Our great sponsors
-
neon
Neon: Serverless Postgres. We separated storage and compute to offer autoscaling, branching, and bottomless storage.
-
kviklet
A tool to provide engineers with secure access to production databases without impairing productivity.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Gravitational Teleport
The easiest, and most secure way to access and protect all of your infrastructure.
-
dbchaos
Stress-test your database with pre-defined queries. Generate synthetic data and events statically or with GPT.
Cool! At Neon[0], I work full time on our custom postgres proxy[1]. It's a very nice protocol to work with, although our usecase is quite a bit more complex compared to the ideas presented in the post.
Neon databases scale to zero, so the proxy needs to spin up databases on the fly. The proxy doesn't do that but it knows if the databases is running and asks our control plane to schedule it if it isn't. It's a fun service to maintain.
The biggest pain is error handling. Postgres is really bad for error messages and codes. The only available code we can use is usually protocol violation...
[0]: https://neon.tech/
I built a postgres proxy for https://github.com/kviklet/kviklet. And documented how I did this because I found the byte level parsing quite interesting compared to the usual higher level REST API calls that most of my dev work consists of these days. Thought it might interest some of you as well!
I ordinarily would have said you reinvented Teleport <https://github.com/gravitational/teleport/tree/v14.3.7#readm...> but now that they've gone AGPL with v15 I'm guessing there's a market for MIT licensed stuff, although for sure since Teleport has been around for so long it has encountered more edge cases and undergone more security reviews. I was surprised while digging up the link that Gravatational is still releasing v13 and v14 updates under Apache 2, so maybe even Teleport will continue to have legs for those who cannot deploy AGPL stuff
I have seen organization solve that via database activity monitoring. At adaptive (https://adaptive.live) we solve this problem along with database access and other related problem statements.