PostgreSQL - Features
Architecture
Supported versions
Currently supported versions of PostgreSQL are : 10, 11, 12, 13, 14, 15, 16.
Upgrade
To upgrade your PaaS PostgreSQL, please refer to this page: PostgreSQL - Upgrade
Topologies
cegedim.cloud supports two types of PostgreSQL deployments :
Single Instance mode is providing a standard PostgreSQL instance
High Availability is providing a multi-instances PostgreSQL instance, with improved resilience and scalability capabilities
Regions
PostgreSQL is available on both cegedim.cloud's data center :
EB4 (Boulogne-Billancourt, France)
ET1 (Labège, France)
In some cases, when a second node is deployed (High availability), a secondary close by data center can also be used to ensure maximum resiliency :
EB5 (Magny-les-Hameaux, France)
ET2 (Balma, France)
Resiliency
For High availability topology the PaaS is built to be DC resilient if it is possible.
Following , a sample of nodes placement:
High Availability Diagram
Features
This section is to list which feature / capabilities are available to customer, and how to request / perform them :
Self Service
Customer can perform action autonomously.
On Request
Customer can request for the action to be done to cegedim.cloud support team.
SSH access
SSH access is disabled and reserved to cegedim.cloud administrators.
Change configuration file
On request via ticket. Only possible if it doesn't affect monitoring and resilience.
Install extension
PostgreSQL extensions can now be installed in self service using ITCare provided your deployment is in version 15 or higher. Otherwise, request ticket still applies.
Extensions
It's possible to add functionality to PostgreSQL through so-called extensions. These extensions can add new types, additional functions for administrators and "classic" users alike, or even complete applications.
Some of these extensions are developed within the PostgreSQL project itself, so they keep pace with the evolution of the various PostgreSQL versions. You can find a list here. Others are developed by third-party companies and follow their own pace, like Timescaledb or Postgis, to name but the best-known.
Once the PostgreSQL PaaS has been provisioned, you can install some of these extensions through ITCare. Below is the list of extensions supported by PostgreSQL PaaS from version 15 onwards:
Please note that the installation of certain extensions may require a restart of PostgreSQL and therefore cause your PostgreSQL PaaS to be unavailable.
Security
Authentication
Customer is provided with a role whom he chooses the password.
The password of this user is not stored nor saved by cegedim.cloud. Please be sure to save it in your own vault.
Authorizations
The role provided to the customer has the following authorizations:
LOGIN
CREATEROLE
CREATEDB
So, the customer may create dedicated application role and databases.
Secured Transport
Secured transport is an option while provisioning and is available only from version 13 and above.
If secured transport is selected, TLS/SSL will be enabled for the PostgreSQL protocol and only a TLS connection from the clients will be accepted.
Data location
All datas are stored in cegedim.cloud data centers on encrypted storage arrays.
Passwords
This section list the password management :
dedicated customer account
SCRAM-SHA-256
ANY other account
SCRAM-SHA-256
cegedim.cloud account
SCRAM-SHA-256
monitoring account
SCRAM-SHA-256
Backup
If backup is enabled during provisioning (enabled by default for a Service of Production type), the following backup policies will apply :
Full dump every day retained for 14 days on Object Storage
Full backup once a week.
Differential backups in between.
Write-ahead (WAL) logs are archived.
Point-in-Time recovery is supported for 14 days on Object Storage
Monitoring
As part of our Managed Databases offer, PostgreSQL is specifically monitored on top of the underlying system to ensure service uptime and performances.
The following key PostgreSQL indicators are monitored and tracked :
Connections
Memory usage
Transaction id wrapparround
Health status
Last updated
