Ivan Frolkov
Ivan Frolkov Postgres Professional
12:15 04 February
45 мин

Transaction Isolation Levels in PostgreSQL

Everyone has heard something about transaction isolation levels, but oddly enough, almost no one can clearly explain what it is any why it is important. At the same time, for many operations, it is critical to have a clear understanding of isolation levels and how they can affect the result. Indeed, if a customer has been paid twice and the developer has to pay back the losses, it won't seem unimportant. We'll discuss how to avoid such unpleasant situations.



Другие доклады

  • Dmitry Ursegov
    Dmitry Ursegov Postgres Professional
    22 мин

    Working with external data in Greenplum, examples of Kafka and ClickHouse connectors development

    Greenplum is a horizontal scalable database based on PostgreSQL core. It is used for OLAP workloads and a standard task is to quickly load or unload large amounts of data. The external data resources are usually another distributed systems. In this talk I will show how Greenplum can work with external data. What is the architecture and performance of external and foreign tables and how to handle streaming data. What will be changed in the next version. The examples of Kafka and ClickHouse connectors development.

  • Valery Popov
    Valery Popov Postgres Professional
    Николай Чадаев
    Николай Чадаев Postgres Professional
    45 мин

    Building protected databases using mandatory access control in PostgreSQL

    Role-based access control (RBAC) is one of the main mechanisms used for access control in many DBMS, including PostgreSQL. This model is a sub-type of traditional discretionary access control with its restrictions. In addition to DAC, many operating systems also use mandatory access control (MAC) based on security labels. This additional security mechanism is obligatory for protecting information that demands higher levels of security. Naturally, we would like to use MAC within DBMS when working in OS with mandatory access control switched on.
    In this talk, we'll give an overview of existing MAC implementations in DBMS, as well as share our approach to using security mechanisms provided by SELinux, the sepgsql extension for PostgreSQL, and the standard mechanism of row-level security (RLS), which has been available in PostgreSQL starting from version 9.5.
    In our presentation, we will use the "Airlines" demo database provided by the Postgres Professional company to show how to protect sensitive information and personal data, compare different ways of storing security labels, and assess performance of our solution.

  • Георгий Рылов
    Георгий Рылов Яндекс
    22 мин

    WAL-G: new features and expansion of the community

    Open-source maintainers face many challenges as projects grow. How to write more required features, fix more issues and have time to watch more pull requests? On the example of WAL-G(backup tool for PostgreSQL) I will tell you about how we solved these problems by launching a course of Open-source development at Ural Federal University, what we achieved and what will we do next.

  • Pavel Konotopov
    Pavel Konotopov inCountry
    Leonid Albrecht
    Leonid Albrecht InCountry
    45 мин

    Building the Enterprise infrastructure with PostgreSQL as the basis for storing personal data

    In my talk, I will tell how we built a geographically distributed system of personal data storage based on Open Source software and PostgreSQL. The concept of the inCountry business is to provide customers with a ready-to-use infrastructure for personal data storage. Our business customers are ensured that their customer’s personal data is securely stored within their country’s borders. We wrote an API and SDK and built a variety of services. Our system complies with generally accepted security standards (SOC Type 1, Type 2, PCI DSS, etc.). We built our infrastructure with Consul, Nomad, and Vault, used PostgreSQL, ElasticSearch as a storage system, Nginx, Jenkins, Artifactory, other tools to automate management and deployment. We have assembled our development and management teams - DevOps, Security, Monitoring, and DBA. We use both cloud providers and bare-metal servers located in different regions of the world. Development of the system architecture and ensuring the stability of the infrastructure, consistent and secure operation of all its components is the main task facing our teams.