More Related Content Similar to New enhancements for security and usability in EDB 13 (20) New enhancements for security and usability in EDB 131. New enhancements for
security and usability
in EDB 13
Marc Linster, CTO
Sebastiaan Mannem, Product Manager DB Server
December 2020 - Version 1.0
2. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.2
Agenda page
• Who is EDB
• EDB Postgres and Tools - what and why
• EDB 13: Key takeaways - usability, security, compatibility
• Database - what’s new
• Tools - what’s new
• Migration Portal - what’s new
• Platforms
• Resources and Q&A
3. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.3
The largest dedicated PostgreSQL company
• More customers: Than any dedicated PostgreSQL company
• More experts: Leading PostgreSQL contributors
• More innovation: Positioned to lead in enterprise PostgreSQL
and hybrid cloud
EDB acquires 2ndQuadrant in Sept 2020
+
4. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.4
2019
Challengers Leaders
Niche Players Visionaries
Abilitytoexecute
Completeness of
vision
1986
The design
of PostgreSQL
1996
Birth of
PostgreSQL
2004
EDB
is founded
2020
EDB acquires
2nd Quadrant
Materialized
Views
Parallel
Query
JIT
Compilation
Heap Only
Tuples (HOT)
Serializable
Parallel Query
We’re database fanatics who care deeply
about PostgreSQL
Expertise
• Recognized by Gartner Magic Quadrant for 7 years
• Enterprise PostgreSQL innovations
• PostgreSQL community leadership
2007
2ndQuadrant
launched
Logical
Replication
Transaction
Control
Hot
Standby
Generated
Columns
5. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.5
EDB team includes:
More PostgreSQL experts
• 300+ PostgreSQL technologists
• 26 PostgreSQL community contributors and committers
• Including founders and leaders like
Michael Stonebraker
“Father of Postgres”
and EDB Advisor
Bruce Momjian
Co-founder, PostgreSQL
Development Corporation
and EDB Employee
Peter Eisentraut
PostgreSQL leader
and EDB Employee
Robert Haas
PostgreSQL Major
Contributor, Committer
and EDB Employee
Simon Riggs
Enterprise PostgreSQL
Expert and EDB Employee
6. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.6
Agenda page
• Who is EDB
• EDB Postgres and Tools - what and why
• EDB 13: Key takeaways - usability, security, compatibility
• Database - what’s new
• Tools - what’s new
• Migration Portal - what’s new
• Platforms
• Resources and Q&A
7. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.7
Quick Deploy
Solution Design
Migration Assessment
Migration Assistance
PostgreSQL Strategy
Security Assessment
Enterprise Architecture
EDB Postgres Advanced ServerPostgreSQL
EDB Postgres Tools: Postgres Enterprise Manager, Backup and Recovery Tool, Failover Manager, Connectors, Migration
Tools (*)
PostgreSQL Optimization Enterprise Strategy Custom ServicesGetting Started
Cloud
DBA Service
Remote
DBA Service
Technical
Account Manager
PostgreSQL
Technical Support
Performance Tuning
Automation Services
Monitoring Best Practices
Backup Best Practices
Implementation
Embedded Expert
Training
EDB: Databases, Tools, Support and Services
Software
Support
Services
* Complete List: Postgres Enterprise Manager, Backup and Recovery Tool, Failover Manager, Replication Server,
Containers, Kubernetes Operator, PostGIS, Pgpool, PgBouncer, Connectors, Foreign Data Wrappers, Migration Toolkit
8. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.8
EDB Postgres Advanced Server
EDB Postgres Advanced Server
• Security - Password policy management, session tag auditing, data redaction, SQL injection
protection, and procedural language code obfuscation
• Performance - Query optimizer hints, SQL session/system wait diagnostics
• Developer Productivity - Over 200 pre-packaged utility functions, user-defined object
types, autonomous transactions, nested tables, synonyms, advanced queueing
• DBA Productivity - Throttle CPU and I/O at the process level, over 55 extended catalog
views to profile all the objects and processing that occurs in the database
• Oracle Compatibility - Offers compatibility for schemas, data types, indexes, users, roles,
partitioning, packages, views, PL/SQL triggers, stored procedures, functions, and utilities
9. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.9
Postgres Enterprise Manager
GUI tool for monitoring, management and tuning databases
• Aggregates performance and status data -
Collects from DBs, OS, and jobs
• Monitors overall system health - Alerts thru
charts and dashboards, email, or SNMP
• Runs performance diagnostics - Execute SQL,
tune queries, run backups, and deploy updates
• Provides 200+ built-in alerts - Monitor bloat,
memory utilization, server status, and more
10. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.10
Failover Manager
Automatically detect failures
• Monitors database health - detects failures
and takes action
• Automatically fails over to the most current
standby, reconfigures others
• Reconfigures load balancers on failover -
integrates with pgPool and others
• Avoids “split brain” scenarios - Prevents two
nodes from thinking that each is primary
11. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.11
Backup and Recovery Tool
Safeguard business data and ensure trouble-free recovery
• Centralized repository for all backup data
• Configures retention policies for
multiple backups
• Restores the database from system-wide
repository when disaster strikes
12. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.12
EDB Migration Portal
Oracle DDL Assessment, Transformation and Migration
● Portal Launch: July 2018
● Assesses Oracle 11G/12C
● DDL assessment for EPAS
● 98 automatic syntactical conversion rules
● 13 object types (Synonyms, DB Links,
Types and Type Bodies, Sequences, Tables,
Constraints, Indexes, Views, Materialized
Views, Triggers, Functions, Procedures,
Packages)
● 11.3 DDL objects assessed since 2018
● 92% of Oracle DDL objects are EDB
Postgres Advanced Server compatible
● Free to use for assessments and
migrations
13. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.13
● The best database, without HA, monitoring or management has limited value
● Management at scale requires exception based approaches
● Databases without integration tools are data silos
● Rapid digital transformation requires migration tools
Why database and tools?
14. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.14
Agenda page
• Who is EDB
• EDB Postgres and Tools - what and why
• EDB 13: Key takeaways - usability, security, compatibility
• Database - what’s new
• Tools - what’s new
• Migration Portal - what’s new
• Platforms
• Resources and Q&A
15. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.15
EDB 13
Enhancements in usability, security, and compatibility
Usability ● Postgres Enterprise Manager tools to work with very large databases and
large scale Postgres deployments
● GUI integration to manage Backup and Recovery (BART) and automated
failover (EFM)
● WCAG Level 2 AA certification
Security ● Channel binding for SCRAM authentication
● Upgraded minimum TLS version
● Certificate-based authentication for EDB*Loader and Foreign Data Wrappers
Compatibility ● Improved compound triggers
● DEFINE_COLUMN_LONG
● Automatic LIST and HASH partitions
16. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.16
Agenda page
• Who is EDB
• EDB Postgres and Tools - what and why
• EDB 13: Key takeaways - usability, security, compatibility
• Database - what’s new
• Tools - what’s new
• Migration Portal - what’s new
• Resources and Q&A
17. PostgreSQL v13 Release Notes
“Along with highly requested features like
parallelized vacuuming and incremental
sorting, PostgreSQL 13 provides a better
data management experience for workloads
big and small.”
18. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.18
PostgreSQL 13: Key 2Q + EDB Contributions
● Foreign Data Wrappers with
certificate based
authentication
● Use client certificates with
passwords
● Erase memory with
sensitive information
● Incremental sorting
● Improved plans with
extended statistics
● more pruning and direct
joining with partition tables
● Parallel vacuum of indexes
● JSONB improvements
(NULL handling)
● Partitioned tables with
logical replication and
BEFORE triggers
● Normalizing unicode strings
SecurityPerformance
Developer
focused
● Tools to verify postgres
system catalog
(pg_catcheck) and backups
(pg_verifybackup)
● Recovery improvements
● info, and control on Logical
decoding spilled to disk
Administrative
19. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.19
https://www.enterprisedb.com/postgres-tutorials/what-parallel-vacuum-postgresql-13
Vacuum Improvements
● Performance for parallel vacuum of indexes
○ Vacuum performance after executing 50 million
in-place updates - 4X faster in multi process benchmark
● Auto Vacuum for append-only transactions
○ Recalculates statistics!
○ Important for IOT tables
Parallel vacuum of indexes and vacuum for append-only tables
20. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.20
● Pg_catcheck: tool for diagnosing system catalog corruption
● Find it https://github.com/EnterpriseDB/pg_catcheck
● New capability: check if the initial file is available for every relation (table)
● Address ‘could not open file issue’
New capabilities for pg_catcheck
21. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.21
● New option --select-from-relations.
● This option won't tell you the reason why you are getting such errors.
● Works for table, TOAST table, and materialized view in the database.
● This option still doesn't help with indexes, or relation segments other than the first file
● >>> The relation is accessible <<< “Could not open file”.
● Supports EDB Postgres Advanced Server and PostgreSQL.
● Example:
rushabh@rushabh:pg_catcheck$ ./pg_catcheck edb --select-from-relations
notice: unable to query relation "public"."emp": ERROR: could not open file
"base/16198/16394": Permission denied
notice: unable to query relation "public"."jobhist": ERROR: could not open
file "base/16198/16405": No such file or directory
progress: done (2 inconsistencies, 0 warnings, 0 errors)
pg_catcheck: find “could not open file xxx”
22. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.22
EDB Advanced Server: DBA productivity
Feature Benefit
Automatic LIST partitioning
● Each partition is defined by list of values that can be stored in the
partition. (e.g UK, US).
● When row inserted with values that don't belong to any partition (e.g.
FR for France), EPAS will create a new partition to store all rows with
that value of that partition key
● Customer doesn’t need to know all partition keys
when defining the table
● Removes risk of errors when a row is inserted that
would not fit in the table
● Eliminates manual labor of creating each and
every partition individually
Automatic HASH partitioning
● Partitions are defined by hash values, which will distribute data
evenly across partitions.
● Users specify the number of partitions, which are to be created
automatically with insert data requests.
Automatic partitioning methods (LIST, RANGE and HASH) can be combined
with partitions and subpartitions
23. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.23
EDB Advanced Server: DBA productivity: examples
Use case Example
Create a table with automatic List
partitioning. In this example, a
partition is automatically created
for the entry with 'NLD'.
CREATE TABLE orders (id INT, country_code VARCHAR(5))
PARTITION BY LIST (country_code) AUTOMATIC
(partition p1 values ('IND'), partition p2 values ('USA'));
INSERT INTO orders VALUES(1, 'NLD')
Automatically create a table with 4
partitions. Values will be randomly
spread across the 4 defined
partitions.
CREATE TABLE hash_tab (col1 NUMBER< col2 NUMBER)
PARTITION BY HASH (col1, col2)
PARTITIONS 4 STORE IN (tbs1, tbs2, tbs3, tbs4);
24. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.24
EDB Advanced Server: DBA productivity
Feature Benefit
EDB*Loader (bulk database loading utility) no longer aborts on
duplicate rows.
Duplicate records are output to the 'bad' file.
Enables developers and DBAs to use this utility to test applications faster
by avoiding interruptions from duplicate records.
edb_log_every_bulk_value creates one Audit log entry on the bulk
execution instead of one entry for every processed row.
The log entry lists the number of rows processed and appears in the
audit and server log.
Enhanced information on bulk executions
25. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.25
EDB Advanced Server: Oracle compatibility
Feature Benefit
Enhancements to Data Definition Language
● CREATE TABLE and ALTER TABLE can now specify a custom index with "USING INDEX”
● CREATE TABLE and CREATE INDEX can now be created with a PARALLEL/NOPARALLEL option
Commands expedite migration from Oracle
Enhancements to EDB Structured Procedural Language
● Procedures are enhanced to allow specifying DEFINE_COLUMN_LONG, COLUMN_VALUE_LONG
and LAST_ERROR_POSITION
● Compound triggers can now be created with WHEN clause, NEW/OLD variables and STATEMENT
level triggering events.
● EDB-SPL allows for forward declaration inside package body for Function/procedure
Migrated applications using these stored
procedures don’t need to be rewritten
Aggregate statistical functions & time stamp
● STATS_MODE: Returns the value with the highest frequency
● MEDIAN: aggregate function
● TO_TIMESTAMP_TZ: Converts character type to a value of TIMESTAMP WITH TIME ZONE data type
Allows customers to run native Oracle statistical
functions and type conversion functions without
needing to require their application code
UTL_HTTP supports END_OF_BODY exception. This package makes (HTTP) callouts from SQL or PL/SQL. Reduces complexity by making it easier to write
applications that need to parse data (e.g. find data
strings) from the internet
26. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.26
EDB Advanced Server: Security
Feature Benefit
DBMS_CRYPTO supports AES192 and AES256 encryption algorithms Enables customers to use native Oracle syntax to encrypt data at
rest (database encryption) and meet security requirements
Enhanced EDB Audit to log SET commands Creates a trail when auditing is running with lower edb_audit
settings in a SUPERUSER session
27. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.27
Agenda page
• Who is EDB
• EDB Postgres and Tools - what and why
• EDB 13: Key takeaways - usability, security, compatibility
• Database - what’s new
• Tools - what’s new
• Migration Portal - what’s new
• Platforms
• Resources and Q&A
29. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.29
Postgres Enterprise Manager
Feature Benefit
Graphical Query Plan Analyzer Analyze query plans in the Graphical Explain tab in the Query Tool. It shows the time spent by each plan
node and highlights misestimations between actual and plan. It also shows statistics for each plan node
and each table
Schema Diff Tool Identifies schema differences between test, stage and production environments.
SNMP V3 Support Provides increased security by using SNMP version 3 while sending the alert traps.
Enhanced Performance Diagnostics Users can now see the number of active sessions at a sample time, and whether a session is waiting for an
event or utilizing the CPU at a particular sample time. This provides a clear picture of what percentage of
time a session has been waiting for an event.
Enhanced integration of Backup and
Recovery Tool and Failover Manager
More efficient management and monitoring of BART and EFM via the PEM console
Web Content Accessibility Guidelines
(WCAG) 2.0 AA certification
Meeting this guideline is important to many prospects, especially to the public sector and large enterprises
Ability to monitor AWS RDS Postgres
and Postgres on AWS EC2
Enables customers to manage their PostgreSQL estate, from one GUI, even in cloud/hybrid environments
31. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.31
Improved
Performance
Diagnostics
● # of active sessions
● What is a session
waiting for
32. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.32
High Availability and Backup/Recovery
Feature Benefit
Failover Manager stores database password with stronger encryption using
SHA-512
Allows customers to use Failover Manager in environments requiring strong
password encryption algorithms
Failover Manager encrypts messages between agents Allows customers to use Failover Manager in environments which require message
encryption
Failover Manager: Standby servers don’t have to be stopped during election
process when new primary is chosen
Speeds up promotion process, which is very relevant in environments where
failover times must be short to meet high SLA requirements
BART: FIPS 140-2 (Federal Information Processing Standards) configuration
options: disable checksum verification and configure the bart_socket_name
Enables customers to run in more secure environments by allowing them to disable
MD5 checksums
33. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.33
Agenda page
• Who is EDB
• EDB Postgres and Tools - what and why
• EDB 13: Key takeaways - usability, security, compatibility
• Database - what’s new
• Tools - what’s new
• Migration Portal - what’s new
• Platforms
• Resources and Q&A
34. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.34
Migration Portal
Feature Benefit
Common Failures: View object incompatibilities in selected
schemas in the new “Common Failures” tab and CSV download
View information about incompatible objects at a glance, with your
schema’s most common errors listed first
Easier path to install EDB Postgres Advanced Server from the
migration portal
Better user experience for those ready to download and try EPAS
Faster report generation for large projects Reports that used to take 5-7 minutes to create now take less than 5
seconds
Many, many Oracle compatibility enhancements ● 11.3M DDL objects assessed
● 92% of Oracle DDL objects are EDB Postgres Advanced Server
compatible
35. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.35
Agenda page
• Who is EDB
• EDB Postgres and Tools - what and why
• EDB 13: Key takeaways - usability, security, compatibility
• Database - what’s new
• Tools - what’s new
• Migration Portal - what’s new
• Platforms
• Resources and Q&A
36. © Copyright EnterpriseDB Corporation, 2020. All rights reserved.36
Supported Platforms
• Red Hat Enterprise Linux/CentOS 7 and 8
• Red Hat Enterprise Linux on Power (PPCLE) 8 and 9
• Oracle Enterprise Linux 7 and 8
• Debian 9 and 10
• Ubuntu 18.04 and 20.04 LTS
• Windows Server 2016 and 2019
• Discontinued
• Red Hat Enterprise Linux / CentOS 6 - EOL on Nov 30, 2020
• Windows Server 2012 R2
37. Questions?
Resources:
● EDB 13 Blog:
https://www.enterprisedb.com/blog/new-
enhancements-edb-postgres-advanced-
server-13-and-tools
● Download (Windows and Linux):
https://www.enterprisedb.com/software-
downloads-postgres
● Tuning Guides
● Thales-Vormetric Integration
● Migration Portal
https://migration.enterprisedb.com
● Deployment Automation:
https://github.com/EnterpriseDB/postgres-
deployment