Reliable Infrastructure

Towering peaks, bedrock solid, standing firm at any summit!

High-Availability: Reliable PostgreSQL RDS

Pigsty delivers PG HA solutions which follows the industry best practice

Adjustable RTO and RPO, balancing trade-offs for specific scenarios.

  • Primary failover metrics: RTO ≈ 30 seconds (adjustable)
  • async commit mode: RPO < 1MB, crit mode: RPO = 0 (adjustable)
  • Replica failure / switchover: RTO ≈ 0 seconds
High Availability Architecture

Self-Healing: Adaptive service failover

Self-healing arch with transparent topology, multi-writer experience

Flexible service access, automatically traffic routing, DevOps sleep well

  • Industry HA best practices: Patroni, Etcd, HAProxy, VIP Manager
  • 4 default services: primary, replica, offline, default, with read-write splitting
  • Route Read/Write traffic based on health checks, without human intervention
  • Flexible access methods: IP, Connection Pools, L2 VIP, L4 LB, SD, etc.
ServicePortDescription
primary5433Production read-write, connects to primary connection pool
replica5434Production read-only, connects to replica connection pool
default5436Administration, ETL writes, direct access to primary
offline5438OLAP, ETL, individual users, interactive queries

PITR Protection: Pre-configured Backup & Archives

Pre-configures physical backups and enables WAL archiving by default

Local fs or remote S3/MinIO, mature disaster recovery solutions on demand

  • Industry backup best practices: pgBackRest + MinIO / Local Disk / S3
  • Protection against software defects and human errors (Accidental deletion)
  • One-command backup and restore, flexible backup strategies with crontab
  • In-place concurrent incremental PITR, fast recovery with quick retry options
# restore by time
./pgsql-pitr.yml -e '{"pg_pitr": {"time":"2025-07-13 10:00:00+00"}}'

# restore by named point
./pgsql-pitr.yml -e '{"pg_pitr":{"name":"named_restore_point"}}'

# restore by xid
./pgsql-pitr.yml -e '{"pg_pitr":{"xid":"250000",exclusive: true}}'

# restore by lsn
./pgsql-pitr.yml -e '{"pg_pitr":{"lsn":"0/4001C80",timeline: "1"}}'

Infra Closure: No external dependencies

A complete infra closure for PostgreSQL RDS, requiring no external deps.

Local repo snapshoting all packages - run locally until the end of time.

  • Observability infrastructure: Prometheus / Grafana
  • Load balancing and reverse proxy: Nginx / HAProxy
  • Configuration and object storage: Etcd / MinIO
  • Critical services DNS and NTP: DNSMasq / Chronyd
Infrastructure Closure

Access Control: Built-in best-practice model

Default ACL with read/write/admin/analytics/monitoring/DBA separation

Secure enough and ready for using without any further configuration

  • Default roles: readonly / readwrite / admin / offline
  • Default users: DBSU / DBA / replication / monitoring
  • Default HBA rule sets with simple configuration options
  • Managed pgbouncer db/user credentials, sync with postgres
Role NameDescription
dbrole_readonlyRole: Global read-only access
dbrole_readwriteRole: Global read-write access
dbrole_adminRole: Admin/object creation
dbrole_offlineRole: Limited read-only access
postgresSystem superuser
replicatorSystem replication user
dbuser_dbaPostgreSQL admin user
dbuser_monitorPostgreSQL monitoring user

Confidentiality: Guaranteed data security

Self-signed CA, SSL encryption, password for backups and endpoints

As long as your passwords & key are secure, your data remains safe.

  • Local CA-issued certificates with SSL/TLS enabled globally by default
  • SCRAM-SHA-256 verification, AES-encrypted backup data
  • Precise allow/deny list default policies to prevent unauthorized access
  • All externally exposed web services are uniformly managed through Nginx
Data Security

Data Integrity: Thorough verification

Data checksums for silent corruption. Replicas and delayed standby instances.

Audit extensions and centralized logging, with transparency and efficiency.

  • CRIT configuration template: optimized for data integrity
  • Data checksums enabled to prevent silent data corruption
  • WatchDog: STONITH to prevent cluster split-brain
  • Audit Log: centrally collected, tamper-proof
Data Integrity

Battle-Tested: Availability Results

Running robustly in many large organizations, maintain 99.999%+ availability.

Ultimate business continuity: rolling upgrades, switchovers, and online migrations

  • No single points of failure: Redundant HA designs for all critical components
  • Zero-downtime migration based on logical replication blue-green deployment
  • Emergency plans: standard SOPs for various failure scenarios
  • Benchmark case: 25,000 vCPU x six years x 99.999% availability
Tantan Logo

Production Case

PG Clusters

100+

CPU Cores

25,000

Deduplicated Data

200TB

Overall Availability

> 99.999%

Stable operation in production for 6 years, overall availability ≥ 99.999%

Extensible Postgres
AnalyticsAI Ready
GeospatialTime Series
Text SearchLanguages
Foreign DataFeatured
Reliable Infrastructure
High AvailabilitySelf-Healing
PITR ProtectionSelf-Sufficient
Access ControlConfidentiality
Data IntegrityBattle-Tested
Observable Graphics
Monitoring InfraData-Driven Design
SOTA ExperienceUniversal Monitoring
Automatic AlertsPerformance Tuning
Logging AnalysisCustom Dashboards
Scalable Services
Blazing PerformanceR/W Separation
Connection PoolingLoad Balancing
Horizontal ScalingDisk Expansion
Mass DeploymentCloud Elasticity
Maintainable Toolbox
Infra as CodeSimple & Easy
Bare LinuxOffline Install
Admin SOPNo Downtime
Rich ParametersProvisioning
Composable Modules
Modular DesignApp Templates
Core ModulesExtra Modules
Kernel ModulesOLAP Modules
Pilot ModulesFlavor Modules
Controllable FOSS
Software FreedomLocal-First OSS
No Vendor Lock-InFree Extension
Data OwnershipFriendly License
Compliance ReadyExpert Support
Affordable Solution
No License FeeDo Less, Save More
DBA EfficiencySimple Archtecture
Enable Cloud-ExitCommunity Support
Expert ConsultingCommerical Support
Pigsty LogoPIGSTY

PostgreSQL In Great STYle

Copyright © 2020-2025
Ruohang Feng (Vonng)
All rights reserved

PIGSTY