Introducing Crunchy Data Warehouse: A next-generation Postgres-native data warehouse. Crunchy Data Warehouse Learn more

  • 9 min read

    Postgres and Crypto Supply Chain of Integrity

    Joe Conway

    Question: How do I get PostgreSQL to use FIPS 140-2 crypto ? The answer, to some extent, depends on how rigorously you need to be able to prove your answer. If the proof required is more than a casual check, the process is not well documented as far as I can tell. Therefore I will attempt to address that deficiency here. To be sure the crypto being used by PostgreSQL on a particular system is FIPS validated, you need to trace the chain of custody of the crypto software from the PostgreSQL backe...

    Read More
  • Cleaning Up Your Postgres Database

    Craig Kerstiens

    Last week I was on a call with someone giving an overview of Crunchy Bridge , our multi-cloud fully managed database as a service. During the call they asked about what was the best way to get a sense of how their database was doing, a health check if you will. I mentioned a few monitoring tools such as pganalyze and pgMonitor that were good options, but that we could also dig in live and see how things were. The person I was talking to was very similar to many of the customers we run dat...

    Read More
  • 6 min read

    Using GitOps to Self-Manage Postgres in Kubernetes

    Jonathan S. Katz

    " GitOps " is a term that I've been seeing come up more and more. The concept was first put forward by the team at Weaveworks as a way to consolidate thought around deploying applications. In essence: your deployment topology lives in your git repository. You can update your deployment information by adding a new commit. Likewise, if you need to revert your system's state, you can rollback to the commit that you want to represent your production environment. Any changes to your deployment topo...

    Read More
  • 4 min read

    Deploy TLS for PgBouncer in Kubernetes

    Jonathan S. Katz

    TLS allows for the secure transmission of data between systems and is also a requirement of many production environments . Part of setting up TLS is ensuring anything communicating over a network within your system also has TLS. If you are not encrypting traffic between all your endpoints, you open yourself up to snooping. An earlier post describes how to set up PostgreSQL clusters with TLS on Kubernetes using the Crunchy Data PostgreSQL Operator . This setup works well for creating encrypte...

    Read More
  • Deploy PostgreSQL With TLS in Kubernetes

    Jonathan S. Katz

    Ensuring data can be securely transmitted is a requirement of many production systems . PostgreSQL supports TLS as a means of encrypting network communication, verifying hosts, and allowing for certificate-based authentication . The TLS functionality of PostgreSQL is extendable into Kubernetes deployments. The Crunchy Data Postgres Operator has provided support for TLS since version 4.3, using Kubernetes Secrets for mounting the TLS components safely to each Pod. The PostgreSQL Operator does...

    Read More
  • 3 min read

    Production PostGIS Vector Tiles: Caching

    Paul Ramsey

    Building maps that use dynamic tiles from the database is a lot of fun: you get the freshest data, you don't have to think about generating a static tile set, and you can do it with very minimal middleware, using pg_tileserv . However, the day comes when it's time to move your application from development to production, what kinds of things should you be thinking about? Let's start with load . A public-facing site has potentially unconstrained load. PostGIS is fast at generating vector tiles.

    Read More
  • Postgres: The Friendly Relational Member of Your Data Management Toolbox

    Paul Laurence

    While every year feels like the year of Postgres these days, 2012 did not. For most observers, 2012 was the year of "Big Data" as NoSQL technologies like Hadoop and MongoDB were demonstrating powerful new data management use cases. At the same time, Crunchy Data was still just an idea and was beginning to engage with various consumers of database technology on how this wave of new open source tools were impacting their data strategy. During these early discussions - and many since - we heard h...

    Read More
  • 8 min read

    R Predictive Analytics in Data Science Work using PostgreSQL

    Steve Pousty

    Greetings friends! We have come to our final blog post in my series about the data science workflow using PostgreSQL. In the last blog post , we used PL/R to create a function which returns the output from a logistic regression model trained on our fire data. We then took that model object and stored it into a separate table. Today we are going to finish up by showing how to use that stored model to make predictions on new data. By the way, I did all of the Postgres work for the entire blog s...

    Read More
  • 3 min read

    Announcing the Crunchy Data PostgreSQL Security Technical Implementation Guide

    Douglas Hunley

    Crunchy Data is pleased to announce the publication of the Crunchy Data PostgreSQL Security Technical Implementation Guide ( STIG ) by the United States Defense Information Systems Agency ( DISA ). Crunchy Data collaborated with DISA to make PostgreSQL the first open source database to provide a published STIG in 2017, and this new STIG reflects Crunchy Data's ongoing collaboration with DISA to provide enhanced security guidance as PostgreSQL continues to advance and evolve. While the ST...

    Read More
  • 3 min read

    Crunchy Data PostgreSQL Security Technical Implementation Guide Now Available

    Crunchy Data

    This new guide is the result of ongoing collaboration with DISA and provides security guidance for PostgreSQL 9.6 through 12 Charleston, S.C. (January 6, 2021) - Crunchy Data — the leading provider of trusted open source PostgreSQL — is pleased to announce the release of the Crunchy Data PostgreSQL Security Technical Implementation Guide ( STIG ) by the United States Defense Information Systems Agency ( DISA ). In 2017, Crunchy Data collaborated with DISA to publish the initial version...

    Read More