Другие доклады
-
Andrei Salnikov Data Egret
Tracking poor queries
Tracking poor queries is an infinity quest for developers, who works with databases. Often we think that it is guilty the slow and big queries. But what to do if we do not have that kind of queries between backend and database? Which kind of queries should we looking for? What tools should be used for that work? This talk will cover all these questions.
-
Álvaro Hernández OnGres
StackGres: Cloud-Native PostgreSQL on Kubernetes
An enterprise-grade PostgreSQL requires many complementary technologies to the database core: high availability and automated failover, monitoring and alerting, centralized logging, connection pooling, etc. That is, a stack of components around PostgreSQL. Kubernetes has enabled a new model to deploy software abstracting away the infrastructure. However, containers are not lightweight VMs, and the packing of software paradigms that work on VMs are not valid on containers/Kubernetes. How should be PostgreSQL and its stack be deployed on Kubernetes? Enter StackGres. An open source software that is the result of re-engineering PostgreSQL to become cloud native. Join this talk to learn and see demos of how to generate PostgreSQL minimal containers; how the sidecar pattern is used (abused) to integrate PostgreSQL’s stack components, and how the networking and storage are handled. More info: stackgres.io.
-
Игорь Косенков Postgres Professional
Deploying a fault-tolerant PostgreSQL cluster on pacemaker
Corosync & pacemaker is a well known solution for creating fault-tolerant clusters. Such clusters can contain 3 working nodes or 2 working nodes and one voting-only node. The cluster can be deployed on physical or virtual servers.
This tutorial will demonstrate the process of installation and tuning of a PostgreSQL fault-tolerant cluster. You will learn that it is not so difficult as seems to be from the first glance.
-
Николай Чадаев Postgres ProfessionalValery Popov Postgres Professional
Building protected databases using mandatory access control in PostgreSQL
Role-based access control (RBAC) is one of the main mechanisms used for access control in many DBMS, including PostgreSQL. This model is a sub-type of traditional discretionary access control with its restrictions. In addition to DAC, many operating systems also use mandatory access control (MAC) based on security labels. This additional security mechanism is obligatory for protecting information that demands higher levels of security. Naturally, we would like to use MAC within DBMS when working in OS with mandatory access control switched on.
In this talk, we'll give an overview of existing MAC implementations in DBMS, as well as share our approach to using security mechanisms provided by SELinux, the sepgsql extension for PostgreSQL, and the standard mechanism of row-level security (RLS), which has been available in PostgreSQL starting from version 9.5.
In our presentation, we will use the "Airlines" demo database provided by the Postgres Professional company to show how to protect sensitive information and personal data, compare different ways of storing security labels, and assess performance of our solution.