PostgreSQL

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved
PostgreSQL
Scott Mead
meads@amazon.com
Sr Consultant

What is PostgreSQL?
• A Relational Database Management System
• An Object Relational Database
– Can add First Class simple and
complex objects with methods,
that can be used in a
Relational Context
– Queries can be made with SQL
• Pronounced “POST-gress”
– The “QL” is silent

Open source database
In active development for over 20 years
Owned by a foundation, not a single company
Permissive innovation-friendly open source license
PostgreSQL Fast Facts
Open Source Initiative

High performance out of the box
Object-oriented and ANSI-SQL:2008 compatible
Most geospatial features of any open-source database
Supports stored procedures in 12 languages (Java, Perl,
Python, Ruby, Tcl, C/C++, its own Oracle-like PL/pgSQL, and
others)

Most Oracle-compatible open-source database
Highest AWS Schema Conversion Tool automatic
conversion rates are from Oracle to PostgreSQL

PostgreSQL Deployment Options
On-Premises Hosted Managed
EC2 DB Services

On-Premise PostgreSQL Deployment
Power, HVAC, net
Rack and stack
Server maintenance
OS patches
DB s/w patches
Database backups
Scaling
High availability
DB s/w installs
OS installation
you
App optimization

Hosting PostgreSQL on Amazon EC2
Power, HVAC, net
Rack and stack
Server maintenance
OS patches
DB s/w patches
Database backups
Scaling
High availability
DB s/w installs
OS installation
App optimization
you

Managed PostgreSQL on RDS or Aurora
Power, HVAC, net
Rack and stack
Server maintenance
OS patches
DB s/w patches
Database backups
App optimization
High availability
DB s/w installs
OS installation
Scaling
you

RDS: Security and Compliance
• Network isolation
• Database instance IP firewall
protection
• AWS IAM-based resource-level
permission controls
• Encryption at rest using AWS KMS or
Oracle/Microsoft TDE
• SSL protection for data in transit
• Assurance programs for finance,
healthcare, government, and more

Amazon Virtual Private Cloud (Amazon VPC)
Securely control network configuration
Availability Zone
AWS Region
10.1.0.0/16
10.1.1.0/24
Manage connectivity
AWS Direct
Connect
VPN
connection
VPC
peering
Internet
gateway
Routing
rules

RDS: IAM-Governed Access
Use AWS Identity and Access Management (IAM) to control who can perform
actions on Amazon RDS
Users and DBAApplications DBA and Ops
Your database RDS
Controlled with IAMControlled with database grants

RDS: At-Rest Encryption
• Two-tiered key hierarchy using envelope
encryption
• Unique data key encrypts customer data
• AWS KMS master keys encrypt data keys
• Available for all RDS engines
• Benefits:
• Limits risk of compromised data key
• Better performance for encrypting large
data
• Easier to manage small number of master
keys than millions of data keys
• Centralized access and audit of key activity
Leveraging AWS Key Management Service (AWS KMS)
Data key 1 Data key 2 Data key 3 Data key 4
Customer master
key(s)
Amazon RDS
instance 3
Amazon RDS
instance 2
Amazon RDS
instance 1

RDS: Compliance
Singapore MTCS
27001/9001
27017/27018

RDS: Effortless Scaling
• Scale compute/memory vertically up or down
• Handle higher load to grow over time
• Lower usage to control costs
Storage scaling
EBS Based—20 GB->6 TB & up to 30,000 IOPS
Aurora Based—Up to 64 TB

RDS: Backup and Disaster Recovery
• DB Snapshots
– User-driven snapshots of database
– Kept until explicitly deleted
• Automated Backups
– Nightly system snapshots + transaction backup
– Enables point-in-time restore to any point in retention period, up to the last
5 minutes
– Max retention period = 35 days
• Cross region copy
– Change regions
– Disaster recovery

RDS Availability—Read and Write—Multi-AZ
SecondarySecondary Primary
Physical
Synchronous
Replication
Primary
AZ1 AZ2
DNS
cname update
Application Application
Primary Update

RDS: Logical Replication Support
• Supported with 9.6.1+, 9.5.4+ and 9.4.9+
• Set rds.logical_replication parameter to 1
• As user who has rds_replication and rds_superuser role
SELECT * FROM pg_create_logical_replication_slot('test_slot',
'test_decoding');
pg_recvlogical -d postgres --slot test_slot -U master --host $rds_hostname -f -
--start
• Support for event triggers
RDS
Postgres
RDS
Postgres
Logical
Replica
Redshift
EC2
Postgres
On
Premise
Postgres
DMS
RDS/Aurora
PostgreSQL
Custom
Logical
Handler
NoSQL
DB

Amazon RDS for PostgreSQL
Supporting Latest Minor Releases
• 9.6.5
• 9.5.9
• 9.4.14
• 9.3.19
Now Available —PostgreSQL 10.1

Notable Features
• Support HugePages for RDS PostgreSQL
• Provides performance benefit for large instances
• Stop and start of RDS PostgreSQL instances
• New regions supported for RDS PostgreSQL
• China
• Brazil
• Support encryption at rest for
– T2 small/medium
– Cross-region Read Replicas
• Flexible RI

New PostgreSQL Extensions Supported
Extensions Description
pgrouting Provides geospatial routing functionality for PostGIS
postgresql-hll HyperLogLog data type support
decoder_raw Output plugin to generates raw queries for logical replication changes
pg_repack Remove bloat from tables and indexes in version 9.6.3
pgaudit Provide detailed session and object audit logging in versions 9.6.3 and 9.5.7
wal2json Output plugin for logical decoding in versions 9.6.3 and 9.5.7
auto_explain Log execution plans of slow statements automatically in versions 9.6.3 and 9.5.7
pg_hint_plan Provides control of execution plans by using hint phrases
log_fdw Extension to query your database engine logs within the database
pg_freespacemap Examine free space map

Extension—pgaudit (9.6.3+)
• CREATE ROLE rds_pgaudit
• Add pgaudit to shared_preload_libraries and pgaudit.role = rds_pgaudit in a
custom parameter group in PostgreSQL 9.6 family
• Apply the modified parameter group to 9.6.3+ database instance and apply immediately
• CREATE EXTENSION pgaudit
• Grant SELECT on all tables to rds_pgaudit to enable auditing
• GRANT SELECT ON t1 TO rds_pgaudit;
• Database logs will show entry as follows
• ... 2017-06-12 19:09:49 UTC:…:pgadmin@postgres:[11701]:LOG: AUDIT:
OBJECT,1,1,READ,SELECT,TABLE,public.t1,select * from t1; ...

Extension—pg_stat_statements
• CREATE EXTENSION pg_stat_statements
• SELECT * from pg_stat_statements order by total_time DESC;
-[ RECORD 2 ]-------+--------
userid | 16388
dbid | 16464
queryid | 4286627671
query | UPDATE pgbench_accounts SET abalance = abalance + ? WHERE aid = ?;
calls | 165125
total_time | 5251.54200000001
min_time | 0.015
max_time | 5.558
mean_time | 0.0318034337623008
stddev_time | 0.0369181019548524
rows | 165125
• SELECT substring(query, 1, 50) AS short_query,
round(total_time::numeric, 2) AS total_time, calls,
round(mean_time::numeric, 2) AS mean, round((100 * total_time
/sum(total_time::numeric) OVER ())::numeric, 2) AS percentage_cpu FROM
pg_stat_statements ORDER BY total_time DESC LIMIT 10;

PostgreSQL 9.6 + Amazon Aurora cloud-optimized storage
 Performance: 2x–3x higher throughput than PostgreSQL alone
 Availability: failover time of <30 seconds
 Durability: six copies across three Availability Zones
 Read Replicas: single-digit millisecond lag times on up to 15 replicas
Amazon Aurora Storage
Aurora PostgreSQL

Amazon Aurora Storage Engine Overview
• Data is replicated six times across three
Availability Zones
• Continuous backup to Amazon S3 (built for 11
9s durability)
• Continuous monitoring of nodes and disks for
repair
• 10 GB segments as unit of repair or hotspot
rebalance
• Quorum system for read/write; latency tolerant
• Quorum membership changes do not stall writes
• Storage volume automatically grows up to 64
TB
AZ 1 AZ 2 AZ 3
Amazon S3
Database
Node
Storage
Node
Storage
Node
Storage
Node
Storage
Node
Storage
Node
Storage
Node
Storage
Monitoring

RDS/Aurora PostgreSQL Monitoring
• Amazon CloudWatch metrics
– CPU utilization
– Storage
– Memory
– Swap usage
– DB connections
– I/O (read and write)
– Latency (read and write)
– Throughput (read and write)
– Replica lag
• Amazon CloudWatch alarms
– Similar to on-premises monitoring tools
• Enhanced Monitoring for Amazon RDS
– Access to over 50 CPU, memory, file
system, and disk I/O metrics
– Low as 1 second intervals
• Integration with third-party monitoring tools

Performance Insight: Simplifying Monitoring
• Dashboard displaying load on
database
– Easy
– Powerful
• Identifies source of
bottlenecks
– Top SQL
• Adjustable time frame
– Hour, day, week, month
– Up to 35 days of data
Max CPU

PostgreSQL Events and Logs

CloudWatch Metric—Max Used Trans IDs

aws.amazon.com/activate
Everything and Anything Startups
Need to Get Started on AWS

PostgreSQL

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to PostgreSQL

Similar to PostgreSQL (20)

More from Amazon Web Services

More from Amazon Web Services (20)

PostgreSQL