Book Image

PostgreSQL 16 Administration Cookbook

By : Gianni Ciolli, Boriss Mejías, Jimmy Angelakos, Vibhor Kumar, Simon Riggs
5 (1)
Book Image

PostgreSQL 16 Administration Cookbook

5 (1)
By: Gianni Ciolli, Boriss Mejías, Jimmy Angelakos, Vibhor Kumar, Simon Riggs

Overview of this book

PostgreSQL has seen a huge increase in its customer base in the past few years and is becoming one of the go-to solutions for anyone who has a database-specific challenge. This PostgreSQL book touches on all the fundamentals of Database Administration in a problem-solution format. It is intended to be the perfect desk reference guide. This new edition focuses on recipes based on the new PostgreSQL 16 release. The additions include handling complex batch loading scenarios with the SQL MERGE statement, security improvements, running Postgres on Kubernetes or with TPA and Ansible, and more. This edition also focuses on certain performance gains, such as query optimization, and the acceleration of specific operations, such as sort. It will help you understand roles, ensuring high availability, concurrency, and replication. It also draws your attention to aspects like validating backups, recovery, monitoring, and scaling aspects. This book will act as a one-stop solution to all your real-world database administration challenges. By the end of this book, you will be able to manage, monitor, and replicate your PostgreSQL 16 database for efficient administration and maintenance with the best practices from experts.

Related Content you might be interested in

Current Title:

Small book image
PostgreSQL 16 Administration Cookbook
Gianni Ciolli | Boriss Mejías | Jimmy Angelakos | Vibhor Kumar | Simon Riggs
Dec, 2023 | 636 pages
Small book image
Learn PostgreSQL
Enrico Pirozzi | Luca Ferrari
Oct, 2023 | 744 pages
Small book image
PostgreSQL 10 High Performance
Enrico Pirozzi
Apr, 2018 | 508 pages
Small book image
Learning PostgreSQL 11
Andrey Volkov | Salahaldin Juba
Jan, 2019 | 556 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
First Steps
First Steps
Introducing PostgreSQL 16
How to get PostgreSQL
Connecting to the PostgreSQL server
Enabling access for network/remote users
Using the pgAdmin 4 GUI tool
Using the psql query and scripting tool
Changing your password securely
Avoiding hardcoding your password
Using a connection service file
Troubleshooting a failed connection
PostgreSQL in the cloud
PostgreSQL with Kubernetes
PostgreSQL with TPA
2
Exploring the Database
Exploring the Database
What type of server is this?
What version is the server?
What is the server uptime?
Locating the database server files
Locating the database server’s message log
Locating the database’s system identifier
Listing databases on the database server
How many tables are there in a database?
How much disk space does a database use?
How much memory does a database currently use?
How much disk space does a table use?
Which are my biggest tables?
How many rows are there in a table?
Quickly estimating the number of rows in a table
Listing extensions in this database
Understanding object dependencies
3
Server Configuration
Server Configuration
Read the fine manual (RTFM)
Planning a new database
Setting the configuration parameters for the database server
Setting the configuration parameters in your programs
Finding the configuration settings for your session
Finding parameters with non-default settings
Setting parameters for particular groups of users
A basic server configuration checklist
Adding an external module to PostgreSQL
Using an installed module/extension
Managing installed extensions
4
Server Control
Server Control
An overview of controlling the database server
Starting the database server manually
Stopping the server safely and quickly
Stopping the server in an emergency
Reloading server configuration files
Restarting the server quickly
Preventing new connections
Restricting users to only one session each
Pushing users off the system
Deciding on a design for multitenancy
Using multiple schemas
Giving users their own private databases
Running multiple servers on one system
Setting up a connection pool
Accessing multiple servers using the same host and port
Running multiple PgBouncer on the same port to leverage multiple cores
5
Tables and Data
Tables and Data
Choosing good names for database objects
Handling objects with quoted names
Identifying and removing duplicates
Preventing duplicate rows
Finding a unique key for a set of data
Generating test data
Randomly sampling data
Loading data from a spreadsheet
Loading data from flat files
Making bulk data changes using server-side procedures with transactions
Dealing with large tables with table partitioning
Finding good candidates for partition keys
Consolidating data with MERGE
Deciding when to use JSON data types
6
Security
Security
An overview of PostgreSQL security
The PostgreSQL superuser
Revoking user access to tables
Granting user access to a table
Granting user access to specific columns
Granting user access to specific rows
Creating a new user
Temporarily preventing a user from connecting
Removing a user without dropping their data
Checking whether all users have a secure password
Giving limited superuser powers to specific users
Auditing database access
Always knowing which user is logged in
Integrating with LDAP
Connecting using encryption (SSL / GSSAPI)
Using SSL certificates to authenticate
Mapping external usernames to database roles
Using column-level encryption
Setting up cloud security using predefined roles
7
Database Administration
Database Administration
Writing a script that either succeeds entirely or fails entirely
Writing a psql script that exits on the first error
Using psql variables
Placing query output into psql variables
Writing a conditional psql script
Investigating a psql error
Setting the psql prompt with useful information
Using pgAdmin for DBA tasks
Scheduling jobs for regular background execution
Performing actions on many tables
Adding/removing columns on a table
Changing the data type of a column
Changing the definition of an enum data type
Adding a constraint concurrently
Adding/removing schemas
Moving objects between schemas
Adding/removing tablespaces
Moving objects between tablespaces
Accessing objects in other PostgreSQL databases
Accessing objects in other foreign databases
Making views updatable
Using materialized views
Using GENERATED data columns
Using data compression
8
Monitoring and Diagnosis
Monitoring and Diagnosis
Cloud-native monitoring
Providing PostgreSQL information to monitoring tools
Real-time viewing using pgAdmin
Monitoring the PostgreSQL message log
Checking whether a user is connected
Checking whether a computer is connected
Repeatedly executing a query in psql
Checking which queries are running
Monitoring the progress of commands
Checking which queries are active or blocked
Knowing who is blocking a query
Killing a specific session
Knowing whether anybody is using a specific table
Knowing when a table was last used
Monitoring I/O statistics
Usage of disk space by temporary data
Understanding why queries slow down
Analyzing the real-time performance of your queries
Tracking important metrics over time
9
Regular Maintenance
Regular Maintenance
Controlling automatic database maintenance
Avoiding auto-freezing
Removing issues that cause bloat
Actions for heavy users of temporary tables
Identifying and fixing bloated tables and indexes
Monitoring and tuning a vacuum
Maintaining indexes
Finding unused indexes
Carefully removing unwanted indexes
Planning maintenance
10
Performance and Concurrency
Performance and Concurrency
Finding slow SQL statements
Finding out what makes SQL slow
Reducing the number of rows returned
Simplifying complex SQL queries
Speeding up queries without rewriting them
Discovering why a query is not using an index
Forcing a query to use an index
Using parallel query
Using Just-In-Time (JIT) compilation
Creating time-series tables using partitioning
Using optimistic locking to avoid long lock waits
Reporting performance problems
11
Backup and Recovery
Backup and Recovery
Understanding and controlling crash recovery
Planning your backups
Hot logical backup of one database
Hot logical backup of all databases
Backup of database object definitions
A standalone hot physical backup
Hot physical backups with Barman
Recovery of all databases
Recovery to a point in time
Recovery of a dropped/damaged table
Recovery of a dropped/damaged database
Extracting a logical backup from a physical one
Improving the performance of logical backup/recovery
Improving the performance of physical backup/recovery
Validating backups
12
Replication and Upgrades
Replication and Upgrades
Replication concepts
Replication best practices
Setting up streaming replication
Setting up streaming replication security
Hot Standby and read scalability
Managing streaming replication
Using repmgr
Using replication slots
Setting up replication with TPA
Setting up replication with CloudNativePG
Monitoring replication
Performance and synchronous replication (sync rep)
Delaying, pausing, and synchronizing replication
Logical replication
EDB Postgres Distributed
Archiving transaction log data
Upgrading minor releases
Major upgrades in-place
Major upgrades online
13
Other Books You May Enjoy
Other Books You May Enjoy
14
Index
Index

Avoiding hardcoding your password

We can all agree that hardcoding your password is a bad idea. This recipe shows you how to keep your password in a secure password file.

Getting ready

Not all database users need passwords; some databases use other means of authentication. Don’t perform this step unless you know you will be using password authentication and you know your password.

First, remove the hardcoded password from where you set it previously. Completely remove the password = xxxx text from the connection string in a program. Otherwise, when you test the password file, the hardcoded setting will override the details you are about to place in the file. Keeping the password hardcoded and in the password file is not any better. Using PGPASSWORD is not recommended either, so remove that as well.

If you think someone may have seen your password, change it before placing it in the secure password file.

How to do it…

A password file contains the usual five fields that we require when connecting, as shown here:

host:port:dbname:user:password

An example of how to set this is as follows:

myhost:5432:postgres:sriggs:moresecure

The password file is located using an environment variable named PGPASSFILE. If PGPASSFILE is not set, a default filename and location must be searched for, as follows:

  • On *nix systems, look for ~/.pgpass.
  • On Windows systems, look for %APPDATA%\postgresql\pgpass.conf, where %APPDATA% is the application data subdirectory in the path (for me, that would be C:\).

    Note

    Don’t forget to set the file permissions on the file so that security is maintained. File permissions are not enforced on Windows, although the default location is secure. On *nix systems, you must issue the following command: chmod 0600 ~/.pgpass.

    If you forget to do this, the PostgreSQL client will ignore the .pgpass file. While the psql tool will issue a clear warning, many other clients will just fail silently, so don’t forget!

How it works…

Many people name the password file .pgpass, whether or not they are on Windows, so don’t get confused if they do this.

The password file can contain multiple lines. Each line is matched against the requested host:port:dbname:user combination until we find a line that matches. Then, we use that password.

Each item can be a literal value or *, a wildcard that matches anything. There is no support for partial matching. With appropriate permissions, a user can potentially connect to any database. Using the wildcard in the dbname and port fields makes sense, but it is less useful in other fields. The following are a few examples of wildcards:

  • myhost:5432:*:sriggs:moresecurepw
  • myhost:5432:perf:hannu:okpw
  • myhost:*:perf:gianni:sicurissimo

There’s more…

This looks like a good improvement if you have a few database servers. If you have many different database servers, you may want to think about using a connection service file instead (see the Using a connection service file recipe) or perhaps even storing details on a Lightweight Directory Access Protocol (LDAP) server.

Previous Section
End of Section 9
Next Section