PgConf.Russia 2020

In the report I will talk about how Zabbix appeared in our company, how we lived with Oracle, why we decided to switch to PostgreSQL, what problems we had during the transition, and what software seemed like a good choice for working with PostgreSQL.

Patroni and Stolon are two of the most popular and advanced solutions for orchestrating PostgreSQL and ensuring auto-failover for clusters with the Leader-Followers configuration. However, engineers who migrate from good old tools like Corosync&Pacemaker or built-in solutions of other DBMS often run into issues when installing these tools and figuring out the purpose of each component.
In this tutorial, we will go through a typical installation procedure of Patroni and Stolon clusters on virtual machines (not in containers), as well as review their behavior in case of various infrastructure failures. The whole process will be demonstrated on three vagrant virtual machines with pre-built images. You can follow along on your own system if you set up the required environment.

Role-based access control (RBAC) is one of the main mechanisms used for access control in many DBMS, including PostgreSQL. This model is a sub-type of traditional discretionary access control with its restrictions. In addition to DAC, many operating systems also use mandatory access control (MAC) based on security labels. This additional security mechanism is obligatory for protecting information that demands higher levels of security. Naturally, we would like to use MAC within DBMS when working in OS with mandatory access control switched on.
In this talk, we'll give an overview of existing MAC implementations in DBMS, as well as share our approach to using security mechanisms provided by SELinux, the sepgsql extension for PostgreSQL, and the standard mechanism of row-level security (RLS), which has been available in PostgreSQL starting from version 9.5.
In our presentation, we will use the "Airlines" demo database provided by the Postgres Professional company to show how to protect sensitive information and personal data, compare different ways of storing security labels, and assess performance of our solution.

Moscow public transport vehicles when moving report their coordinates via GLONASS. Collected data is used for various analyses including timetable development, bottlenecks detection and planning the bus lanes. Until recently we used the PostGIS extension for this purpose but now we are switching to a new PG extension — MobilityDB — designed especially for geodata time series processing. I have compared the table size and the performance of our solution without and with MobilityDB and happy to present the results.