Tue Nov 10 06:23:35 PST 2015
- Previous message: [Slony1-general] Network connection from slaves to the master
- Next message: [Slony1-general] Network connection from slaves to the master
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 10/11/2015 14:49, TOINEL, Ludovic wrote: > Is there a way to have subscribers with no direct SQL access to the provider ? > > The provider write the data on the subscribers directly. (Top-posting makes it really hard to follow discussions in a thread.) Your slon daemons need to run on a node that can see everyone. So, for instance, you can have them on node A which is provider for SET 1 and 2, but subscriber of SET 3 from node B. And you can't psql from NodeB to NodeA. Should work. (The provider logs modification on a log table, which is read by daemons. And propagated to other nodes.) > > -----Message d'origine----- > De : slony1-general-bounces at lists.slony.info [mailto:slony1-general-bounces at lists.slony.info] De la part de Stéphane Schildknecht > Envoyé : mardi 10 novembre 2015 14:45 > À : slony1-general at lists.slony.info > Objet : Re: [Slony1-general] Network connection from slaves to the master > > On 10/11/2015 14:03, TOINEL, Ludovic wrote: >> Thanks Andrew, >> >> We are not allowed to have network connection from the slaves to the master (for security constraints). > > You really should think about a VPN between nodes. It would simplify your architecture. > > But, in theory, subscriber nodes could be on a DMZ. They can be accessed by daemons, but you don't need them to access providers. > Your daemons would run on a node that can access every other node. > > > BTW, there are no real master and slaves in Slony. There are nodes, which can be subscribers (receiving modifications readonly), and providers (read/write). > And you can have a subscriber of a set that is provider of another. > > Only master can communicate with slaves. >> We need database on slaves with mix replicates tables and read/write tables. >> >> The solution could be maybe that solution using a slony master has an Hot standby of a master protected somewhere ? >> >> [slony slaves] <-----> [slony master - Standby node] <----(log >> shipping)--|firewall|-- [master protected somewhere] >> >> Do you think this solution can work with slony ? >> >> Regards, >> >> Ludovic Toinel >> >> -----Message d'origine----- >> De : slony1-general-bounces at lists.slony.info >> [mailto:slony1-general-bounces at lists.slony.info] De la part de Andrew >> Sullivan Envoyé : mardi 10 novembre 2015 12:26 À : >> slony1-general at lists.slony.info Objet : Re: [Slony1-general] Network >> connection from slaves to the master >> >> On Tue, Nov 10, 2015 at 09:51:29AM +0000, TOINEL, Ludovic wrote: >>> The network allows only flows from master to slaves. >>> >>> Is there any option that I missed to do that ? >> >> Not really. In principle you could do this with the log shipping mode, but I don't recall whether doing that on the master was not possible or just a really bad idea. (You could do this with the built-in standby mechanisms of Postgres, though. >> >> I do wonder why you have it set up this way, however. Why do you control the flows this way? >> >> A >> >> -- >> Andrew Sullivan >> ajs at crankycanuck.ca > > > -- > Stéphane Schildknecht > Contact régional PostgreSQL pour l'Europe francophone Loxodata - Conseil, expertise et formations > 06.17.11.37.42 > _______________________________________________ > Slony1-general mailing list > Slony1-general at lists.slony.info > http://lists.slony.info/mailman/listinfo/slony1-general > -- Stéphane Schildknecht Contact régional PostgreSQL pour l'Europe francophone Loxodata - Conseil, expertise et formations 06.17.11.37.42
- Previous message: [Slony1-general] Network connection from slaves to the master
- Next message: [Slony1-general] Network connection from slaves to the master
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Slony1-general mailing list