| From: | Greg Sabino Mullane <greg(at)endpoint(dot)com> |
|---|---|
| To: | Marcio Duarte <maethorin(at)gmail(dot)com> |
| Cc: | pgsql-cluster-hackers(at)postgresql(dot)org |
| Subject: | Re: Streaming replication for security |
| Date: | 2016-12-20 15:33:17 |
| Message-ID: | 20161220153317.GB10656@localhost.localdomain |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-cluster-hackers |
> case, I will need to expose the internal database server to the Web via
> TCP, right?
Technically, yes, but you still have pretty fine-grained control over who can
come in to your database, via Postgres things like pg_hba.conf and good passwords,
as well as OS-level things like iptables and port knocking.
> If so, there is a way to make the master send the data to standby?
You could certainly use traditional file-based log shipping to move the
WAL files from the master to the standby, by any secure means you want,
iincluding an intermediary system. However, this can be hard/impossible
for SaaS things like Heroku and RDS, which don't allow complete
file-level access.
--
Greg Sabino Mullane greg(at)endpoint(dot)com
End Point Corporation
PGP Key: 2529 DF6A B8F7 9407 E944 45B4 BC9B 9067 1496 4AC8
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Marcio Duarte | 2016-12-22 09:56:38 | Re: Streaming replication for security |
| Previous Message | Marcio Duarte | 2016-12-17 13:58:07 | Streaming replication for security |