Cette page est affichée en anglais. Une traduction française est en cours.
ConfigsJul 1, 2026·3 min de lecture

Alibaba Druid — High-Performance JDBC Connection Pool with Monitoring

A production-grade JDBC connection pool for Java that provides built-in SQL monitoring, wall-based security filtering, and detailed performance statistics.

Prêt pour agents

Installation agent prête

Cet actif peut être installé après choix du runtime, vérification du plan et exécution de la commande adaptée.

Native · 98/100Policy : autoriser
Surface agent
Tout agent MCP/CLI
Type
Skill
Installation
Single
Confiance
Confiance : Established
Point d'entrée
Alibaba Druid Overview
Commande d'installation directe
npx -y tokrepo@latest install f53bfd3c-7526-11f1-9bc6-00163e2b0d79 --target codex

À exécuter après confirmation du plan en dry-run.

Introduction

Alibaba Druid is a JDBC connection pool designed for monitoring and performance analysis. Beyond pooling connections, it provides a built-in web console that displays SQL execution statistics, slow query logs, and connection usage in real time.

What Alibaba Druid Does

  • Manages JDBC connection pooling with configurable min/max pool sizes and timeouts
  • Collects per-SQL execution metrics including count, time, rows, and error rate
  • Provides a built-in web dashboard (StatViewServlet) for real-time monitoring
  • Includes a WallFilter that blocks SQL injection patterns at the driver level
  • Supports SQL parsing and formatting for MySQL, PostgreSQL, Oracle, and SQL Server

Architecture Overview

Druid wraps the standard JDBC DataSource interface and intercepts every SQL call through a filter chain. The StatFilter collects timing and count data per SQL template. The WallFilter parses each statement through a dialect-specific SQL parser and rejects dangerous patterns. All statistics are stored in memory and exposed via a Servlet-based dashboard or JMX.

Self-Hosting & Configuration

  • Add druid-spring-boot-starter for automatic Spring Boot integration
  • Enable the stat view servlet in application.yml for the monitoring dashboard
  • Configure connection pool sizes via initialSize, minIdle, and maxActive
  • Set slowSqlMillis to flag queries exceeding your latency threshold
  • Optionally export metrics to Prometheus via the druid-spring-boot-actuator module

Key Features

  • Built-in SQL monitoring dashboard with no external dependencies
  • SQL injection firewall (WallFilter) that works at the connection pool level
  • Detailed per-SQL statistics: execution count, total time, max time, affected rows
  • Full SQL parser supporting 6+ database dialects
  • Connection leak detection with stack-trace logging

Comparison with Similar Tools

  • HikariCP — fastest raw throughput; Druid trades marginal speed for built-in monitoring and security
  • Apache DBCP2 — Apache's pool; Druid adds SQL-level metrics and the wall filter
  • c3p0 — legacy pool; Druid is more actively maintained with modern diagnostics
  • PgBouncer — PostgreSQL-specific external pooler; Druid is a JVM-embedded, database-agnostic solution

FAQ

Q: Is Druid slower than HikariCP? A: In raw connection-acquire benchmarks HikariCP is slightly faster, but Druid's monitoring overhead is negligible in most production workloads.

Q: Can I use Druid without Spring Boot? A: Yes. Druid works as a standalone DataSource in any Java application.

Q: Does the WallFilter protect against all SQL injection? A: It blocks common injection patterns at the SQL parser level, but should complement application-level parameterized queries, not replace them.

Q: How do I access the monitoring console? A: Enable stat-view-servlet and visit /druid/index.html on your application server.

Sources

Fil de discussion

Connectez-vous pour rejoindre la discussion.
Aucun commentaire pour l'instant. Soyez le premier à partager votre avis.

Actifs similaires