Back To Schedule
Wednesday, October 21 • 03:00 - 03:30
Security and Traceability on Distributed Database Systems

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Managing a single PostgreSQL instance can be challenging when failures happen. Replicas can be added and promoted when needed. However, application traffic has to be redirected to the new primary. At OVHcloud, a major cloud computing provider in Europe, we use load balancers in front of our databases clusters on production. In that case, PostgreSQL sees then all client connections coming from those IP addresses. That means we couldn't base the pg_hba.conf settings on source IP addresses. That also means, in the logs, all slow queries, DDL queries, connections and disconnections are obfuscated. In a world where where security and traceability is a strong requirement for PCI DSS compliant infrastructures, we had to find a solution. This talk will present you our findings and how we could implement transparent load balancing in a distributed database system.

avatar for Julien Riou

Julien Riou

Tech Lead, OVHcloud
DBA since 2012 in the web hosting world. Open source DBMS specialist (PostgreSQL, MySQL). Currently Tech Lead in the databases team at OVHcloud, a major Cloud Computing provider in Europe.

avatar for Filip Hanaczewski

Filip Hanaczewski

DBA Manager, Percona

Wednesday October 21, 2020 03:00 - 03:30 EDT