postgre sql unleashed
TRANSCRIPT
Default
PostgreSQL Unleashed
Marian Marinov
Head of System Operations at Siteground.com
What is this talk about
Storage Architecture
Authentication
Commands
Writing Functions
Storage Architecture
File system structure
Default directory /var/lib/pgsql/data (PGDATA)/|- postgresql.conf|- pg_hba.conf|- pg_ident.conf|- postmaster.opts|- postmaster.pid|- PG_VERSION|- baseper-database subdirectories|- globalcluster-wide tables, such as pg_database|- pg_clogtransaction commit status data|- pg_multixactmultitransaction status data|- pg_stat_tmptemporary files for the statistics subsystem|- pg_subtranssubtransaction status data|- pg_tblspcsymbolic links to tablespaces|- pg_twophasestate files for prepared transactions|- pg_xlogWAL (Write Ahead Log) files
File system structure
Directory representation:
base -\|- 1|- 11510|- 11511|- 16384\- 24576
template1=# SELECT datname,datlastsysoid FROM pg_database; datname| datlastsysoid-----------------+--------------- template1|11510 template0|11510 postgres|11510 os|11510(5 rows)
File system structure
Directory representation:
base -\|- 11510 -\||- 24765
os# SELECT relname,relfilenode,reltablespace FROM pg_classWHERE relfilenode=24765;
Relname| relfilenode| reltablespace-------------+----------------+--------------- disk_io| 24765| 0(1 row)
File system structure
Table and Indexes are stored in separate files
Tables bigger then 1GB are split into different files:
filenode.1, filenode.2, ..., filenode.N
The 1GB limit can be changed during build using with-segsize configure option.
DataBase Design
DBNAMESCHMEOBJECTS(table/view/sequence/domain)database-\ |- public |- scheme1-\ | |- table1 | |- table2 | |- view1 | |- view2 | |- seq1 | \- seq2 \- scheme2
Authentication
Authentication
pg_hba.conf Host based authenticationpg_ident.conf Identification information
Authentication methods: trust anyone to any DB
reject do not allow any connections (useful for filtering)
ident -use the system user name or what identd provided
password use cleartext passwords
md5 md5 encrypted passwords
pam use the Password Authentication Mechanism system
Authentication
pg_hba.conf:
localdatabase user auth-method[auth-options]hostdatabase user CIDR-addressauth-method[auth-options]hostssldatabase user CIDR-addressauth-method[auth-options]hostnossldatabase user CIDR-addressauth-method[auth-options]hostdatabase user IP-address IP-maskauth-method [auth-options]hostssldatabase user IP-address IP-maskauth-method [auth-options]hostnossldatabase user IP-address IP-maskauth-method [auth-options]
Authentication
pg_ident.conf:
map-name system-username database-username
example:
# MAPNAMESYSTEM-USERNAMEPG-USERNAMEomicronbryanhbryanhomicronannann# bob has user name robert on these machinesomicronrobertbob# bryanh can also connect as guest1omicronbryanhguest1
Permissions
Every object has its own privileges:
Database privileges
Scheme privileges
Table privileges
View privileges
Sequence privileges
Function privileges
Domain privileges
Commands
Commands
Manage users:
CREATE ROLE xxx PASSWORD 'string'
ALTER ROLE username PASSWORD 'string'ALTER ROLE username SET enable_indexscan TO offALTER ROLE username RESET varname
GRANT CONNECT ON DATABASE 'xxx' TO 'username'GRANT UPDATE ON accounts TO usernameREVOKE ALL ON accounts FROM PUBLIC
DROP ROLE username
Commands
Manage databases:
List all databases:SELECT datname FROM pg_database;Or use \l from the CLI.
Create DB using the default template:CREATE DATABASE name;CREATE DATABASE name OWNER username;# createdb -O rolename dbname
Create DB using different templates:CREATE DATABASE dbname TEMPLATE template0;# createdb -T template0 dbname
Commands
Manage databases:
ALTER DATABASE mydb SET geqo TO off;
DROP DATABASE name;dropdb dbname
Manage tablespaces:
CREATE TABLESPACE space1 LOCATION '/mnt/sda1/pgsql/data';CREATE TABLE foo(i int) TABLESPACE space1;SET default_tablespace = space1;CREATE TABLE foo(i int);
SELECT spcname FROM pg_tablespace;
Commands
Database maintanance:
Vaccuming
To recover or reuse disk space occupied by updated or deleted rows.
To update data statistics used by the PostgreSQL query planner.
To protect against loss of very old data due to transaction ID wraparound.
Routine Reindexing
Log File Maintenance
$ pg_ctl start | rotatelogs /var/log/pgsql_log 86400
Backup
Backup
SQL dump
File system level backup
Continuous archiving
Writing Functions
Click to edit the title