If you’ve been following along with our Builders podcasts, you know that in every episode I interview one distinguished guest. This episode #3 is particularly interesting, because our guest is Gianni Ciolli, EDB VP and Field CTO, and we touch on everything from EDB's Trusted Postgres Architect solution to Galileo’s scientific method.
Listen to the full podcast here.
Here’s a recap of the discussion:
From founding the Linux User Group with colleagues in Prato, Italy, to writing the PostgreSQL 16 Administration Cookbook, Gianni has focused on open source and high availability throughout his career. One tool he’s worked on that he finds particularly valuable is EDB’s Trusted Postgres Architect (TPA) solution, a powerful open source tool which simplifies and automates the deployment of trusted high availability Postgres architectures.
Why use Trusted Postgres Architect (TPA)?
If you want to work on high availability, you need the ability to set up five or ten different Postgres, possibly on different IP addresses with a network between them. Sometimes this has to be done on the cloud, and sometimes on a laptop. But the bureaucracy will overwhelm you unless you have some sort of automation, which TPA provides. It enables you to build up Postgres clusters in a bare metal platform, in the cloud, and basically anywhere you want. It’s highly customizable – you can use the suggested configuration or add your own.
“I think [TPA is] really important because it's an open source tool that everybody can use. So it can actually be used as a foundation for any activity, in the sense that it's not limited to customers or to people with a certain subscription or with a certain contract,” says Gianni.
You don’t have to worry about integration testing, because TPA makes it easy. You can use it to bring up a cluster and demonstrate failovers, upgrades, switchovers and more.
If you’re interested in trying TPA, it’s available here.
Extending the value of Postgres with extensions
In our discussion, we also talked about how helpful these extensions are:
Bi-Directional Replication (BDR) – This extension can transform Postgres database into a node in an active-active cluster, without having to change the way it works. The extension can be created with a single command. While you can modify the Postgres code to add additional features, the BDR extension provides a complete, robust and reliable active-active replication system.
“I find it amazing that the extension system is so powerful that just an extension can enable active-active replication,” Gianni notes.
PostGIS – This extension enabled Postgres to change the game in geography and other areas and brought a lot of extra attention to, and investment in, Postgres. Gianni envisions the same thing will probably happen with pgvector.
After discussing extensions with other thought leaders in previous Builders podcast episodes, it becomes apparent how extensions enable Postgres to do virtually anything. Having a robust and reliable open source database powers endless innovation, and that’s why people who need to store data are better off going with Postgres than with something else.
Getting involved in the Postgres community
Gianni emphasizes that the community is the reason that Postgres exists. Well tested rules and practices allow effective cooperation between people that don’t have the same boss, and enable developers to contribute to annual releases, bug fixes and more.
Gianni says it doesn’t matter how you are paid while you contribute to Postgres. You are part of a community because you contribute to Postgres. If you do your work well, and you pay attention to the feedback of other people, your chances of getting your patch committed grow tremendously.
How can new developers get started with Postgres development?
For those interested in developing for Postgres, here are a few ways to start:
- Review patches from other people instead of writing code. “Contributing to Postgres doesn't only mean creating lines of code,” Gianni says. “It also means reviewing the lines of code created by somebody else, running conferences, writing books, talking at conferences, and putting in your time and effort to actually attend them. It means organizing local events and helping other people bridge the gap between themselves and Postgres.”
- Use Postgres instead of another solution at work. “Don’t use Postgres because you have to use Postgres, but because it’s the best solution when you need that kind of functionality,” Gianni says.
- Use the software first, before modifying. Instead of writing the code, think about how that particular feature should work. Gianni compared this to writing the documentation or the manual first, and then writing the software to match the manual that you’ve designed.
- Don’t make your contribution too big, but focus on an area that you have expertise with, whether that’s geography, AI, geometry or something else. This way, you’ll be able to contribute even if you don’t know the entire source code of Postgres. And if you’re working on functionality that’s needed for your paid job, that’s a bonus.
- If you’re new to IT, investing your time learning Postgres can really pay off, and you can successfully build on that knowledge.
Maximizing Postgres performance and scalability
In order to maximize performance, Gianni suggests learning how Postgres uses the memory and the disk, the shared buffers, the WAL and everything else, so you can use certain extensions like pg_buffercache that allow you to visualize in a view the content of the shared buffers and adopt the scientific approach.
Gianni brings up Galileo Galilei as one of the best mentors for learning how to work with Postgres. Galileo provides a theory, then creates an experiment to prove or disprove it. You can create your own theory, and if your experiment doesn’t confirm it, you can adjust your theory.
Addressing top security considerations when working with Postgres
While it’s difficult for anyone to claim they’re 100% secure, there are certain best practices to increase security. The principle of least privilege (PoLP) is one of these practices, where users are granted the minimum level of access to the data or resources needed to complete their tasks.
In the past, you needed to be a ‘super user” – a user with special privileges, but that’s rarely the case now. The film The Boss of It All from Lars von Trier illustrates this point, where a company without a boss hires an actor to play that role. There was no super user in this company, and it’s essentially the same in our industry.
The super user today is the person that installs the software on the first day and then assigns specific privileges to others. With every new release of Postgres, you’ll see a role called PG_*, and each stands for the specific privilege needed to do that particular action – and nothing more.
Thoughts on the future of Postgres
Gianni envisions Postgres will keep growing like Linux until it becomes the standard database. Among its other benefits, Postgres is easy to work with, and developers know how it works, because they can look at the source code. So when users need to do something different, they don’t need to use another database. Instead, they can extend Postgres to cover the new use case – unless Postgres already has the functionality to do that job. Which is usually the case.