```

5. Start instance2:
```plaintext
docker run --name instance2 -p 7691:7691 -p 7448:7444 memgraph/memgraph-mage --bolt-port=7688 --log-level=TRACE --data-directory=/tmp/mg_data_instance2 --log-file=/tmp/instance2.log --also-log-to-stderr --replication-restore-state-on-startup=true --management-port=10012 --experimental-enabled=high-availability
docker run --name instance2 -p 7688:7688 -p 7448:7444 memgraph/memgraph-mage --bolt-port=7688 --log-level=TRACE --data-directory=/tmp/mg_data_instance2 --log-file=/tmp/instance2.log --also-log-to-stderr --management-port=10012 --experimental-enabled=high-availability
```

6. Start instance3:
```plaintext
docker run --name instance3 -p 7692:7692 -p 7449:7444 memgraph/memgraph-mage --bolt-port=7689 --log-level=TRACE --data-directory=/tmp/mg_data_instance3 --log-file=/tmp/instance3.log --also-log-to-stderr --replication-restore-state-on-startup=true --management-port=10013 --experimental-enabled=high-availability
docker run --name instance3 -p 7689:7689 -p 7449:7444 memgraph/memgraph-mage --bolt-port=7689 --log-level=TRACE --data-directory=/tmp/mg_data_instance3 --log-file=/tmp/instance3.log --also-log-to-stderr --management-port=10013 --experimental-enabled=high-availability
```

### Register instances
Expand Down Expand Up @@ -470,14 +477,13 @@ SET INSTANCE instance_3 TO MAIN;
Let's say that the current MAIN instance is down for some reason. After `--instance-down-timeout-sec` seconds, the coordinator will realize
that and automatically promote the first alive REPLICA to become the new MAIN. The output of running `SHOW INSTANCES` on the leader coordinator could then look like:


| name | bolt_server | coordinator_server | management_server | health | role | last_succ_resp_ms |
| ------------- | -------------- | ------------------ | ----------------- | ------ | ----------- | ------------------|
| coordinator_1 | 0.0.0.0:7690 | 127.0.0.1:10111 | "" | up | coordinator | 0 |
| coordinator_2 | 127.0.0.1:7691 | 127.0.0.1:10112 | "" | up | coordinator | 34 |
| coordinator_3 | 127.0.0.1:7692 | 127.0.0.1:10113 | "" | up | coordinator | 28 |
| instance_1 | 127.0.0.1:7687 | "" | 127.0.0.1:10011 | up | main | 61 |
| instance_2 | 127.0.0.1:7688 | "" | 127.0.0.1:10012 | up | replica | 74 |
| instance_3 | 127.0.0.1:7689 | "" | 127.0.0.1:10013 | down | unknown | 72 |
| instance_3 | 127.0.0.1:7689 | "" | 127.0.0.1:10013 | down | unknown | 71222 |

</Steps>
18 changes: 7 additions & 11 deletions pages/clustering/replication.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,7 @@ import { Callout } from 'nextra/components'

# Replication

<Callout type="warning">

Memgraph 2.9 introduced a new configuration flag
`--replication-restore-state-on-startup`, which is `false` by default.
<Callout>

Instances need to remember their role and configuration details in a replication
cluster upon restart, and the `--replication-restore-state-on-startup` needs to be
Expand Down Expand Up @@ -132,10 +129,9 @@ cluster](#set-up-a-replication-cluster).
Each Memgraph instance has the role of the MAIN instance when it is first
started.

Also, by default, each crashed instance restarts as a MAIN instance disconnected
from any replication cluster. To change this behavior, set the
`--replication-restore-state-on-startup` to `true` when first initializing the
instance.
Also, by default, each crashed instance restarts with its previous role (MAIN as MAIN, REPLICA as REPLICA).
To change this behavior, set the `--replication-restore-state-on-startup` to `false` when
first initializing the instance. In this way, all instances will get restarted as MAIN.

### Assigning the REPLICA role

Expand Down Expand Up @@ -324,19 +320,19 @@ you need expose different ports for each instance.
The MAIN instance:

```
docker run -p 7687:7687 memgraph/memgraph-mage
docker run -p 7687:7687 memgraph/memgraph-mage --data-recovery-on-startup=true
```

REPLICA instance 1:

```
docker run -p 7688:7687 memgraph/memgraph-mage
docker run -p 7688:7687 memgraph/memgraph-mage --data-recovery-on-startup=true
```

REPLICA instance 2:

```
docker run -p 7689:7687 memgraph/memgraph-mage
docker run -p 7689:7687 memgraph/memgraph-mage --data-recovery-on-startup=true
```

You can connect to each instance using the Memgraph Lab desktop application, or any
Expand Down
1 change: 1 addition & 0 deletions pages/database-management/_meta.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
"authentication-and-authorization": "Authentication and authorization",
"backup-and-restore": "Backup and restore",
"configuration": "Configuration",
"debugging": "Debugging",
"enabling-memgraph-enterprise": "Enabling Memgraph Enterprise",
"logs": "Logs",
"monitoring": "Monitoring",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ might have different access levels than an employee's role. Through RBAC,
organizations efficiently ensure that users only access data relevant to their
role, enhancing security and minimizing risks.

With role-based access control, database administrator can assign various
priviledges to roles, but for even more control over who can access certain
With role-based access control, a database administrator can assign various
privileges to roles, but for even more control over who can access certain
data, Memgraph Enterprise offers [fine-grained access
control](/database-management/authentication-and-authorization/role-based-access-control#fine-grained-access-control).

Expand All @@ -23,10 +23,10 @@ control](/database-management/authentication-and-authorization/role-based-access
Each user can be assigned at most one user role. User roles are abstractions
that capture the privilege levels of a set of users.

For example, suppose that `Dominik` and `Marko` belong to upper management of a
For example, suppose that `Dominik` and `Marko` belong to the upper management of a
certain company. It makes sense to grant them a set of privileges that other
users are not entitled to so, instead of granting those privileges to each of
them, we can create a role with those privileges called `manager` which we
them, we can create a role with those privileges called `manager`, which we
assign to `Dominik` and `Marko`.

In other words, each privilege that is granted to a user role is automatically
Expand All @@ -35,13 +35,15 @@ to that user). Similarly, each privilege that is denied to a user role is
automatically denied to all users with that role (even if it has been
explicitly granted to that user).

To creat a user role, run the following query:
To create a user role, run the following query:

```cypher
CREATE ROLE role_name;
CREATE ROLE [IF NOT EXISTS] role_name;
```

To assigning a user with a certain user role, run the following query:
If a role already exists, you can use `IF NOT EXISTS` to only create new roles.

To assign a user with a certain user role, run the following query:

```cypher
SET ROLE FOR user_name TO role_name;
Expand Down Expand Up @@ -74,7 +76,7 @@ SHOW ROLES;
## Privileges

At the moment, privileges are confined to users' abilities to perform certain
`OpenCypher` queries. Namely users can be given permission to execute a subset
`OpenCypher` queries. Namely, users can be given permission to execute a subset
of the following commands:

| Privilege description | Clause |
Expand Down Expand Up @@ -110,7 +112,7 @@ role are denied that privilege. Otherwise, Memgraph will not execute that
specific query. Note that `DENY` is a stronger operation than `GRANT`. This is
also notable from the fact that if neither the user nor its role are explicitly
granted or denied a certain privilege, that user will not be able to perform
that specific query. This effect also is known as a silent deny. The information
that specific query. This effect is also known as a silent deny. The information
above is neatly condensed in the following table:

User Status | Role Status | Effective Status
Expand All @@ -125,7 +127,7 @@ NULL | GRANT | GRANT
NULL | DENY | DENY
NULL | NULL | DENY

Once the privilages are changed, they take full effect once the user reconnects
Once the privileges are changed, they take full effect once the user reconnects
to the database.

#### Grant privileges
Expand Down Expand Up @@ -172,12 +174,12 @@ raised by using `REVOKE`. For instance, if a user has been denied the `INDEX`
privilege, but the role it belongs to is granted that privilege, the user is
unable to use indexing features.

If the user's `INDEX` privilege is revoked, they will be able to do use indexing
features because his role is granted that privilege.
If the user's `INDEX` privilege is revoked, they will be able to use indexing
features because the role is granted that privilege.

#### Manage all privileges at once

To grant, deny or revoke all privileges use the `ALL PRIVILEGES` construct:
To grant, deny or revoke all privileges, use the `ALL PRIVILEGES` construct:

```cypher
GRANT ALL PRIVILEGES TO <user>;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,9 @@ and [auth system integrations](/database-management/authentication-and-authoriza
Creating a user can be done by executing the following command:

```cypher
CREATE USER user_name [IDENTIFIED BY 'password'];
CREATE USER [IF NOT EXISTS] user_name [IDENTIFIED BY 'password'];
```
If the user already exists, you can use `IF NOT EXISTS` to only create new users.

If the username is an email address, you need to enclose it in backticks (``` ` ```):

Expand All @@ -35,22 +36,22 @@ the `--auth-user-or-role-regex` flag to include spaces. For example,

If the user should authenticate themselves on each session, i.e. provide their
password on each session, the part within the brackets is mandatory. Otherwise,
the password is set to `null` and the user will be allowed to log-in using
the password is set to `null`, and the user will be allowed to log-in using
any password, provided that they use the correct username.

To set or alter a user's password run the following command:
To set or alter a user's password, run the following command:

```cypher
SET PASSWORD FOR user_name TO 'new_password';
```

Setting the users's password to null removes the password, allowing the user to
Setting the user's password to null removes the password, allowing the user to
log-in using any password:

```cypher
SET PASSWORD FOR user_name TO null;
```
To delete a user run the following command:
To delete a user, run the following command:

```cypher
DROP USER user_name;
Expand All @@ -68,7 +69,7 @@ appropriate values of `bcrypt`, `sha256` or `sha256-multiple`.

**BCrypt**
This algorithm is the default algorithm for password encryption. It's the most secure algorithm and has the best
protection against brute-force attack. However, if you're running connecting multiple concurrent enterprise users with
protection against brute-force attacks. However, if you're connecting multiple concurrent enterprise users with
passwords at the same time, it may not be the best choice for you as you might experience slower performance. The performance
is slower only during authentication of the users, and should not degrade once the connection has been established.

Expand Down
2 changes: 1 addition & 1 deletion pages/database-management/configuration.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -501,7 +501,7 @@ This section contains the list of all other releant flags used within Memgraph.
| --monitoring-port=7444 | Port on which the Memgraph's monitoring WebsScket server should listen. | `[int32]` |
| --password-encryption-algorithm=bcrypt | Algorithm used for password encryption. Defaults to BCrypt. Allowed values: `bcrypt`, `sha256`, `sha256-multiple` (SHA256 with multiple iterations) | `[string]` |
| --replication-replica-check-frequency-sec | The time duration in seconds between two replica checks/pings. If < 1, replicas will not be checked at all and the replica will never be recovered. The MAIN instance allocates a new thread for each REPLICA. | `[uint64]` |
| --replication-restore-state-on-startup | Set to `true` when initializing an instance to restore the replication role and configuration upon restart. | `[bool]` |
| --replication-restore-state-on-startup=true | Set to `true` when initializing an instance to restore the replication role and configuration upon restart. | `[bool]` |
| --telemetry-enabled=true | Set to true to enable telemetry. We collect information about the running system (CPU and memory information), information about the database runtime (vertex and edge counts and resource usage), and aggregated statistics about some features of the database (e.g. how many times a feature is used) to allow for an easier improvement of the product. | `[bool]` |
| --version | Show version and build info and exit. The default values is `false`. | `[bool]` |

Expand Down
Loading

1 comment on commit 9f3dc02

@vercel
Copy link

@vercel vercel bot commented on 9f3dc02 May 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Successfully deployed to the following URLs:

documentation – ./

nextra-docs-blush.vercel.app
documentation-git-main-memgraph.vercel.app
documentation-memgraph.vercel.app

Please sign in to comment.