Postgres Archives

Tech Optimizer

April 24, 2025

TecentDB PostgreSQL will provide full support for PG 17

TencentDB for PostgreSQL has introduced robust security measures including data encryption, Virtual Private Cloud (VPC) isolation, and process monitoring for compliance with international standards. PostgreSQL 17.0 features enhanced logical replication with slot failover, performance optimizations such as batch I/O page read/write and improved Write-Ahead Logging, and operational enhancements like incremental backups and a transaction timeout parameter. Tencent has developed features for resource management, including fine-grained multi-tenant resource management with CPU resource isolation and process-level monitoring, as well as SQL throttling. Cold/hot data separation solutions include the 'cos_fdw' plugin for accessing cold data and the 'starocks_fdw' plugin for integrating with the StarRocks analytics engine. Security auditing has been improved with an Express Edition for basic needs and an Advanced Edition for broader audit coverage. These enhancements aim to balance performance and cost, maximize resource efficiency, and strengthen compliance.

Tech Optimizer

April 21, 2025

Best practices to handle AWS DMS tasks during PostgreSQL upgrades

The AWS Database Migration Service (AWS DMS) provides a managed solution for migrating and replicating databases to AWS, supporting both homogeneous and heterogeneous migrations. It allows seamless data migration from PostgreSQL databases to any supported target and vice versa. Open-source PostgreSQL regularly releases new versions, and Amazon RDS aims to support these within five months. Upgrading PostgreSQL instances is essential for security and compliance. Minor version upgrades focus on security and bug fixes without adding new functionalities, while major upgrades can change system tables and data formats. AWS DMS tasks require careful management during PostgreSQL upgrades. For minor upgrades, ongoing DMS tasks should be stopped and then resumed post-upgrade. For major upgrades, replication slots must be dropped before the upgrade, which will invalidate ongoing DMS tasks. After the upgrade, a new CDC-only task should be created to resume data migration. Minor version upgrades of the target PostgreSQL database do not affect AWS DMS CDC tasks, but major upgrades require stopping the DMS task, performing the upgrade, and ensuring compatibility with the replication instance before resuming the task.

Tech Optimizer

April 21, 2025

PostgreSQL 12 High Availability Cookbook

The server-class CPU market is primarily dominated by AMD and Intel, both of which offer dedicated lines of CPUs for server applications. AMD's Threadripper chips are strong competitors to Intel's Xeon processors, with AMD often providing higher core counts that enhance performance for multi-threaded applications. The price-to-performance ratios of both manufacturers are relatively comparable, but each has unique strengths. Prospective buyers are encouraged to research using resources like AnandTech, Tom's Hardware, and the official sites of Intel and AMD for benchmarks and comparative analyses.

Tech Optimizer

April 10, 2025

How Heroku migrated hundreds of thousands of self-managed PostgreSQL databases to Amazon Aurora

Heroku has migrated its multi-tenant PostgreSQL database fleet from a self-managed environment on Amazon EC2 to the Amazon Aurora PostgreSQL-Compatible Edition, improving operational efficiency and customer satisfaction without impacting customers. This transition involved moving over 200,000 databases, utilizing a dual control plane approach and specialized transfer systems for efficient data migration. The new architecture allows Heroku to leverage AWS Cloud services more effectively, alleviating the operational burdens on engineering teams and enabling a focus on customer value. The migration also positions Heroku to introduce advanced features such as AI-enabled database administration and enhanced security measures.

Tech Optimizer

April 9, 2025

Springtail announces $2.5M pre-seed funding to scale Postgres

Developers facing Postgres scalability limitations can either migrate to a different database or create a custom backend, both of which can be time-consuming. Springtail is a solution that enhances Postgres performance by offloading and scaling read execution while keeping the existing Postgres instance as the primary data store. It allows for horizontal scaling of read-heavy workloads without extensive application changes or data migrations. Springtail's architecture distributes queries across multiple nodes to improve query throughput. The initial offering includes scalable, on-demand read replicas for Postgres on AWS, which share a storage layer and can independently scale compute resources, allowing users to activate or deactivate replicas as needed. This approach can lead to savings of up to 58% on Postgres read replication compared to Amazon RDS. Springtail was founded in 2023 and is based in the San Francisco Bay Area, supported by Gradient.

Tech Optimizer

April 8, 2025

Pools across the sea: how Hyperdrive speeds up access to databases and why we’re making it free

Cloudflare has made Hyperdrive available on the free plan of Cloudflare Workers, allowing developers to create high-performance global applications that connect to SQL databases. Hyperdrive simplifies database connectivity by using existing drivers and connection strings, reducing the need for extensive refactoring. It has been adopted by Cloudflare's engineering teams for various functions, demonstrating its effectiveness in addressing common challenges in application development. Hyperdrive significantly improves performance, with a benchmark showing latency reduction from 1200 ms to 500 ms when using Hyperdrive instead of a direct connection, and further to 320 ms with caching enabled. It employs transaction-mode connection pooling to efficiently manage database connections, minimizing overhead and ensuring optimal performance for serverless applications. Hyperdrive's architecture includes a split connection approach that reduces latency by conducting necessary round trips over shorter distances. It also features a regional pool strategy for selecting data centers based on the inferred location of the Worker, optimizing connection latency. The system includes a dual-layer caching strategy to enhance query performance and reduce load on the origin database. Developers can easily start using Hyperdrive by executing a simple command or using a dashboard to set up a sample Worker application with their existing Postgres database.

Tech Optimizer

April 3, 2025

1,500+ PostgreSQL Servers Compromised With Fileless Malware Attack

A cryptojacking campaign has targeted over 1,500 organizations by exploiting inadequately secured PostgreSQL database servers. The attackers, identified as JINX-0126, use advanced techniques including credential brute-forcing and fileless execution to deploy Monero (XMR)-mining malware. Approximately 30% of cloud-hosted PostgreSQL servers are affected due to weak or default credentials. The attackers execute commands using PostgreSQL’s COPY FROM PROGRAM function, bypassing standard detection mechanisms. They have been linked to three cryptocurrency wallets with around 550 active mining workers, generating a hashrate of 4.04 GH/s and approximately €10.40 per hour in XMR revenue. The attack begins with credential spraying against default accounts, followed by an SQL injection to fetch the payload. The malware operates in memory, modifies PostgreSQL’s configuration to maintain persistence, and creates cron jobs for reactivation. The campaign reveals significant security gaps in cloud environments, with recommendations for improved access controls and monitoring.

Tech Optimizer

April 2, 2025

Thousands of PostgreSQL servers are being hijacked to mine crypto

Researchers at Wiz have identified a cryptojacking campaign by a group called JINX-0126, targeting over 1,500 misconfigured PostgreSQL servers by exploiting weak login credentials. The attackers deploy the XMRig-C3 miner to mine Monero, consuming nearly all computing resources and increasing electricity usage for victims. Each compromised device is assigned a unique mining worker for tracking. The campaign has evolved to include defensive measures and fileless deployment to evade detection. Nearly 90% of cloud environments host PostgreSQL instances, with about one-third publicly accessible, highlighting security vulnerabilities.

Tech Optimizer

April 2, 2025

Ongoing cryptomining campaign hits over 1.5K PostgreSQL servers

Over 1,500 PostgreSQL instances exposed to the internet have been targeted by a cryptocurrency mining malware campaign called JINX-0126. Attackers exploit weak credentials to access PostgreSQL servers and use the "COPY ... FROM PROGRAM SQL" command for arbitrary command execution. They deploy a shell script to terminate existing cryptominers and deliver the pg_core binary. A Golang binary, disguised as the PostgreSQL multi-user database server, is then downloaded to establish persistence and escalate privileges, leading to the execution of the latest XMRig cryptominer variant. JINX-0126 employs advanced tactics, including unique hashes for binaries and fileless miner payload execution, to evade detection by cloud workload protection platforms.

Tech Optimizer

April 2, 2025

Bun 1.2 Improves Node Compatibility and Adds Postgres Client

Bun v1.2 has been released, enhancing compatibility with Node.js and introducing a native S3 object storage API and a built-in Postgres client alongside the existing SQLite client. The update focuses on Node.js compatibility, achieving a 90% pass rate on the Node.js test suite for core modules. The team adapted the Node test suite for Bun to address challenges with error message verification. New features include support for the node:http2 module, which offers a 2x speed enhancement, and additional support for node:dgram, node:cluster, and node:zlib. The built-in S3 support allows file operations with a 5x speed improvement over Node.js packages. The new Postgres client includes optimizations such as automatic prepared statements and connection pooling, potentially increasing read speeds by 50% compared to popular Node.js Postgres clients. Bun is developed in Zig and uses WebKit’s JavaScriptCore as its JavaScript engine, with the first version launched in September 2023.