Vijaykumar Jain cabecada
cabecada
/ gist:1c81a954b44a59a5be9ad5c1b5687dfe
Last active
April 30, 2024 17:11
pgbouncer ssl ident
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/pgbouncer/pgbouncer/issues/982 | |
| https://www.pgbouncer.org/config.html | |
| client -> pgbouncer(fe postgres server crt on 172.x.x.x) -> pgbouncer (be pgbouncer client crt) -> postgres (on 127.x.x.x) | |
| 519 openssl ecparam -name prime256v1 -genkey -noout -out ca.key | |
| 520 openssl req -new -x509 -sha256 -key ca.key -out ca.crt -subj "/CN=pg.mshome.net" | |
| 522 openssl ecparam -name prime256v1 -genkey -noout -out server.key | |
cabecada
/ gist:3d976d713530d555fa96086b4789a800
Last active
April 29, 2024 20:19
postgresql ssl server client root certs demo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.youtube.com/watch?v=FWK3lR6bSn8 | |
| https://www.postgresql.org/docs/current/auth-pg-hba-conf.html | |
| https://www.postgresql.org/docs/current/ssl-tcp.html | |
| https://www.cybertec-postgresql.com/en/setting-up-ssl-authentication-for-postgresql/ | |
| https://luppeng.wordpress.com/2021/08/07/create-and-install-ssl-certificates-for-postgresql-database-running-locally/ | |
| https://www.alibabacloud.com/blog/599116 | |
| pgbouncer | |
| https://www.crunchydata.com/blog/improving-pgbouncer-security-with-tlsssl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://blog.dalibo.com/2022/09/19/psycopg-pipeline-mode.html | |
| https://www.psycopg.org/psycopg3/docs/api/pq.html | |
| conn.pgconn.trace(sys.stderr.fileno()) | |
| conn.pgconn.set_trace_flags(pq.Trace.SUPPRESS_TIMESTAMPS | pq.Trace.REGRESS_MODE) | |
| conn.execute("select now()") | |
| F 13 Parse "" "BEGIN" 0 | |
| F 14 Bind "" "" 0 0 1 0 | |
| F 6 Describe P "" |
cabecada
/ gist:84b4af11372fd31a9b5951ac14de69dc
Created
April 29, 2024 10:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ./configure --prefix /opt/17/usr/local --enable-tap-tests --with-perl --with-python --with-openssl --enable-dtrace --enable-debug --enable-cassert CFLAGS="-ggdb -Og -g3 -fno-omit-frame-pointer -DLOCK_DEBUG -DBTREE_BUILD_STATS -DWAL_DEBUG" | |
| make | |
| make install | |
| export PATH=/opt/17/usr/local/bin:$PATH | |
| select name,setting from pg_settings where name ~ 'trace.*locks'; | |
| name | setting | |
| -----------------+--------- | |
| trace_locks | on |
cabecada
/ iam-policy.json
Created
April 23, 2024 07:02
— forked from quiver/iam-policy.json
How to connect to Amazon RDS PostgreSQL with IAM credentials
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "rds-db:connect" | |
| ], | |
| "Resource": [ | |
| "arn:aws:rds-db:region:account-id:dbuser:dbi-resource-id/database-user-name" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.postgresql.fastware.com/blog/how-to-fix-transaction-wraparound-in-postgresql | |
| wget https://github.com/postgres/postgres/archive/697f8d266cfb33409f7ccf3319f4448477066329.zip | |
| unzip 697f8d266cfb33409f7ccf3319f4448477066329.zip | |
| cd postgresql-16 | |
| ./configure --prefix /opt/16/usr/local --enable-tap-tests | |
| cd /var/lib/postgresql/postgres/postgres-16/src/test/modules/xid_wraparound | |
| make check PG_TEST_EXTRA='xid_wraparound' |
cabecada
/ gist:b5c23cfdd8c5c6711592502795390fa7
Created
April 2, 2024 06:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Accomplished System Architect with over 13 years of hands-on experience managing large-scale databases, including those of 10s of 60TB scale. Proficient in designing and implementing robust monitoring and logging solutions to ensure optimal performance and reliability. Demonstrated expertise in building highly scalable architectures capable of handling substantial data volumes while maintaining seamless operations. Solid experience in facilitating ease of migration, upgrades, and incident management processes, ensuring minimal disruption and downtime. Adept at generating insightful reports to provide stakeholders with comprehensive visibility into system health and performance metrics. Proven track record of optimizing database environments for maximum efficiency and resilience in dynamic business landscapes. | |
| Skills: | |
| Systems Architecture (Generl architecture meeting and discussions, making POCs in testlabs) | |
| Reliability Engineering (uptime, fault injection and tolerance, upgrades, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| postgres@pg:~/poc/patroni$ git status | |
| On branch master | |
| Your branch is up to date with 'origin/master'. | |
| Changes not staged for commit: | |
| (use "git add <file>..." to update what will be committed) | |
| (use "git restore <file>..." to discard changes in working directory) | |
| modified: Dockerfile.citus | |
| modified: docker-compose-citus.yml | |
| modified: postgres0.yml |
cabecada
/ gist:977e95f654a38a5e7e92418966b966e1
Last active
March 27, 2024 19:28
citus upgrade with ssl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| postgres@pg:~/demo$ cat post_upgrade.sh | |
| #!/bin/bash | |
| killall /usr/lib/postgresql/15/bin/postgres | |
| killall /usr/lib/postgresql/16/bin/postgres | |
| rm -rf /var/lib/postgresql/demo/15 | |
| rm -rf /var/lib/postgresql/demo/16 | |
| mkdir -p /var/lib/postgresql/demo/{15,16} |
cabecada
/ gist:5fa977b4478006bf99154c02b937f23b
Last active
March 26, 2024 18:28
index on foreign key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| postgres=# \d t1 | |
| Table "public.t1" | |
| Column | Type | Collation | Nullable | Default | |
| --------+---------+-----------+----------+--------- | |
| col1 | integer | | not null | | |
| col2 | text | | | | |
| Indexes: | |
| "t1_pkey" PRIMARY KEY, btree (col1) | |
| Referenced by: | |
| TABLE "t2" CONSTRAINT "t2_col2_fkey" FOREIGN KEY (col2) REFERENCES t1(col1) ON UPDATE CASCADE ON DELETE CASCADE |
NewerOlder