ProHoster > Blog > Pulega > Saogalemu ma DBMS: mea e tatau ona e manatua pe a filifilia meafaigaluega saogalemu

Saogalemu ma DBMS: mea e tatau ona e manatua pe a filifilia meafaigaluega saogalemu

Saogalemu ma DBMS: mea e tatau ona e manatua pe a filifilia meafaigaluega saogalemu

O loʻu igoa o Denis Rozhkov, o aʻu o le ulu o le atinaʻeina o polokalama i le kamupani Gazinformservice, i le vaega o oloa. Iatoba. O tulafono ma tulafono faatonutonu faʻapitoa e tuʻuina atu ni manaʻoga mo le saogalemu o le teuina o faʻamaumauga. E leai se tasi e manaʻo i isi vaega e maua le avanoa i faʻamatalaga faʻalilolilo, o lea e taua ai mataupu nei mo soʻo se poloketi: faʻamaonia ma faʻamaonia, puleaina avanoa i faʻamatalaga, faʻamautinoaina le saʻo o faʻamatalaga i totonu o le faiga, faʻapipiʻiina mea saogalemu. O le mea lea, ou te fia talanoa e uiga i ni mea manaia e uiga i le saogalemu DBMS.

Na saunia le tusiga e faavae i luga o se lauga i @DatabasesMeetup, faatulagaina Mail.ru Cloud Solutions. Afai e te le fia faitau, e mafai ona e matamata:


E tolu vaega o le tusiga:

  • Fa'afefea ona fa'amautu so'otaga.
  • O le a le suʻega o gaioiga ma pe faʻafefea ona faʻamaumau mea o loʻo tupu i luga o le itu faʻamaumauga ma fesoʻotaʻi i ai.
  • E faʻafefea ona puipuia faʻamaumauga i totonu o faʻamaumauga lava ia ma o a tekinolosi o loʻo avanoa mo lenei mea.

Saogalemu ma DBMS: mea e tatau ona e manatua pe a filifilia meafaigaluega saogalemu
E tolu vaega o le saogalemu o le DBMS: puipuiga o fesoʻotaʻiga, suʻesuʻega o gaioiga ma le puipuiga o faʻamaumauga

Puipuia o au feso'ota'iga

E mafai ona e fa'afeso'ota'i i le fa'amaumauga tu'usa'o pe fa'alēsa'o e ala i 'upega tafa'ilagi. I le avea ai o se tulafono, o le tagata faʻaaogaina pisinisi, o lona uiga, o le tagata e galue ma le DBMS, e fegalegaleai faʻatasi ma ia.

Aʻo leʻi talanoa e uiga i le puipuia o fesoʻotaʻiga, e tatau ona e taliina fesili taua e fuafua ai pe faʻafefea ona faʻatulagaina faiga saogalemu:

  • E tutusa le tasi tagata fa'aoga pisinisi ma le tasi tagata fa'aoga DBMS?
  • pe na'o se API e te pulea e maua ai le avanoa i fa'amaumauga a le DBMS, po'o le fa'aogaina sa'o o laulau;
  • pe o le DBMS o loʻo tuʻuina atu i se isi vaega puipuia, o ai e fegalegaleai ma pe faʻafefea;
  • pe fa'aogaina le pooling/proxy ma intermediate layers, e mafai ona suia fa'amatalaga e uiga i le auala e fausia ai le feso'ota'iga ma po'o ai o lo'o fa'aogaina le database.

Se'i o tatou va'ai po'o a mea faigaluega e mafai ona fa'aoga e fa'amautu ai feso'ota'iga:

  1. Fa'aaogā fa'amaumauga o fa'amaumauga a le vasega firewall. O se vaega faaopoopo o le puipuiga o le a, i se tulaga maualalo, faateleina le manino o mea o loʻo tupu i le DBMS, ma i le maualuga, o le a mafai ona e tuʻuina atu faʻamatalaga faʻamatalaga.
  2. Fa'aoga faiga fa'aupuga. O lo latou fa'aogaina e fa'alagolago i le auala e fausia ai lou fausaga. I so'o se tulaga, tasi le fa'aupuga i le faila fa'atulagaina o se 'upega tafa'ilagi e feso'ota'i i le DBMS e le lava mo le puipuiga. O loʻo i ai le tele o meafaigaluega DBMS e faʻatagaina oe e pulea e manaʻomia e le tagata faʻaoga ma le faʻaupuga le faʻafouina.

    E mafai ona e faitau atili e uiga i galuega fa'atatau a tagata fa'aoga iinei, e mafai fo'i ona e su'e e uiga i MS SQL Vulnerability Assessmen iinei

  3. Fa'atamaoaigaina le talaaga o le vasega i fa'amatalaga talafeagai. Afai o le sauniga e le opaque, e te le malamalama po o ai o loʻo galue i le DBMS i totonu o lona faʻavae, e mafai, i totonu o le faʻavae o le gaioiga o loʻo faia, faʻaopoopo faʻamatalaga e uiga i ai o loʻo faia le mea ma pe aisea. E mafai ona va'aia nei fa'amatalaga ile su'ega su'etusi.
  4. Fa'atulaga SSL pe afai e leai sau feso'otaiga vavave i le va o le DBMS ma tagata fa'ai'uga; e le oi totonu o se VLAN ese. I ia tulaga, e taua tele le puipuia o le auala i le va o le tagata faʻatau ma le DBMS lava ia. O lo'o maua fo'i meafaigaluega mo le puipuiga i le fa'apogai tatala.

E fa'apefea ona a'afia le fa'atinoga o le DBMS?

Sei o tatou tilotilo i le faʻataʻitaʻiga a PostgreSQL e vaʻai pe faʻafefea ona aʻafia e SSL le uta o le CPU, faʻateleina taimi ma faʻaitiitia le TPS, ma pe o le a tele naua punaoa pe a e faʻatagaina.

O le utaina o le PostgreSQL e faʻaaoga ai le pgbench o se polokalame faigofie mo le faʻatinoina o suʻega faʻatinoga. Na te fa'atinoina fa'atasi se fa'asologa o fa'atonuga, atonu i fa'atasiga fa'amaumauga tu'ufa'atasi, ona fa'atatau lea o le fua faatatau o fefa'atauaiga.

Suʻega 1 e aunoa ma le SSL ma faʻaaoga SSL - ua fa'amautuina le feso'ota'iga mo fefa'atauaiga ta'itasi:

pgbench.exe --connect -c 10 -t 5000 "host=192.168.220.129 dbname=taskdb user=postgres sslmode=require 
sslrootcert=rootCA.crt sslcert=client.crt sslkey=client.key"

vs

pgbench.exe --connect -c 10 -t 5000 "host=192.168.220.129 dbname=taskdb user=postgres"

Suʻega 2 e aunoa ma le SSL ma faʻaaoga SSL - o fefaʻatauaiga uma e faia i le tasi fesoʻotaʻiga:

pgbench.exe -c 10 -t 5000 "host=192.168.220.129 dbname=taskdb user=postgres sslmode=require
sslrootcert=rootCA.crt sslcert=client.crt sslkey=client.key"

vs

pgbench.exe -c 10 -t 5000 "host=192.168.220.129 dbname=taskdb user=postgres"

Isi faatulagaga:

scaling factor: 1
query mode: simple
number of clients: 10
number of threads: 1
number of transactions per client: 5000
number of transactions actually processed: 50000/50000

Suʻega o suʻega:

 
LEAI SSL
SSL

E fa'atūina se feso'ota'iga mo fefa'atauaiga uma

averesi o le latency
171.915 ms
187.695 ms

tps e aofia ai fesoʻotaʻiga faʻavae
58.168112
53.278062

tps e le aofia ai feso'ota'iga fa'avae
64.084546
58.725846

CPU
24%
28%

O fefaʻatauaiga uma e faia i le tasi fesoʻotaʻiga

averesi o le latency
6.722 ms
6.342 ms

tps e aofia ai fesoʻotaʻiga faʻavae
1587.657278
1576.792883

tps e le aofia ai feso'ota'iga fa'avae
1588.380574
1577.694766

CPU
17%
21%

I avega mama, o le aafiaga a SSL e faʻatusatusa i le mea sese o fua. Afai o le aofaʻi o faʻamatalaga faʻaliliu e matua tele, atonu e ese le tulaga. Afai matou te faʻatuina se tasi fesoʻotaʻiga i fefaʻatauaiga (e seasea, e masani lava o le fesoʻotaʻiga e fefaʻasoaaʻi i le va o tagata faʻaoga), e tele au fesoʻotaʻiga / motusia, o le aʻafiaga atonu e laʻititi laʻititi. O lona uiga, e ono iai ni aʻafiaga o le faʻaitiitia o le faʻatinoga, peitaʻi, o le eseesega e le tele naua e le faʻaaogaina le puipuiga.

Faamolemole ia matau o loʻo i ai se eseesega malosi pe afai e te faʻatusatusaina faiga faʻaoga: o loʻo e galue i totonu o le vasega e tasi poʻo i ni mea eseese. E malamalama lelei lenei mea: o punaoa e faʻaalu i le fatuina o soʻotaga taʻitasi.

Sa i ai se matou mataupu pe a matou faʻafesoʻotaʻi le Zabbix i le faʻalagolago, o lona uiga, e leʻi siakiina le md5, e leai se manaʻoga mo le faʻamaoni. Ona fai atu lea o le tagata faatau e faʻatagaina le faʻamaoniga md5. O lenei mea na tuʻuina ai se uta mamafa i luga o le PPU, ma faʻaitiitia le faʻatinoga. Na amata ona matou suʻeina ni auala e faʻalelei ai. O se tasi o fofo talafeagai i le faʻafitauli o le faʻatinoina o fesoʻotaʻiga tapulaʻa, fai VLANs eseese mo le DBMS, faʻaopoopo faʻamautu e faʻamalamalama ai poʻo ai o loʻo fesoʻotaʻi mai le mea ma aveese faʻamaoniga. i se tulaga lautele o le faʻaogaina o metotia eseese faʻamaonia e aʻafia ai le faʻatinoga ma e manaʻomia ai le amanaia o nei mea pe a fuafuaina le mana faʻa-komepiuta o sapalai (megana) mo le DBMS.

Faʻaiʻuga: i le tele o fofo, e oʻo lava i ni nuances laiti i le faʻamaoni e mafai ona matua aʻafia ai le poloketi ma e leaga pe a faʻaalia lenei mea pe a faʻatinoina i le gaosiga.

Su'etusi fa'atino

Su'etusi e le na'o DBMS. O le su'etusi e uiga i le mauaina o fa'amatalaga e uiga i mea o lo'o tutupu i vaega eseese. E mafai ona avea lea ma se pa puipui fa'amaumauga po'o le faiga fa'aoga lea e fausia ai le DBMS.

I pisinisi pisinisi tulaga DBMSs e lelei mea uma i le su'etusi, ae i le punaoa tatala - e le o taimi uma. Ole mea lea ole PostgreSQL:

  • ogalaau fa'aletonu - fa'apipi'i totonu;
  • faʻaopoopoga: pgaudit - afai e le lava le faʻaogaina o le taʻaloga e le lava mo oe, e mafai ona e faʻaogaina tulaga eseese e foia ai nisi faʻafitauli.

Faaopoopo i le lipoti i le vitio:

"E mafai ona tuʻuina atu faʻamatalaga faʻamatalaga faavae e se fale faʻapipiʻi masani ma log_statement = uma.

E talia lenei mea mo le mata'ituina ma isi fa'aoga, ae le maua ai le tulaga o fa'amatalaga e masani ona mana'omia mo le su'etusi.

E le lava le i ai o se lisi o gaioiga uma e faia i luga o faʻamaumauga.

E tatau fo'i ona mafai ona maua fa'amatalaga patino e fiafia i ai le su'etusi.

O faʻamaumauga masani e faʻaalia ai le mea na talosagaina e le tagata faʻaoga, aʻo taulaʻi le pgAudit i faʻamatalaga o mea na tupu ina ua faʻatinoina e le database le fesili.

Mo se fa'ata'ita'iga, atonu e mana'o le su'etusi e fa'amaonia na faia se laulau fa'apitoa i totonu o se fa'amalama fa'amaumauina o tausiga.

Atonu e foliga mai o se galuega faigofie i suʻega masani ma grep, ae faʻafefea pe a tuʻuina atu ia te oe se mea faʻapena (faʻalavelave faʻafuaseʻi) faʻataʻitaʻiga:

FAIA$$
GALUEGA
FA'A'O'I 'FUA LA'AU fa'aulufale mai' || 'ant_table(id int)';
FA'ATAU$$;

O fa'amaumauga masani o le a tu'uina atu ia te oe le mea lenei:

LOG: fa'amatalaga: FAIA $$
GALUEGA
FA'A'O'I 'FUA LA'AU fa'aulufale mai' || 'ant_table(id int)';
FA'ATAU$$;

E foliga mai o le sailia o le laulau e fiafia i ai atonu e manaʻomia ai ni faʻamatalaga faʻamaonia i mataupu e faʻaleleia ai laulau.

E le lelei lenei mea, aua e sili atu le su'esu'e ile igoa ole laulau.

O le mea lea e sau ai le pgAudit.

Mo le mea lava e tasi, o le a maua ai le gaioiga lea i totonu o le ogalaau:

SU'ESU'EGA: VAEGA,33,1, FA'AGA, FAIA,,,"FAIA $$
GALUEGA
FA'A'O'I 'FUA LA'AU fa'aulufale mai' || 'ant_table(id int)';
I'U$$;"
SU'ESU'EGA: VAEGA,33,2,DDL, FAIA LE LA'AU, LA'UFA'I, fa'alaua'itele.faufa'atasi_mea, FA'AFUAFUA LE LA'AU (id INT)

E le gata o le poloka DO o loʻo faʻapipiʻiina, ae faʻapea foʻi ma le tusitusiga atoa o le CREATE TABLE ma faʻamatalaga ituaiga, ituaiga mea, ma le igoa atoa, faʻafaigofie le sailiga.

Pe a fa'amauina fa'amatalaga SELECT ma DML, e mafai ona fa'atulaga le pgAudit e fa'amauina se fa'amatalaga tu'ufa'atasi mo so'otaga ta'itasi o lo'o fa'asino i le fa'amatalaga.

Leai se fa'avasegaga e mana'omia e su'e ai fa'amatalaga uma e pa'i i se laulau fa'apitoa(*) ».

E fa'apefea ona a'afia le fa'atinoga o le DBMS?

Se'i o tatou fa'ata'ita'i fa'ata'ita'iga fa'atasi ma su'etusi atoatoa ma va'ai po'o le a le mea e tupu ile fa'atinoga o PostgreSQL. Se'i tatou fa'agaoioi le tele o fa'amaumauga tu'ufa'atasiga mo ta'iala uma.

Matou te suia toetoe lava leai se mea i le faila faʻatulagaina, o le mea pito sili ona taua o le faʻaogaina o le debug5 mode e maua ai faʻamatalaga sili.

postgresql.conf

log_destination = 'stderr'
logging_collector = luga
log_truncate_on_rotation = luga
log_rotation_age = 1d
log_rotation_size = 10MB
log_min_messages = debug5
log_min_error_statement = debug5
log_min_duration_statement = 0
debug_print_parse = luga
debug_print_rewritten = on
debug_print_plan = on
debug_pretty_print = luga
log_checkpoints = luga
log_connections = luga
log_disconnections = luga
log_duration = luga
log_hostname = luga
log_lock_wait = on
log_replication_commands = on
log_temp_files = 0
log_timezone = 'Europa/Moscow'

I luga o le PostgreSQL DBMS faʻatasi ai ma faʻamaufaʻailoga o le 1 CPU, 2,8 GHz, 2 GB RAM, 40 GB HDD, matou te faia ni suʻega se tolu e faʻaaoga ai poloaiga:

$ pgbench -p 3389 -U postgres -i -s 150 benchmark
$ pgbench -p 3389 -U postgres -c 50 -j 2 -P 60 -T 600 benchmark
$ pgbench -p 3389 -U postgres -c 150 -j 2 -P 60 -T 600 benchmark

I'uga o su'ega:

Leai se taina
Faatasi ai ma le taina

Aofa'i taimi fa'atumu fa'amaumauga
43,74 sekone
53,23 sekone

RAM
24%
40%

CPU
72%
91%

Su'ega 1 (50 feso'ota'iga)

Numera o fefa'atauaiga ile 10 minute
74169
32445

Feuaiga/sec
123
54

Tu'u masani
405 ms
925 ms

Su'ega 2 (150 feso'ota'iga ma le 100 e mafai)

Numera o fefa'atauaiga ile 10 minute
81727
31429

Feuaiga/sec
136
52

Tu'u masani
550 ms
1432 ms

E uiga i lapopoa

DB tele
2251 MB
2262 MB

Tele o fa'amaumauga o fa'amaumauga
0 MB
4587 MB

Ole laina pito i lalo: ole su'etusi atoa e le lelei tele. O faʻamaumauga mai le suʻega o le a tele e pei o faʻamaumauga i totonu o le database lava ia, pe sili atu foi. O le aofaʻi o faʻamaumauga e faʻatupuina pe a galue ma se DBMS o se faʻafitauli masani i le gaosiga.

Seʻi o tatou vaʻavaʻai i isi taʻiala:

  • O le saoasaoa e le suia tele: e aunoa ma le taina - 43,74 sekone, faʻatasi ai ma le logging - 53,23 sekone.
  • O le RAM ma le CPU o le a pagatia, aua e te manaʻomia le fausiaina o se faila suʻega. E maitauina foi lenei mea i le gaosiga.

A o faʻateleina le numera o fesoʻotaʻiga, e masani lava, o le faʻatinoga o le a faʻaitiitia teisi.

I faʻapotopotoga faʻatasi ma suʻega e sili atu ona faigata:

  • e tele fa'amaumauga;
  • e manaʻomia le suʻega e le gata i le syslog i le SIEM, ae faʻapea foʻi i faila: afai e tupu se mea i le syslog, e tatau ona i ai se faila lata ane i le database lea e teu ai faʻamatalaga;
  • e manaʻomia se fata eseʻese mo le suʻega ina ia aua neʻi faʻaumatia tisiki I / O, aua e tele avanoa e alu ai;
  • E tupu e manaʻomia e tagata faigaluega saogalemu faʻamatalaga tulaga GOST i soʻo se mea, latou te manaʻomia le faʻamaonia o le setete.

Faatapula'a le avanoa i fa'amatalaga

Se'i o tatou va'ava'ai i tekinolosi o lo'o fa'aaogaina e puipuia ai fa'amaumauga ma maua i totonu o DBMS fa'apisinisi ma fa'amatalaga tatala.

O le a le mea e masani ona e faʻaaogaina:

  1. Fa'ailoga ma le fa'auigaina o taualumaga ma galuega (Wrapping) - o lona uiga, tu'uese'ese mea faigaluega ma mea fa'aoga e le mafai ai ona faitau le code. E moni, e le mafai ona toe suia pe toe faafoliga i tua. O lenei faiga e mana'omia i nisi taimi a itiiti mai i le itu DBMS - o le fa'atonuga o le fa'atapula'aina o laisene po'o le fa'atagaga fa'atagaina e fa'ailoga sa'o i le fa'atinoga ma le tulaga o galuega.
  2. Faʻatapulaʻaina le vaʻaia o faʻamatalaga e laina (RLS) o le taimi lea e vaʻaia ai e tagata faʻaoga eseese se tasi laulau, ae ese le tuʻufaʻatasia o laina i totonu, o lona uiga, e le mafai ona faʻaalia se mea i se tasi i le laina tulaga.
  3. Fa'asa'o fa'amatalaga fa'aalia (Masking) o le taimi lea e va'aia ai e tagata fa'aoga i le tasi koluma o le laulau fa'amaumauga pe na'o fetu, o lona uiga, mo nisi tagata fa'aoga o le a tapunia fa'amatalaga. O le tekonolosi e fuafua po'o ai tagata e fa'aalia le mea e fa'atatau i lo latou tulaga avanoa.
  4. Saogalemu DBA/Talosaga DBA/DBA fa'atonutonu avanoa e, e uiga i le fa'atapula'aina o le avanoa i le DBMS lava ia, o lona uiga, e mafai ona vavae'ese tagata faigaluega fa'amatalaga fa'amatalaga mai fa'atonu fa'amaumauga ma pule o talosaga. E i ai ni nai tekinolosi fa'apea i punaoa tatala, ae e tele naua i DBMS pisinisi. E manaʻomia pe a tele tagata faʻaoga e mafai ona maua avanoa i latou lava.
  5. Faatapula'a le avanoa i faila i le tulaga o faila faila. E mafai ona e tu'uina atu aia tatau ma avanoa avanoa i fa'atonuga ina ia mafai e pule ta'itasi ona maua na'o fa'amatalaga talafeagai.
  6. Fa'atonu avanoa ma fa'amama manatua - o nei tekonolosi e seasea fa'aaogaina.
  7. Fa'amatalaga fa'ai'uga tu'u sa'o mai le DBMS o le fa'ailoga tagata fa'atau ma le pulega autu i le itu o le server.
  8. Fa'ailoga fa'amatalaga. Mo se fa'ata'ita'iga, fa'ailoga columnar o le taimi e te fa'aogaina ai se masini e fa'ailogaina ai se koluma e tasi o le fa'amaumauga.

E fa'apefea ona a'afia le fa'atinoga o le DBMS?

Sei o tatou vaʻai i le faʻataʻitaʻiga o faʻailoga faʻailoga i PostgreSQL. O loʻo i ai se pgcrypto module, e faʻatagaina oe e teu ni fanua filifilia i faʻailoga faʻailoga. E aoga lea pe a na'o nisi fa'amatalaga e taua. Ina ia faitau fa'ailoga fa'ailoga, e tu'uina atu e le kalani se ki fa'alilolilo, e fa'apala e le server fa'amaumauga ma toe fa'afo'i atu i le kalani. A aunoa ma le ki, e leai se tasi e mafai ona faia se mea i au faʻamatalaga.

Se'i o tatou su'e ile pgcrypto. Se'i o tatou faia se laulau ma fa'ailoga fa'ailoga ma fa'amaumauga masani. O loʻo i lalo tulafono mo le fatuina o laulau, i le laina muamua lava o loʻo i ai se faʻatonuga aoga - fatuina le faʻaopoopoga lava ia ma le resitalaina o le DBMS:

CREATE EXTENSION pgcrypto;
CREATE TABLE t1 (id integer, text1 text, text2 text);
CREATE TABLE t2 (id integer, text1 bytea, text2 bytea);
INSERT INTO t1 (id, text1, text2)
VALUES (generate_series(1,10000000), generate_series(1,10000000)::text, generate_series(1,10000000)::text);
INSERT INTO t2 (id, text1, text2) VALUES (
generate_series(1,10000000),
encrypt(cast(generate_series(1,10000000) AS text)::bytea, 'key'::bytea, 'bf'),
encrypt(cast(generate_series(1,10000000) AS text)::bytea, 'key'::bytea, 'bf'));

Le isi, tatou taumafai e fai se faʻataʻitaʻiga faʻamatalaga mai laulau taʻitasi ma vaʻai i taimi o faʻatinoga.

Filifilia mai se laulau e aunoa ma se fa'ailoga fa'ailoga:

psql -c "timing" -c "select * from t1 limit 1000;" "host=192.168.220.129 dbname=taskdb
user=postgres sslmode=disable" > 1.txt

Ua ola le uati taofi.

  id | tusitusiga1 | tusitusiga2
——+——-+——-
1 | 1 | 1
2 | 2 | 2
3 | 3 | 3
...
997 | 997 | 997
998 | 998 | 998
999 | 999 | 999
1000 | 1000 | 1000
(1000 laina)

Taimi: 1,386 ms

Filifiliga mai se laulau o loʻo i ai faʻamatalaga faʻailoga:

psql -c "timing" -c "select id, decrypt(text1, 'key'::bytea, 'bf'),
decrypt(text2, 'key'::bytea, 'bf') from t2 limit 1000;"
"host=192.168.220.129 dbname=taskdb user=postgres sslmode=disable" > 2.txt

Ua ola le uati taofi.

  id | decrypt | decrypt
——+—————+————
1 | x31 | x31
2 | x32 | x32
3 | x33 | x33
...
999 | x393939 | x393939
1000 | x31303030 | x31303030
(1000 laina)

Taimi: 50,203 ms

Suʻega o suʻega:

 
E aunoa ma se fa'ailoga
Pgcrypto (fa'asese)

Fa'ata'ita'i 1000 laina
1,386 ms
50,203 ms

CPU
15%
35%

RAM
 
+ 5%

Fa'ailoga e iai sona aafiaga tele i le fa'atinoga. E mafai ona vaʻaia ua faʻateleina le taimi, talu ai o le decryption faʻagaioiga o faʻamatalaga faʻailoga (ma decryption e masani lava o loʻo afifi i lau faʻamatalaga) e manaʻomia ai punaoa taua. O lona uiga, o le manatu o le faʻailogaina o koluma uma o loʻo i ai nisi faʻamatalaga e tumu i le faʻaitiitia o le faʻatinoga.

Ae ui i lea, o faʻamatalaga e le o se pulu siliva e foia ai faʻafitauli uma. O faʻamaumauga faʻasalalau ma le ki faʻamalo i le taimi o le faʻagasologa o le faʻamalo ma le tuʻuina atu o faʻamatalaga o loʻo i luga o le server. O le mea lea, o ki e mafai ona faʻalavelaveina e se tasi o loʻo i ai le avanoa atoatoa i le faʻamaumauga o faʻamaumauga, e pei o le pule o le polokalama.

Afai e tasi le ki mo le koluma atoa mo tagata faʻaoga uma (tusa lava pe le mo tagata uma, ae mo tagata faʻatau se seti faʻatapulaʻa), e le o taimi uma e lelei ma saʻo. O le mafuaaga lena na amata ai ona latou faia faʻamatalaga pito i luga, i le DBMS na amata ona latou mafaufau i filifiliga mo le faʻailogaina o faʻamatalaga i luga o le kalani ma le 'auʻaunaga, ma o na mea e tasi e teu ai ki-vault na faʻaalia - oloa eseese e maua ai le pulega autu ile DBMS. itu.

Saogalemu ma DBMS: mea e tatau ona e manatua pe a filifilia meafaigaluega saogalemu
O se faʻataʻitaʻiga o ia faʻailoga i MongoDB

Faiga saogalemu i pisinisi ma tatala punaoa DBMS

Galuega tauave
Ituaiga
Faiga Fa'amatalaga
Suetusi
Puipuia le fa'apogai o tulafono fa'atino ma galuega
EPIRB
Encryption

Oracle
pisinisi
+
+
+
+
+

MsSql
pisinisi
+
+
+
+
+

Iatoba
pisinisi
+
+
+
+
faaopoopoga

PostgreSQL
saʻoloto
faaopoopoga
faaopoopoga
-
+
faaopoopoga

MongoDb
saʻoloto
-
+
-
-
E maua i MongoDB Enterprise na'o

O le laulau e mamao lava mai le maeʻa, ae o le tulaga lenei: i oloa faʻatau oloa, faʻafitauli saogalemu ua foia mo se taimi umi, i le punaoa tatala, e pei o se tulafono, o nisi ituaiga o faʻaopoopoga e faʻaaogaina mo le saogalemu, tele galuega o loʻo misi. , o nisi taimi e tatau ona e faʻaopoopoina se mea. Mo se faʻataʻitaʻiga, faiga faʻaupuga - PostgreSQL e tele faʻaopoopoga eseese (1, 2, 3, 4, 5), o loʻo faʻatinoina faiga faʻaupuga, ae, i loʻu manatu, e leai se tasi oi latou e aofia uma ai manaʻoga o le vaega o pisinisi i totonu o le atunuʻu.

O le a le mea e fai pe a leai sau mea e te manaʻomia i soʻo se mea? Mo se faʻataʻitaʻiga, e te manaʻo e faʻaoga se DBMS faʻapitoa e leai ni galuega e manaʻomia e le tagata faʻatau.

Ona mafai lea ona e faʻaogaina fofo lona tolu e galulue i DBMS eseese, mo se faʻataʻitaʻiga, Crypto DB poʻo Garda DB. Afai tatou te talanoa e uiga i fofo mai le vaega o le lotoifale, ona latou iloa lelei lea e uiga i GOSTs nai lo le avanoa tatala.

O le filifiliga lona lua o le tusia lea o mea e te manaʻomia e oe lava, faʻaogaina faʻamatalaga faʻamatalaga ma faʻailoga i totonu o le talosaga ile tulaga faʻatulagaina. E moni, o le a sili atu ona faigata ile GOST. Ae i se tulaga lautele, e mafai ona e nanaina faʻamatalaga pe a manaʻomia, tuʻu i totonu o se DBMS, ona toe aumai lea ma faʻamalo pe a manaʻomia, saʻo i le tulaga talosaga. I le taimi lava e tasi, vave mafaufau pe faʻapefea ona e puipuia nei algorithms i le talosaga. I lo matou manatu, e tatau ona faia lenei mea i le tulaga DBMS, aua o le a sili atu ona galue.

O lenei lipoti na muamua tuuina atu i @Fa'amaumauga Fa'amaumauga e Mail.ru Cloud Solutions. Vaai видео isi faʻaaliga ma faʻasoa i faʻasalalauga faʻasalalauga i luga ole Telegram Si'osi'o Kubernetes ile Mail.ru Group.

O le a se isi mea e faitau i le autu:

  1. E sili atu nai lo Ceph: MCS cloud block storage.
  2. E fa'afefea ona filifili se fa'amaumauga mo se poloketi ina ia e le toe tau toe filifili.

puna: www.habr.com

Faaopoopo i ai se faamatalaga