6. What is DBaaS?
1. Node setup - Linux tuning, file permissions, fs encryption, firewall;
2. Database installation - get database package from known source;
3. Database configuration - based on node setup, TLS, etc;
4. Monitoring configuration - to check database health and metrics;
5. Backups configuration - backup encryption, PITR, logical, cron, etc;
6. Incident response - events handling to failover in case of db failure;
7. Upgrades - database version, disk, memory, nodes, etc.
8. DBaaS Benefits
• Reduce time to install database (one time);
• Reduce time to operate and failover database (continuous task 1/m);
• Reduce time to upgrade database (continuous task 1/q);
• Reduce time to setup monitoring (one time, 1/scale);
• Reduce time to setup automated backups (one time, 1/scale);
• Reduce time to setup security and E2E encryption (one time);
• Reduce time for tuning (one time, 1/scale);
• Reduce human error factor (sh*t happens).
9. DBaaS Benefits
• Essentially even developer can bootstrap production grade database
via DBaaS self-service control panel, based on requirements of data
storage (in-memory/disk) in a few minutes;
• Scale database in case of almost no disk space left, etc.
12. DBaaS Requirements
• All database connections should be encrypted;
• All DBaaS customer’s secrets should be encrypted (not hashed, TDE);
• LUKS disk encryption;
• Backup encryption (OpenPGP, etc);
• Periodic secrets rotation;
• SLA 99% uptime and higher;
• Time to provision in a few minutes (< 5min);
• Ability to access from anywhere and from nowhere (VPC).
27. DBaaS Comparison
• ScaleChamp – Largest by clouds coverage;
• ScaleGrid – BYOC + Full SSH access;
• Compose – Largest by provided services, smallest by clouds coverage;
• ObjectRocket – Alternative MongoDB hosting with a few clouds.
• Aiven – In the the middle by provided services, clouds and
integrations between them, VPC peering included.
• 84Codes (CloudAMQP, CloudElephant, CloudKarafka) - 4 clouds
coverage.