Book Image

PostgreSQL Administration Cookbook, 9.5/9.6 Edition - Third Edition

Book Image

PostgreSQL Administration Cookbook, 9.5/9.6 Edition - Third Edition

Overview of this book

PostgreSQL is a powerful opensource database management system; now recognized as the expert's choice for a wide range of applications, it has an enviable reputation for performance and stability. PostgreSQL provides an integrated feature set comprising relational database features, object-relational, text search, Geographical Info Systems, analytical tools for big data and JSON/XML document management. Starting with short and simple recipes, you will soon dive into core features, such as configuration, server control, tables, and data. You will tackle a variety of problems a database administrator usually encounters, from creating tables to managing views, from improving performance to securing your database, and from using monitoring tools to using storage engines. Recipes based on important topics such as high availability, concurrency, replication, backup and recovery, as well as diagnostics and troubleshooting are also given special importance. By the end of this book, you will have all the knowledge you need to run, manage, and maintain PostgreSQL efficiently.
Table of Contents (13 chapters)

Setting up streaming replication security

Streaming replication is at least as secure as normal user connections to PostgreSQL.

Replication uses standard libpq connections, so we have all the normal mechanisms for authentication and SSL support, and all the firewall rules are similar.

Replication must be specifically enabled on both the sender and standby sides. Cascading replication does not require any additional security.

When performing a base backup, the pg_basebackup, pg_receivexlog, and pg_recvlogical utilities will use the same type of libpq connections as a running streaming standby. You can use other forms of base backup, such as rsync, though you'll need to manually set up the security configuration.

Standbys are identical copies of the master, so all users exist on all nodes with identical passwords. All of the data is identical (eventually) and all the permissions...