PostgreSQL - Features

Architecture

Supported versions

Currently supported versions of PostgreSQL are : 10, 11, 12, 13, 14, 15, 16.

Upgrade

To upgrade your PaaS PostgreSQL, please refer to this page: PostgreSQL - Upgrade

Topologies

cegedim.cloud supports two types of PostgreSQL deployments :

  • Single Instance mode is providing a standard PostgreSQL instance

  • High Availability is providing a multi-instances PostgreSQL instance, with improved resilience and scalability capabilities

Regions

PostgreSQL is available on both cegedim.cloud's data center :

  • EB4 (Boulogne-Billancourt, France)

  • ET1 (Labège, France)

In some cases, when a second node is deployed (High availability), a secondary close by data center can also be used to ensure maximum resiliency :

  • EB5 (Magny-les-Hameaux, France)

  • ET2 (Balma, France)

Resiliency

For High availability topology the PaaS is built to be DC resilient if it is possible.

Following , a sample of nodes placement:

High Availability Diagram

Features

This section is to list which feature / capabilities are available to customer, and how to request / perform them :

Self Service

Customer can perform action autonomously.

On Request

Customer can request for the action to be done to cegedim.cloud support team.

Feature
Self-service
On request
Comments

SSH access

SSH access is disabled and reserved to cegedim.cloud administrators.

Change configuration file

On request via ticket. Only possible if it doesn't affect monitoring and resilience.

Install extension

PostgreSQL extensions can now be installed in self service using ITCare provided your deployment is in version 15 or higher. Otherwise, request ticket still applies.

Extensions

It's possible to add functionality to PostgreSQL through so-called extensions. These extensions can add new types, additional functions for administrators and "classic" users alike, or even complete applications.

Some of these extensions are developed within the PostgreSQL project itself, so they keep pace with the evolution of the various PostgreSQL versions. You can find a list here. Others are developed by third-party companies and follow their own pace, like Timescaledb or Postgis, to name but the best-known.

Once the PostgreSQL PaaS has been provisioned, you can install some of these extensions through ITCare. Below is the list of extensions supported by PostgreSQL PaaS from version 15 onwards:

Please note that the installation of certain extensions may require a restart of PostgreSQL and therefore cause your PostgreSQL PaaS to be unavailable.

Security

Authentication

Customer is provided with a role whom he chooses the password.

The password of this user is not stored nor saved by cegedim.cloud. Please be sure to save it in your own vault.

Authorizations

The role provided to the customer has the following authorizations:

  • LOGIN

  • CREATEROLE

  • CREATEDB

So, the customer may create dedicated application role and databases.

Secured Transport

Secured transport is an option while provisioning and is available only from version 13 and above.

If secured transport is selected, TLS/SSL will be enabled for the PostgreSQL protocol and only a TLS connection from the clients will be accepted.

Data location

All datas are stored in cegedim.cloud data centers on encrypted storage arrays.

Passwords

This section list the password management :

Passwords
Stored by cegedim.cloud
Stored by Customer
Enforced
Hashing algorithm

dedicated customer account

SCRAM-SHA-256

ANY other account

SCRAM-SHA-256

cegedim.cloud account

SCRAM-SHA-256

monitoring account

SCRAM-SHA-256

Backup

If backup is enabled during provisioning (enabled by default for a Service of Production type), the following backup policies will apply :

PostgreSQL version 11 and lower
PostgreSQL version 12 and higher

Full dump every day retained for 14 days on Object Storage

  • Full backup once a week.

  • Differential backups in between.

  • Write-ahead (WAL) logs are archived.

Point-in-Time recovery is supported for 14 days on Object Storage

Monitoring

As part of our Managed Databases offer, PostgreSQL is specifically monitored on top of the underlying system to ensure service uptime and performances.

The following key PostgreSQL indicators are monitored and tracked :

  • Connections

  • Memory usage

  • Transaction id wrapparround

  • Health status

Last updated