Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • PostgreSQL 10 Administration Cookbook
  • Toc
  • feedback
PostgreSQL 10 Administration Cookbook

PostgreSQL 10 Administration Cookbook

close
PostgreSQL 10 Administration Cookbook

PostgreSQL 10 Administration Cookbook

Overview of this book

PostgreSQL is a powerful, open source database management system with an enviable reputation for high performance and stability. With many new features in its arsenal, PostgreSQL 10 allows users to scale up their PostgreSQL infrastructure. This book takes a step-by-step, recipe-based approach to effective PostgreSQL administration. Throughout this book, you will be introduced to these new features such as logical replication, native table partitioning, additional query parallelism, and much more. You will learn how to tackle a variety of problems that are basically the pain points for any database administrator - from creating tables to managing views, from improving performance to securing your database. More importantly, the book pays special attention to topics such as monitoring roles, backup, and recovery of your PostgreSQL 10 database, ensuring high availability, concurrency, and replication. By the end of this book, you will know everything you need to know to be the go-to PostgreSQL expert in your organization.
Table of Contents (14 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Sections
Get in touch
Free Chapter
1
First Steps
chevron up
First Steps
Introduction
Getting PostgreSQL
Connecting to the PostgreSQL server
Enabling access for network/remote users
Using graphical administration tools
OmniDB
Using the psql query and scripting tool
Changing your password securely
Avoiding hardcoding your password
Using a connection service file
Troubleshooting a failed connection
2
Exploring the Database
Exploring the Database
Introduction
What version is the server?
What is the server uptime?
Locating the database server files
Locating the database server's message log
Locating the database's system identifier
Listing databases on this database server
How many tables are there in a database?
How much disk space does a database use?
How much disk space does a table use?
Which are my biggest tables?
How many rows are there in a table?
Quickly estimating the number of rows in a table
Listing extensions in this database
Understanding object dependencies
3
Configuration
Configuration
Introduction
Reading the fine manual
Planning a new database
Changing parameters in your programs
Finding the current configuration settings
Which parameters are at non-default settings?
Updating the parameter file
Setting parameters for particular groups of users
The basic server configuration checklist
Adding an external module to PostgreSQL
Using an installed module
Managing installed extensions
4
Server Control
Server Control
Introduction
Starting the database server manually
Stopping the server safely and quickly
Stopping the server in an emergency
Reloading the server configuration files
Restarting the server quickly
Preventing new connections
Restricting users to only one session each
Pushing users off the system
Deciding on a design for multitenancy
Using multiple schemas
Giving users their own private database
Running multiple servers on one system
Setting up a connection pool
Accessing multiple servers using the same host and port
5
Tables and Data
Tables and Data
Choosing good names for database objects
Handling objects with quoted names
Enforcing the same name and definition for columns
Identifying and removing duplicates
Preventing duplicate rows
Finding a unique key for a set of data
Generating test data
Randomly sampling data
Loading data from a spreadsheet
Loading data from flat files
6
Security
Security
Introduction
The PostgreSQL superuser
Revoking user access to a table
Granting user access to a table
Granting user access to specific columns
Granting user access to specific rows
Creating a new user
Temporarily preventing a user from connecting
Removing a user without dropping their data
Checking whether all users have a secure password
Giving limited superuser powers to specific users
Auditing database access
Always knowing which user is logged in
Integrating with LDAP
Connecting using SSL
Using SSL certificates to authenticate
Mapping external usernames to database roles
Encrypting sensitive data
7
Database Administration
Database Administration
Introduction
Writing a script that either succeeds entirely or fails entirely
Writing a psql script that exits on the first error
Using psql variables
Placing query output into psql variables
Writing a conditional psql script
Investigating a psql error
Performing actions on many tables
Adding/removing columns on a table
Changing the data type of a column
Changing the definition of a data type
Adding/removing schemas
Moving objects between schemas
Adding/removing tablespaces
Moving objects between tablespaces
Accessing objects in other PostgreSQL databases
Accessing objects in other foreign databases
Updatable views
Using materialized views
8
Monitoring and Diagnosis
Monitoring and Diagnosis
Providing PostgreSQL information to monitoring tools
Real-time viewing using pgAdmin or OmniDB
Checking whether a user is connected
Checking whether a computer is connected
Repeatedly executing a query in psql
Checking which queries are running
Checking which queries are active or blocked
Knowing who is blocking a query
Killing a specific session
Detecting an in-doubt prepared transaction
Knowing whether anybody is using a specific table
Knowing when a table was last used
Usage of disk space by temporary data
Understanding why queries slow down
Investigating and reporting a bug
Producing a daily summary of log file errors
Analyzing the real-time performance of your queries
9
Regular Maintenance
Regular Maintenance
Controlling automatic database maintenance
Avoiding auto-freezing and page corruptions
Removing issues that cause bloat
Removing old prepared transactions
Actions for heavy users of temporary tables
Identifying and fixing bloated tables and indexes
Monitoring and tuning vacuum
Maintaining indexes
Adding a constraint without checking existing rows
Finding unused indexes
Carefully removing unwanted indexes
Planning maintenance
10
Performance and Concurrency
Performance and Concurrency
Introduction
Finding slow SQL statements
Collect regular statistics from pg_stat* views
Finding out what makes SQL slow
Reducing the number of rows returned
Simplifying complex SQL queries
Speeding up queries without rewriting them
Discovering why a query is not using an index
Forcing a query to use an index
Using parallel query
Using optimistic locking
Reporting performance problems
11
Backup and Recovery
Backup and Recovery
Introduction
Understanding and controlling crash recovery
Planning backups
Hot logical backups of one database
Hot logical backups of all databases
Backups of database object definitions
Standalone hot physical database backup
Hot physical backup and continuous archiving
Recovery of all databases
Recovery to a point in time
Recovery of a dropped/damaged table
Recovery of a dropped/damaged database
Improving performance of backup/recovery
Incremental/differential backup and restore
Hot physical backups with Barman
Recovery with Barman
12
Replication and Upgrades
Replication and Upgrades
Replication concepts
Replication best practices
Setting up file-based replication – deprecated
Setting up streaming replication
Setting up streaming replication security
Hot Standby and read scalability
Managing streaming replication
Using repmgr
Using replication slots
Monitoring replication
Performance and synchronous replication
Delaying, pausing, and synchronizing replication
Logical replication
Bi-directional replication
Archiving transaction log data
Upgrading minor releases
Major upgrades in-place
Major upgrades online
13
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Enabling access for network/remote users

PostgreSQL comes in a variety of distributions. In many of these, you will note that remote access is initially disabled as a security measure.

How to do it...

By default, PostgreSQL gives access to clients who connect using Unix sockets, provided that the database user is the same as the system's username. Here, we'll show you how to enable other connections.

In this recipe, we mention configuration files, which can be located as shown in the Finding the current configuration settings recipe in Chapter 3, Configuration.

The steps are as follows:

  1. Add or edit this line in your postgresql.conf file:
listen_addresses = '*'
  1. Add the following line as the first line of pg_hba.conf to allow access to all databases for all users with an encrypted password:
# TYPE   DATABASE   USER        CIDR-ADDRESS   METHOD 
host      all        all          0.0.0.0/0       md5
  1. After changing listen_addresses, we restart the PostgreSQL server, as explained in the Updating the parameter file recipe in Chapter 3, Configuration.
This recipe assumes that postgresql.conf does not include any other configuration file, which is the case in a default installation. If changing listen_addresses in postgresql.conf does not seem to work, perhaps that setting is overridden by another configuration file. Check out the Updating the parameter file recipe in Chapter 3, Configuration, for more details.

How it works...

The listen_addresses parameter specifies which IP addresses to listen to. This allows you to flexibly enable and disable listening on interfaces of multiple network cards (NICs) or virtual networks on the same system. In most cases, we want to accept connections on all NICs, so we use *, meaning all IP addresses.

The pg_hba.conf file contains a set of host-based authentication rules. Each rule is considered in sequence, until one rule fires or the attempt is specifically rejected with a reject method.

The preceding rule means that a remote connection that specifies any user or database on any IP address will be asked to authenticate using an MD5-encrypted password. Precisely, the following:

  • Type: For this, host means a remote connection.
  • Database: For this, all means for all databases. Other names match exactly, except when prefixed with a plus (+) symbol, in which case we mean a group role rather than a single user. You can also specify a comma-separated list of users, or use the @ symbol to include a file with a list of users. You can even specify sameuser, so that the rule matches when you specify the same name for the user and database.
  • User: For this, all means for all users. Other names match exactly, except when prefixed with a plus (+) symbol, in which case we mean a group role rather than a single user. You can also specify a comma-separated list of users, or use the @ symbol to include a file with a list of users.
  • CIDR-ADDRESS: This consists of two parts: IP address and subnet mask.
    The subnet mask is specified as the number of leading bits of the IP address that make up the mask. Thus, /0 means 0 bits of the IP address, so that all IP addresses will be matched. For example, 192.168.0.0/24 would mean match the first 24 bits, so any IP address of the form 192.168.0.x would match. You can also use samenet or samehost.
  • Method: For this, md5 means that PostgreSQL will ask the client to provide a password encrypted with MD5. Another common setting is trust, which effectively means no authentication. Other authentication methods include GSSAPI, SSPI, LDAP, RADIUS, and PAM. PostgreSQL connections can also be made using SSL, in which case client SSL certificates provide authentication. See the Using SSL certificates to authenticate the client recipe in Chapter 6, Security, for more details about this.

Don't use the password setting, as this sends the password in plain text. This is not a real security issue if your connection is encrypted with SSL, and there are normally no downsides with MD5 anyway, and you have extra security for non-SSL connections.

There's more...

In earlier versions of PostgreSQL, access through the network was enabled by adding the -i command line switch when you started the server. This is still a valid option, but now it means the following:

listen_addresses = '*'

So, if you're reading some notes about how to set things up and this is mentioned, be warned that those notes are probably long out of date. They are not necessarily wrong, but it's worth looking further to see whether anything else has changed.

See also

Look at installer and/or operating system-specific documentation to find the standard location of the files.

End of Section 5
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete