Introducing Crunchy Data Warehouse: A next-generation Postgres-native data warehouse. Crunchy Data Warehouse Learn more
Joe Conway
Joe Conway
If you run Linux in production for any significant amount of time, you have likely run into the "Linux Assassin" that is, the OOM ( out-of-memory ) killer. When Linux detects that the system is using too much memory, it will identify processes for termination and, well, assassinate them. The OOM killer has a noble role in ensuring a system does not run out of memory, but this can lead to unintended consequences. For years the PostgreSQL community has made recommendations on how to set up Lin...
Read MorePaul Laurence
Paul Laurence
There is increasing consensus that Postgres is a great choice of database for a broad range of use cases. As our friends at RedMonk have said: the answer is postgres, now what's the question again? ;-) — Elon Mook (@monkchips) April 29, 2017 You have a number of good options for how to run Postgres: run it in VMs, as a managed service or bare metal. Benjamin Good, a Google Cloud Solutions Architect, wrote a helpful blog post of when to run databases on Kubernetes ; a common question and increa...
Read MoreDave Cramer
Dave Cramer
My colleague @craigkerstiens recently wrote about some guidance for cleaning up your Postgres database . One of the things he mentioned in his post, "Don't put your logs or messages in your database." got a number of questions from people similar to: "But what do I do with my logs such as for an audit purpose?" Well there is a great answer and it does play really well with Postgres. The answer in many cases is, "Use Debezium." Debezium is built upon the Apache Kafka project and uses Kafka...
Read MoreJoe Conway
Joe Conway
Question: How do I get PostgreSQL to use FIPS 140-2 crypto ? The answer, to some extent, depends on how rigorously you need to be able to prove your answer. If the proof required is more than a casual check, the process is not well documented as far as I can tell. Therefore I will attempt to address that deficiency here. To be sure the crypto being used by PostgreSQL on a particular system is FIPS validated, you need to trace the chain of custody of the crypto software from the PostgreSQL backe...
Read MoreCraig Kerstiens
Craig Kerstiens
Last week I was on a call with someone giving an overview of Crunchy Bridge , our multi-cloud fully managed database as a service. During the call they asked about what was the best way to get a sense of how their database was doing, a health check if you will. I mentioned a few monitoring tools such as pganalyze and pgMonitor that were good options, but that we could also dig in live and see how things were. The person I was talking to was very similar to many of the customers we run dat...
Read MoreJonathan S. Katz
Jonathan S. Katz
" GitOps " is a term that I've been seeing come up more and more. The concept was first put forward by the team at Weaveworks as a way to consolidate thought around deploying applications. In essence: your deployment topology lives in your git repository. You can update your deployment information by adding a new commit. Likewise, if you need to revert your system's state, you can rollback to the commit that you want to represent your production environment. Any changes to your deployment topo...
Read MoreJonathan S. Katz
Jonathan S. Katz
TLS allows for the secure transmission of data between systems and is also a requirement of many production environments . Part of setting up TLS is ensuring anything communicating over a network within your system also has TLS. If you are not encrypting traffic between all your endpoints, you open yourself up to snooping. An earlier post describes how to set up PostgreSQL clusters with TLS on Kubernetes using the Crunchy Data PostgreSQL Operator . This setup works well for creating encrypte...
Read MoreJonathan S. Katz
Jonathan S. Katz
Ensuring data can be securely transmitted is a requirement of many production systems . PostgreSQL supports TLS as a means of encrypting network communication, verifying hosts, and allowing for certificate-based authentication . The TLS functionality of PostgreSQL is extendable into Kubernetes deployments. The Crunchy Data Postgres Operator has provided support for TLS since version 4.3, using Kubernetes Secrets for mounting the TLS components safely to each Pod. The PostgreSQL Operator does...
Read MorePaul Ramsey
Paul Ramsey
Building maps that use dynamic tiles from the database is a lot of fun: you get the freshest data, you don't have to think about generating a static tile set, and you can do it with very minimal middleware, using pg_tileserv . However, the day comes when it's time to move your application from development to production, what kinds of things should you be thinking about? Let's start with load . A public-facing site has potentially unconstrained load. PostGIS is fast at generating vector tiles.
Read MorePaul Laurence
Paul Laurence
While every year feels like the year of Postgres these days, 2012 did not. For most observers, 2012 was the year of "Big Data" as NoSQL technologies like Hadoop and MongoDB were demonstrating powerful new data management use cases. At the same time, Crunchy Data was still just an idea and was beginning to engage with various consumers of database technology on how this wave of new open source tools were impacting their data strategy. During these early discussions - and many since - we heard h...
Read More